actionview 5.2.8.1 → 6.0.0.beta1

data/lib/action_view/renderer/partial_renderer/collection_caching.rb

@@ -14,15 +14,35 @@ module ActionView
       def cache_collection_render(instrumentation_payload)
         return yield unless @options[:cached]
 
+        # Result is a hash with the key represents the
+        # key used for cache lookup and the value is the item
+        # on which the partial is being rendered
         keyed_collection = collection_by_cache_keys
+
+        # Pull all partials from cache
+        # Result is a hash, key matches the entry in
+        # `keyed_collection` where the cache was retrieved and the
+        # value is the value that was present in the cache
         cached_partials  = collection_cache.read_multi(*keyed_collection.keys)
         instrumentation_payload[:cache_hits] = cached_partials.size
 
+        # Extract the items for the keys that are not found
+        # Set the uncached values to instance variable @collection
+        # which is used by the caller
         @collection = keyed_collection.reject { |key, _| cached_partials.key?(key) }.values
+
+        # If all elements are already in cache then
+        # rendered partials will be an empty array
+        #
+        # If the cache is missing elements then
+        # the block will be called against the remaining items
+        # in the @collection.
         rendered_partials = @collection.empty? ? [] : yield
 
         index = 0
         fetch_or_cache_partial(cached_partials, order_by: keyed_collection.each_key) do
+          # This block is called once
+          # for every cache miss while preserving order.
           rendered_partials[index].tap { index += 1 }
         end
       end
@@ -40,10 +60,29 @@ module ActionView
       end
 
       def expanded_cache_key(key)
-        key = @view.combined_fragment_cache_key(@view.cache_fragment_name(key, virtual_path: @template.virtual_path))
+        key = @view.combined_fragment_cache_key(@view.cache_fragment_name(key, virtual_path: @template.virtual_path, digest_path: digest_path))
         key.frozen? ? key.dup : key # #read_multi & #write may require mutability, Dalli 2.6.0.
       end
 
+      def digest_path
+        @digest_path ||= @view.digest_path_from_virtual(@template.virtual_path)
+      end
+
+      # `order_by` is an enumerable object containing keys of the cache,
+      # all keys are  passed in whether found already or not.
+      #
+      # `cached_partials` is a hash. If the value exists
+      # it represents the rendered partial from the cache
+      # otherwise `Hash#fetch` will take the value of its block.
+      #
+      # This method expects a block that will return the rendered
+      # partial. An example is to render all results
+      # for each element that was not found in the cache and store it as an array.
+      # Order it so that the first empty cache element in `cached_partials`
+      # corresponds to the first element in `rendered_partials`.
+      #
+      # If the partial is not already cached it will also be
+      # written back to the underlying cache store.
       def fetch_or_cache_partial(cached_partials, order_by:)
         order_by.map do |cache_key|
           cached_partials.fetch(cache_key) do

data/lib/action_view/renderer/partial_renderer.rb

@@ -363,7 +363,7 @@ module ActionView
         @options = options
         @block   = block
 
-        @locals  = options[:locals] || {}
+        @locals  = options[:locals] ? options[:locals].symbolize_keys : {}
         @details = extract_details(options)
 
         prepend_formats(options[:formats])
@@ -523,7 +523,7 @@ module ActionView
 
       def retrieve_variable(path, as)
         variable = as || begin
-          base = path[-1] == "/".freeze ? "".freeze : File.basename(path)
+          base = path[-1] == "/" ? "" : File.basename(path)
           raise_invalid_identifier(path) unless base =~ /\A_?(.*?)(?:\.\w+)*\z/
           $1.to_sym
         end

data/lib/action_view/renderer/streaming_template_renderer.rb

@@ -33,7 +33,7 @@ module ActionView
           logger = ActionView::Base.logger
           return unless logger
 
-          message = "\n#{exception.class} (#{exception.message}):\n".dup
+          message = +"\n#{exception.class} (#{exception.message}):\n"
           message << exception.annoted_source_code.to_s if exception.respond_to?(:annoted_source_code)
           message << "  " << exception.backtrace.join("\n  ")
           logger.fatal("#{message}\n\n")

data/lib/action_view/rendering.rb

@@ -64,10 +64,11 @@ module ActionView
     # An instance of a view class. The default view class is ActionView::Base.
     #
     # The view class must have the following methods:
-    # View.new[lookup_context, assigns, controller]
-    #   Create a new ActionView instance for a controller and we can also pass the arguments.
-    # View#render(option)
-    #   Returns String with the rendered template
+    #
+    # * <tt>View.new(lookup_context, assigns, controller)</tt> — Create a new
+    #   ActionView instance for a controller and we can also pass the arguments.
+    #
+    # * <tt>View#render(option)</tt> — Returns String with the rendered template.
     #
     # Override this method in a module to change the default behavior.
     def view_context

data/lib/action_view/routing_url_for.rb

@@ -84,25 +84,24 @@ module ActionView
         super(only_path: _generate_paths_by_default)
       when Hash
         options = options.symbolize_keys
-        unless options.key?(:only_path)
-          options[:only_path] = only_path?(options[:host])
-        end
+        ensure_only_path_option(options)
 
         super(options)
       when ActionController::Parameters
-        unless options.key?(:only_path)
-          options[:only_path] = only_path?(options[:host])
-        end
+        ensure_only_path_option(options)
 
         super(options)
       when :back
         _back_url
       when Array
         components = options.dup
-        if _generate_paths_by_default
-          polymorphic_path(components, components.extract_options!)
+        options = components.extract_options!
+        ensure_only_path_option(options)
+
+        if options[:only_path]
+          polymorphic_path(components, options)
         else
-          polymorphic_url(components, components.extract_options!)
+          polymorphic_url(components, options)
         end
       else
         method = _generate_paths_by_default ? :path : :url
@@ -138,8 +137,10 @@ module ActionView
         true
       end
 
-      def only_path?(host)
-        _generate_paths_by_default unless host
+      def ensure_only_path_option(options)
+        unless options.key?(:only_path)
+          options[:only_path] = _generate_paths_by_default unless options[:host]
+        end
       end
   end
 end

data/lib/action_view/template/handlers/erb.rb

@@ -14,7 +14,17 @@ module ActionView
         class_attribute :erb_implementation, default: Erubi
 
         # Do not escape templates of these mime types.
-        class_attribute :escape_whitelist, default: ["text/plain"]
+        class_attribute :escape_ignore_list, default: ["text/plain"]
+
+        [self, singleton_class].each do |base|
+          base.alias_method :escape_whitelist, :escape_ignore_list
+          base.alias_method :escape_whitelist=, :escape_ignore_list=
+
+          base.deprecate(
+            escape_whitelist: "use #escape_ignore_list instead",
+            :escape_whitelist= => "use #escape_ignore_list= instead"
+          )
+        end
 
         ENCODING_TAG = Regexp.new("\\A(<%#{ENCODING_FLAG}-?%>)[ \\t]*")
 
@@ -47,7 +57,7 @@ module ActionView
 
           self.class.erb_implementation.new(
             erb,
-            escape: (self.class.escape_whitelist.include? template.type),
+            escape: (self.class.escape_ignore_list.include? template.type),
             trim: (self.class.erb_trim_mode == "-")
           ).src
         end

data/lib/action_view/template/resolver.rb

@@ -16,7 +16,7 @@ module ActionView
       alias_method :partial?, :partial
 
       def self.build(name, prefix, partial)
-        virtual = "".dup
+        virtual = +""
         virtual << "#{prefix}/" unless prefix.empty?
         virtual << (partial ? "_#{name}" : name)
         new name, prefix, partial, virtual
@@ -221,9 +221,7 @@ module ActionView
       end
 
       def query(path, details, formats, outside_app_allowed)
-        query = build_query(path, details)
-
-        template_paths = find_template_paths(query)
+        template_paths = find_template_paths_from_details(path, details)
         template_paths = reject_files_external_to_app(template_paths) unless outside_app_allowed
 
         template_paths.map do |template|
@@ -243,6 +241,11 @@ module ActionView
         files.reject { |filename| !inside_path?(@path, filename) }
       end
 
+      def find_template_paths_from_details(path, details)
+        query = build_query(path, details)
+        find_template_paths(query)
+      end
+
       def find_template_paths(query)
         Dir[query].uniq.reject do |filename|
           File.directory?(filename) ||
@@ -279,7 +282,7 @@ module ActionView
       end
 
       def escape_entry(entry)
-        entry.gsub(/[*?{}\[\]]/, '\\\\\\&'.freeze)
+        entry.gsub(/[*?{}\[\]]/, '\\\\\\&')
       end
 
       # Returns the file mtime from the filesystem.
@@ -291,7 +294,7 @@ module ActionView
       # from the path, or the handler, we should return the array of formats given
       # to the resolver.
       def extract_handler_and_format_and_variant(path)
-        pieces = File.basename(path).split(".".freeze)
+        pieces = File.basename(path).split(".")
         pieces.shift
 
         extension = pieces.pop
@@ -362,19 +365,56 @@ module ActionView
 
   # An Optimized resolver for Rails' most common case.
   class OptimizedFileSystemResolver < FileSystemResolver #:nodoc:
-    def build_query(path, details)
-      query = escape_entry(File.join(@path, path))
+    private
 
-      exts = EXTENSIONS.map do |ext, prefix|
-        if ext == :variants && details[ext] == :any
-          "{#{prefix}*,}"
-        else
-          "{#{details[ext].compact.uniq.map { |e| "#{prefix}#{e}," }.join}}"
+      def find_template_paths_from_details(path, details)
+        # Instead of checking for every possible path, as our other globs would
+        # do, scan the directory for files with the right prefix.
+        query = "#{escape_entry(File.join(@path, path))}*"
+
+        regex = build_regex(path, details)
+
+        Dir[query].uniq.reject do |filename|
+          # This regex match does double duty of finding only files which match
+          # details (instead of just matching the prefix) and also filtering for
+          # case-insensitive file systems.
+          !regex.match?(filename) ||
+            File.directory?(filename)
+        end.sort_by do |filename|
+          # Because we scanned the directory, instead of checking for files
+          # one-by-one, they will be returned in an arbitrary order.
+          # We can use the matches found by the regex and sort by their index in
+          # details.
+          match = filename.match(regex)
+          EXTENSIONS.keys.reverse.map do |ext|
+            if ext == :variants && details[ext] == :any
+              match[ext].nil? ? 0 : 1
+            elsif match[ext].nil?
+              # No match should be last
+              details[ext].length
+            else
+              found = match[ext].to_sym
+              details[ext].index(found)
+            end
+          end
         end
-      end.join
+      end
 
-      query + exts
-    end
+      def build_regex(path, details)
+        query = escape_entry(File.join(@path, path))
+        exts = EXTENSIONS.map do |ext, prefix|
+          match =
+            if ext == :variants && details[ext] == :any
+              ".*?"
+            else
+              details[ext].compact.uniq.map { |e| Regexp.escape(e) }.join("|")
+            end
+          prefix = Regexp.escape(prefix)
+          "(#{prefix}(?<#{ext}>#{match}))?"
+        end.join
+
+        %r{\A#{query}#{exts}\z}
+      end
   end
 
   # The same as FileSystemResolver but does not allow templates to store

data/lib/action_view/template.rb

@@ -9,6 +9,8 @@ module ActionView
   class Template
     extend ActiveSupport::Autoload
 
+    mattr_accessor :finalize_compiled_template_methods, default: true
+
     # === Encodings in ActionView::Template
     #
     # ActionView::Template is one of a few sources of potential
@@ -186,7 +188,7 @@ module ActionView
     end
 
     def inspect
-      @inspect ||= defined?(Rails.root) ? identifier.sub("#{Rails.root}/", "".freeze) : identifier
+      @inspect ||= defined?(Rails.root) ? identifier.sub("#{Rails.root}/", "") : identifier
     end
 
     # This method is responsible for properly setting the encoding of the
@@ -233,6 +235,19 @@ module ActionView
       end
     end
 
+
+    # Exceptions are marshalled when using the parallel test runner with DRb, so we need
+    # to ensure that references to the template object can be marshalled as well. This means forgoing
+    # the marshalling of the compiler mutex and instantiating that again on unmarshalling.
+    def marshal_dump # :nodoc:
+      [ @source, @identifier, @handler, @compiled, @original_encoding, @locals, @virtual_path, @updated_at, @formats, @variants ]
+    end
+
+    def marshal_load(array) # :nodoc:
+      @source, @identifier, @handler, @compiled, @original_encoding, @locals, @virtual_path, @updated_at, @formats, @variants = *array
+      @compile_mutex = Mutex.new
+    end
+
     private
 
       # Compile a template. This method ensures a template is compiled
@@ -284,7 +299,7 @@ module ActionView
 
         # Make sure that the resulting String to be eval'd is in the
         # encoding of the code
-        source = <<-end_src.dup
+        source = +<<-end_src
           def #{method_name}(local_assigns, output_buffer)
             _old_virtual_path, @virtual_path = @virtual_path, #{@virtual_path.inspect};_old_output_buffer = @output_buffer;#{locals_code};#{code}
           ensure
@@ -307,7 +322,9 @@ module ActionView
         end
 
         mod.module_eval(source, identifier, 0)
-        ObjectSpace.define_finalizer(self, Finalizer[method_name, mod])
+        if finalize_compiled_template_methods
+          ObjectSpace.define_finalizer(self, Finalizer[method_name, mod])
+        end
       end
 
       def handle_render_error(view, e)
@@ -331,19 +348,19 @@ module ActionView
         locals = locals.grep(/\A@?(?![A-Z0-9])(?:[[:alnum:]_]|[^\0-\177])+\z/)
 
         # Assign for the same variable is to suppress unused variable warning
-        locals.each_with_object("".dup) { |key, code| code << "#{key} = local_assigns[:#{key}]; #{key} = #{key};" }
+        locals.each_with_object(+"") { |key, code| code << "#{key} = local_assigns[:#{key}]; #{key} = #{key};" }
       end
 
       def method_name
         @method_name ||= begin
-          m = "_#{identifier_method_name}__#{@identifier.hash}_#{__id__}".dup
-          m.tr!("-".freeze, "_".freeze)
+          m = +"_#{identifier_method_name}__#{@identifier.hash}_#{__id__}"
+          m.tr!("-", "_")
           m
         end
       end
 
       def identifier_method_name
-        inspect.tr("^a-z_".freeze, "_".freeze)
+        inspect.tr("^a-z_", "_")
       end
 
       def instrument(action, &block) # :doc:
@@ -351,7 +368,7 @@ module ActionView
       end
 
       def instrument_render_template(&block)
-        ActiveSupport::Notifications.instrument("!render_template.action_view".freeze, instrument_payload, &block)
+        ActiveSupport::Notifications.instrument("!render_template.action_view", instrument_payload, &block)
       end
 
       def instrument_payload

data/lib/action_view/test_case.rb

@@ -107,7 +107,7 @@ module ActionView
         # empty string ensures buffer has UTF-8 encoding as
         # new without arguments returns ASCII-8BIT encoded buffer like String#new
         @output_buffer = ActiveSupport::SafeBuffer.new ""
-        @rendered = "".dup
+        @rendered = +""
 
         make_test_case_available_to_view!
         say_no_to_protect_against_forgery!

data/lib/action_view/testing/resolvers.rb

@@ -22,7 +22,7 @@ module ActionView #:nodoc:
     private
 
       def query(path, exts, _, _)
-        query = "".dup
+        query = +""
         EXTENSIONS.each_key do |ext|
           query << "(" << exts[ext].map { |e| e && Regexp.escape(".#{e}") }.join("|") << "|)"
         end

data/lib/action_view.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 #--
-# Copyright (c) 2004-2018 David Heinemeier Hansson
+# Copyright (c) 2004-2019 David Heinemeier Hansson
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the

data/lib/assets/compiled/rails-ujs.js

@@ -2,7 +2,7 @@
 Unobtrusive JavaScript
 https://github.com/rails/rails/blob/master/actionview/app/assets/javascripts
 Released under the MIT license
- */;
+ */
 
 (function() {
   var context = this;
@@ -32,17 +32,12 @@ Released under the MIT license
 
   (function() {
     (function() {
-      var nonce;
+      var cspNonce;
 
-      nonce = null;
-
-      Rails.loadCSPNonce = function() {
-        var ref;
-        return nonce = (ref = document.querySelector("meta[name=csp-nonce]")) != null ? ref.content : void 0;
-      };
-
-      Rails.cspNonce = function() {
-        return nonce != null ? nonce : Rails.loadCSPNonce();
+      cspNonce = Rails.cspNonce = function() {
+        var meta;
+        meta = document.querySelector('meta[name=csp-nonce]');
+        return meta && meta.content;
       };
 
     }).call(this);
@@ -247,8 +242,8 @@ Released under the MIT license
         }
         if (!options.crossDomain) {
           xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
-          CSRFProtection(xhr);
         }
+        CSRFProtection(xhr);
         xhr.withCredentials = !!options.withCredentials;
         xhr.onreadystatechange = function() {
           if (xhr.readyState === XMLHttpRequest.DONE) {
@@ -270,7 +265,7 @@ Released under the MIT license
             script.setAttribute('nonce', cspNonce());
             script.text = response;
             document.head.appendChild(script).parentNode.removeChild(script);
-          } else if (type.match(/\b(xml|html|svg)\b/)) {
+          } else if (type.match(/\bxml\b/)) {
             parser = new DOMParser();
             type = type.replace(/;.+/, '');
             try {
@@ -370,6 +365,10 @@ Released under the MIT license
         }
       };
 
+      Rails.confirm = function(message, element) {
+        return confirm(message);
+      };
+
       allowAction = function(element) {
         var answer, callback, message;
         message = element.getAttribute('data-confirm');
@@ -379,7 +378,7 @@ Released under the MIT license
         answer = false;
         if (fire(element, 'confirm')) {
           try {
-            answer = confirm(message);
+            answer = Rails.confirm(message, element);
           } catch (error) {}
           callback = fire(element, 'confirm:complete', [answer]);
         }
@@ -388,7 +387,7 @@ Released under the MIT license
 
     }).call(this);
     (function() {
-      var disableFormElement, disableFormElements, disableLinkElement, enableFormElement, enableFormElements, enableLinkElement, formElements, getData, matches, setData, stopEverything;
+      var disableFormElement, disableFormElements, disableLinkElement, enableFormElement, enableFormElements, enableLinkElement, formElements, getData, isXhrRedirect, matches, setData, stopEverything;
 
       matches = Rails.matches, getData = Rails.getData, setData = Rails.setData, stopEverything = Rails.stopEverything, formElements = Rails.formElements;
 
@@ -402,7 +401,14 @@ Released under the MIT license
 
       Rails.enableElement = function(e) {
         var element;
-        element = e instanceof Event ? e.target : e;
+        if (e instanceof Event) {
+          if (isXhrRedirect(e)) {
+            return;
+          }
+          element = e.target;
+        } else {
+          element = e;
+        }
         if (matches(element, Rails.linkDisableSelector)) {
           return enableLinkElement(element);
         } else if (matches(element, Rails.buttonDisableSelector) || matches(element, Rails.formEnableSelector)) {
@@ -426,6 +432,9 @@ Released under the MIT license
 
       disableLinkElement = function(element) {
         var replacement;
+        if (getData(element, 'ujs:disabled')) {
+          return;
+        }
         replacement = element.getAttribute('data-disable-with');
         if (replacement != null) {
           setData(element, 'ujs:enable-with', element.innerHTML);
@@ -452,6 +461,9 @@ Released under the MIT license
 
       disableFormElement = function(element) {
         var replacement;
+        if (getData(element, 'ujs:disabled')) {
+          return;
+        }
         replacement = element.getAttribute('data-disable-with');
         if (replacement != null) {
           if (matches(element, 'button')) {
@@ -485,6 +497,12 @@ Released under the MIT license
         return setData(element, 'ujs:disabled', null);
       };
 
+      isXhrRedirect = function(event) {
+        var ref, xhr;
+        xhr = (ref = event.detail) != null ? ref[0] : void 0;
+        return (xhr != null ? xhr.getResponseHeader("X-Xhr-Redirect") : void 0) != null;
+      };
+
     }).call(this);
     (function() {
       var stopEverything;
@@ -622,23 +640,23 @@ Released under the MIT license
       };
 
       Rails.preventInsignificantClick = function(e) {
-        var data, insignificantMetaClick, link, metaClick, method, nonPrimaryMouseClick;
+        var data, insignificantMetaClick, link, metaClick, method, primaryMouseKey;
         link = this;
         method = (link.getAttribute('data-method') || 'GET').toUpperCase();
         data = link.getAttribute('data-params');
         metaClick = e.metaKey || e.ctrlKey;
         insignificantMetaClick = metaClick && method === 'GET' && !data;
-        nonPrimaryMouseClick = (e.button != null) && e.button !== 0;
-        if (nonPrimaryMouseClick || insignificantMetaClick) {
+        primaryMouseKey = e.button === 0;
+        if (!primaryMouseKey || insignificantMetaClick) {
           return e.stopImmediatePropagation();
         }
       };
 
     }).call(this);
     (function() {
-      var $, CSRFProtection, delegate, disableElement, enableElement, fire, formSubmitButtonClick, getData, handleConfirm, handleDisabledElement, handleMethod, handleRemote, loadCSPNonce, preventInsignificantClick, refreshCSRFTokens;
+      var $, CSRFProtection, delegate, disableElement, enableElement, fire, formSubmitButtonClick, getData, handleConfirm, handleDisabledElement, handleMethod, handleRemote, preventInsignificantClick, refreshCSRFTokens;
 
-      fire = Rails.fire, delegate = Rails.delegate, getData = Rails.getData, $ = Rails.$, refreshCSRFTokens = Rails.refreshCSRFTokens, CSRFProtection = Rails.CSRFProtection, loadCSPNonce = Rails.loadCSPNonce, enableElement = Rails.enableElement, disableElement = Rails.disableElement, handleDisabledElement = Rails.handleDisabledElement, handleConfirm = Rails.handleConfirm, preventInsignificantClick = Rails.preventInsignificantClick, handleRemote = Rails.handleRemote, formSubmitButtonClick = Rails.formSubmitButtonClick, handleMethod = Rails.handleMethod;
+      fire = Rails.fire, delegate = Rails.delegate, getData = Rails.getData, $ = Rails.$, refreshCSRFTokens = Rails.refreshCSRFTokens, CSRFProtection = Rails.CSRFProtection, enableElement = Rails.enableElement, disableElement = Rails.disableElement, handleDisabledElement = Rails.handleDisabledElement, handleConfirm = Rails.handleConfirm, preventInsignificantClick = Rails.preventInsignificantClick, handleRemote = Rails.handleRemote, formSubmitButtonClick = Rails.formSubmitButtonClick, handleMethod = Rails.handleMethod;
 
       if ((typeof jQuery !== "undefined" && jQuery !== null) && (jQuery.ajax != null)) {
         if (jQuery.rails) {
@@ -701,7 +719,6 @@ Released under the MIT license
         delegate(document, Rails.formInputClickSelector, 'click', handleConfirm);
         delegate(document, Rails.formInputClickSelector, 'click', formSubmitButtonClick);
         document.addEventListener('DOMContentLoaded', refreshCSRFTokens);
-        document.addEventListener('DOMContentLoaded', loadCSPNonce);
         return window._rails_loaded = true;
       };