omg-actionpack 8.0.0.alpha1

data/lib/action_dispatch/middleware/static.rb

@@ -0,0 +1,192 @@
+# frozen_string_literal: true
+
+# :markup: markdown
+
+require "rack/utils"
+
+module ActionDispatch
+  # # Action Dispatch Static
+  #
+  # This middleware serves static files from disk, if available. If no file is
+  # found, it hands off to the main app.
+  #
+  # In Rails apps, this middleware is configured to serve assets from the
+  # `public/` directory.
+  #
+  # Only GET and HEAD requests are served. POST and other HTTP methods are handed
+  # off to the main app.
+  #
+  # Only files in the root directory are served; path traversal is denied.
+  class Static
+    def initialize(app, path, index: "index", headers: {})
+      @app = app
+      @file_handler = FileHandler.new(path, index: index, headers: headers)
+    end
+
+    def call(env)
+      @file_handler.attempt(env) || @app.call(env)
+    end
+  end
+
+  # # Action Dispatch FileHandler
+  #
+  # This endpoint serves static files from disk using `Rack::Files`.
+  #
+  # URL paths are matched with static files according to expected conventions:
+  # `path`, `path`.html, `path`/index.html.
+  #
+  # Precompressed versions of these files are checked first. Brotli (.br) and gzip
+  # (.gz) files are supported. If `path`.br exists, this endpoint returns that
+  # file with a `content-encoding: br` header.
+  #
+  # If no matching file is found, this endpoint responds `404 Not Found`.
+  #
+  # Pass the `root` directory to search for matching files, an optional `index:
+  # "index"` to change the default `path`/index.html, and optional additional
+  # response headers.
+  class FileHandler
+    # `Accept-Encoding` value -> file extension
+    PRECOMPRESSED = {
+      "br" => ".br",
+      "gzip" => ".gz",
+      "identity" => nil
+    }
+
+    def initialize(root, index: "index", headers: {}, precompressed: %i[ br gzip ], compressible_content_types: /\A(?:text\/|application\/javascript|image\/svg\+xml)/)
+      @root = root.chomp("/").b
+      @index = index
+
+      @precompressed = Array(precompressed).map(&:to_s) | %w[ identity ]
+      @compressible_content_types = compressible_content_types
+
+      @file_server = ::Rack::Files.new(@root, headers)
+    end
+
+    def call(env)
+      attempt(env) || @file_server.call(env)
+    end
+
+    def attempt(env)
+      request = Rack::Request.new env
+
+      if request.get? || request.head?
+        if found = find_file(request.path_info, accept_encoding: request.accept_encoding)
+          serve request, *found
+        end
+      end
+    end
+
+    private
+      def serve(request, filepath, content_headers)
+        original, request.path_info =
+          request.path_info, ::Rack::Utils.escape_path(filepath).b
+
+        @file_server.call(request.env).tap do |status, headers, body|
+          # Omit content-encoding/type/etc headers for 304 Not Modified
+          if status != 304
+            headers.update(content_headers)
+          end
+        end
+      ensure
+        request.path_info = original
+      end
+
+      # Match a URI path to a static file to be served.
+      #
+      # Used by the `Static` class to negotiate a servable file in the `public/`
+      # directory (see Static#call).
+      #
+      # Checks for `path`, `path`.html, and `path`/index.html files, in that order,
+      # including .br and .gzip compressed extensions.
+      #
+      # If a matching file is found, the path and necessary response headers
+      # (Content-Type, Content-Encoding) are returned.
+      def find_file(path_info, accept_encoding:)
+        each_candidate_filepath(path_info) do |filepath, content_type|
+          if response = try_files(filepath, content_type, accept_encoding: accept_encoding)
+            return response
+          end
+        end
+      end
+
+      def try_files(filepath, content_type, accept_encoding:)
+        headers = { Rack::CONTENT_TYPE => content_type }
+
+        if compressible? content_type
+          try_precompressed_files filepath, headers, accept_encoding: accept_encoding
+        elsif file_readable? filepath
+          [ filepath, headers ]
+        end
+      end
+
+      def try_precompressed_files(filepath, headers, accept_encoding:)
+        each_precompressed_filepath(filepath) do |content_encoding, precompressed_filepath|
+          if file_readable? precompressed_filepath
+            # Identity encoding is default, so we skip Accept-Encoding negotiation and
+            # needn't set Content-Encoding.
+            #
+            # Vary header is expected when we've found other available encodings that
+            # Accept-Encoding ruled out.
+            if content_encoding == "identity"
+              return precompressed_filepath, headers
+            else
+              headers[ActionDispatch::Constants::VARY] = "accept-encoding"
+
+              if accept_encoding.any? { |enc, _| /\b#{content_encoding}\b/i.match?(enc) }
+                headers[ActionDispatch::Constants::CONTENT_ENCODING] = content_encoding
+                return precompressed_filepath, headers
+              end
+            end
+          end
+        end
+      end
+
+      def file_readable?(path)
+        file_path = File.join(@root, path.b)
+        File.file?(file_path) && File.readable?(file_path)
+      end
+
+      def compressible?(content_type)
+        @compressible_content_types.match?(content_type)
+      end
+
+      def each_precompressed_filepath(filepath)
+        @precompressed.each do |content_encoding|
+          precompressed_ext = PRECOMPRESSED.fetch(content_encoding)
+          yield content_encoding, "#{filepath}#{precompressed_ext}"
+        end
+
+        nil
+      end
+
+      def each_candidate_filepath(path_info)
+        return unless path = clean_path(path_info)
+
+        ext = ::File.extname(path)
+        content_type = ::Rack::Mime.mime_type(ext, nil)
+        yield path, content_type || "text/plain"
+
+        # Tack on .html and /index.html only for paths that don't have an explicit,
+        # resolvable file extension. No need to check for foo.js.html and
+        # foo.js/index.html.
+        unless content_type
+          default_ext = ::ActionController::Base.default_static_extension
+          if ext != default_ext
+            default_content_type = ::Rack::Mime.mime_type(default_ext, "text/plain")
+
+            yield "#{path}#{default_ext}", default_content_type
+            yield "#{path}/#{@index}#{default_ext}", default_content_type
+          end
+        end
+
+        nil
+      end
+
+      def clean_path(path_info)
+        path = ::Rack::Utils.unescape_path path_info.chomp("/")
+        if ::Rack::Utils.valid_path? path
+          ::Rack::Utils.clean_path_info path
+        end
+      end
+  end
+end

data/lib/action_dispatch/middleware/templates/rescues/_actions.html.erb

@@ -0,0 +1,13 @@
+<% actions = exception_wrapper.actions %>
+
+<% if actions.any? %>
+  <div class="actions">
+    <% actions.each do |action, _| %>
+      <%= button_to action, ActionDispatch::ActionableExceptions.endpoint, params: {
+        error: exception_wrapper.exception_class_name,
+        action: action,
+        location: request.path
+      } %>
+    <% end %>
+  </div>
+<% end %>

data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb

@@ -0,0 +1,22 @@
+<% if exception_wrapper.has_corrections? %>
+  <div class="exception-message">
+    <%= simple_format h(exception_wrapper.original_message), { class: "message" }, wrapper_tag: "div" %>
+  </div>
+  <%
+    # The 'did_you_mean' gem can raise exceptions when calling #corrections on
+    # the exception. If it does there are no corrections to show.
+    corrections = exception_wrapper.corrections rescue []
+  %>
+  <% if corrections.any? %>
+    <b>Did you mean?</b>
+    <ul>
+    <% corrections.each do |correction| %>
+      <li class="correction"><%= h correction %></li>
+    <% end %>
+    </ul>
+  <% end %>
+<% else %>
+  <div class="exception-message">
+    <%= simple_format h(exception_wrapper.message), { class: "message" }, wrapper_tag: "div" %>
+  </div>
+<% end %>

data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb

@@ -0,0 +1,17 @@
+<h2 class="request-heading">Request</h2>
+<% if params_valid? %>
+  <p><b>Parameters</b>:</p> <pre><%= debug_params(@request.filtered_parameters) %></pre>
+<% end %>
+
+<div class="details">
+  <div class="summary"><a href="#" onclick="return toggleSessionDump()">Toggle session dump</a></div>
+  <div id="session_dump" class="hidden"><pre><%= debug_hash @request.session %></pre></div>
+</div>
+
+<div class="details">
+  <div class="summary"><a href="#" onclick="return toggleEnvDump()">Toggle env dump</a></div>
+  <div id="env_dump" class="hidden"><pre><%= debug_hash @request.env.slice(*@request.class::ENV_METHODS) %></pre></div>
+</div>
+
+<h2 class="response-heading">Response</h2>
+<p><b>Headers</b>:</p> <pre><%= debug_headers(defined?(@response) ? @response.headers : {}) %></pre>

data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb

@@ -0,0 +1,23 @@
+<%
+  clean_params = params_valid? ? @request.filtered_parameters.clone : {}
+  clean_params.delete("action")
+  clean_params.delete("controller")
+
+  request_dump = clean_params.empty? ? 'None' : clean_params.inspect.gsub(',', ",\n")
+
+  def debug_hash(object)
+    object.to_hash.sort_by { |k, _| k.to_s }.map { |k, v| "#{k}: #{v.inspect rescue $!.message}" }.join("\n")
+  end unless self.class.method_defined?(:debug_hash)
+%>
+
+Request parameters
+<%= request_dump %>
+
+Session dump
+<%= debug_hash @request.session %>
+
+Env dump
+<%= debug_hash @request.env.slice(*@request.class::ENV_METHODS) %>
+
+Response headers
+<%= defined?(@response) ? @response.headers.inspect.gsub(',', ",\n") : 'None' %>

data/lib/action_dispatch/middleware/templates/rescues/_source.html.erb

@@ -0,0 +1,36 @@
+<% error_index = local_assigns[:error_index] || 0 %>
+
+<% source_extracts.each_with_index do |source_extract, index| %>
+  <% if source_extract[:code] %>
+    <div class="source <%= "hidden" if show_source_idx != index %>" id="frame-source-<%= error_index %>-<%= index %>">
+      <div class="info">
+        Extracted source (around line <strong>#<%= source_extract[:line_number] %></strong>):
+      </div>
+      <div class="data">
+        <table cellpadding="0" cellspacing="0" class="lines">
+          <tr>
+            <td>
+              <pre class="line_numbers">
+                <% source_extract[:code].each_key do |line_number| %>
+<span><%= line_number -%></span>
+                <% end %>
+              </pre>
+            </td>
+<td width="100%">
+<pre>
+<% source_extract[:code].each do |line, source| -%>
+<div class="line<%= " active" if line == source_extract[:line_number] -%>"><% if source.is_a?(Array) -%><%= source[0] -%><span class="error_highlight"><%= source[1] -%></span><%= source[2] -%>
+<% else -%>
+<%= source -%>
+<% end -%></div><% end -%>
+</pre>
+</td>
+          </tr>
+        </table>
+      </div>
+      <%- unless self.error_highlight_available? -%>
+        <p class="error_highlight_tip">Tip: You may want to add <code>gem "error_highlight", "&gt;= 0.4.0"</code> into your Gemfile, which will display the fine-grained error location.</p>
+      <%- end -%>
+    </div>
+  <% end %>
+<% end %>

data/lib/action_dispatch/middleware/templates/rescues/_source.text.erb

@@ -0,0 +1,8 @@
+<% @source_extracts.first(3).each do |source_extract| %>
+<% if source_extract[:code] %>
+Extracted source (around line #<%= source_extract[:line_number] %>):
+
+<% source_extract[:code].each do |line, source| -%>
+<%= line == source_extract[:line_number] ? "*#{line}" : "##{line}" -%> <%= source -%><% end -%>
+<% end %>
+<% end %>

data/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb

@@ -0,0 +1,62 @@
+<% names = traces.keys %>
+<% error_index = local_assigns[:error_index] || 0 %>
+
+<p><code>Rails.root: <%= defined?(Rails) && Rails.respond_to?(:root) ? Rails.root : "unset" %></code></p>
+
+<div id="traces-<%= error_index %>">
+  <% names.each do |name| %>
+    <%
+      show = "show('#{name.gsub(/\s/, '-')}-#{error_index}');"
+      hide = (names - [name]).collect {|hide_name| "hide('#{hide_name.gsub(/\s/, '-')}-#{error_index}');"}
+    %>
+    <a href="#" onclick="<%= hide.join %><%= show %>; return false;"><%= name %></a> <%= '|' unless names.last == name %>
+  <% end %>
+
+  <% traces.each do |name, trace| %>
+    <div id="<%= "#{name.gsub(/\s/, '-')}-#{error_index}" %>" style="display: <%= (name == trace_to_show) ? 'block' : 'none' %>;">
+      <code class="traces">
+        <% trace.each do |frame| %>
+          <a class="trace-frames trace-frames-<%= error_index %>" data-exception-object-id="<%= frame[:exception_object_id] %>" data-frame-id="<%= frame[:id] %>" href="#">
+            <%= frame[:trace] %>
+          </a>
+          <br>
+        <% end %>
+      </code>
+    </div>
+  <% end %>
+
+  <script>
+    (function() {
+      var traceFrames = document.getElementsByClassName('trace-frames-<%= error_index %>');
+      var selectedFrame, currentSource = document.getElementById('frame-source-<%= error_index %>-0');
+
+      // Add click listeners for all stack frames
+      for (var i = 0; i < traceFrames.length; i++) {
+        traceFrames[i].addEventListener('click', function(e) {
+          e.preventDefault();
+          var target = e.target;
+          var frame_id = target.dataset.frameId;
+
+          if (selectedFrame) {
+            selectedFrame.className = selectedFrame.className.replace("selected", "");
+          }
+
+          target.className += " selected";
+          selectedFrame = target;
+
+          // Change the extracted source code
+          changeSourceExtract(frame_id);
+        });
+
+        function changeSourceExtract(frame_id) {
+          var el = document.getElementById('frame-source-<%= error_index %>-' + frame_id);
+          if (currentSource && el) {
+            currentSource.className += " hidden";
+            el.className = el.className.replace(" hidden", "");
+            currentSource = el;
+          }
+        }
+      }
+    })();
+  </script>
+</div>

data/lib/action_dispatch/middleware/templates/rescues/_trace.text.erb

@@ -0,0 +1,9 @@
+Rails.root: <%= defined?(Rails) && Rails.respond_to?(:root) ? Rails.root : "unset" %>
+
+<% @traces.each do |name, trace| %>
+<% if trace.any? %>
+<%= name %>
+<%= trace.map { |t| t[:trace] }.join("\n") %>
+
+<% end %>
+<% end %>

data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb

@@ -0,0 +1,12 @@
+<header>
+  <h1>Blocked hosts: <%= @hosts.join(", ") %></h1>
+</header>
+<main role="main" id="container">
+  <h2>To allow requests to these hosts, make sure they are valid hostnames (containing only numbers, letters, dashes and dots), then add the following to your environment configuration:</h2>
+  <pre>
+  <% @hosts.each do |host| %>
+    config.hosts &lt;&lt; "<%= host %>"
+  <% end %>
+  </pre>
+  <p>For more details view: <a href="https://guides.rubyonrails.org/configuring.html#actiondispatch-hostauthorization">the Host Authorization guide</a></p>
+</main>

data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb

@@ -0,0 +1,9 @@
+Blocked hosts: <%= @hosts.join(", ") %>
+
+To allow requests to these hosts, make sure they are valid hostnames (containing only numbers, letters, dashes and dots), then add the following to your environment configuration:
+
+<% @hosts.each do |host| %>
+  config.hosts << "<%= host %>"
+<% end %>
+
+For more details on host authorization view: https://guides.rubyonrails.org/configuring.html#actiondispatch-hostauthorization

data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb

@@ -0,0 +1,35 @@
+<header>
+  <h1>
+    <%= @exception_wrapper.exception_class_name %>
+    <% if params_valid? && @request.parameters['controller'] %>
+      in <%= @request.parameters['controller'].camelize %>Controller<% if @request.parameters['action'] %>#<%= @request.parameters['action'] %><% end %>
+    <% end %>
+  </h1>
+</header>
+
+<main role="main" id="container">
+  <%= render "rescues/message_and_suggestions", exception: @exception, exception_wrapper: @exception_wrapper %>
+  <%= render "rescues/actions", exception: @exception, request: @request, exception_wrapper: @exception_wrapper %>
+
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx, error_index: 0 %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show, error_index: 0 %>
+
+  <% if @exception_wrapper.has_cause? %>
+    <h2>Exception Causes</h2>
+  <% end %>
+
+  <% @exception_wrapper.wrapped_causes.each.with_index(1) do |wrapper, index| %>
+    <div class="details">
+      <a class="summary" href="#" onclick="return toggle(<%= wrapper.exception_id %>)">
+        <%= wrapper.exception_class_name %>: <%= h wrapper.message %>
+      </a>
+    </div>
+
+    <div id="<%= wrapper.exception_id %>" class="hidden">
+      <%= render "rescues/source", source_extracts: wrapper.source_extracts, show_source_idx: wrapper.source_to_show_id, error_index: index %>
+      <%= render "rescues/trace", traces: wrapper.traces, trace_to_show: wrapper.trace_to_show, error_index: index %>
+    </div>
+  <% end %>
+
+  <%= render template: "rescues/_request_and_response" %>
+</main>

data/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb

@@ -0,0 +1,9 @@
+<%= @exception_wrapper.exception_class_name %><%
+  if params_valid? && @request.parameters['controller']
+%> in <%= @request.parameters['controller'].camelize %>Controller<% if @request.parameters['action'] %>#<%= @request.parameters['action'] %><% end %>
+<% end %>
+
+<%= @exception_wrapper.message %>
+<%= render template: "rescues/_source" %>
+<%= render template: "rescues/_trace" %>
+<%= render template: "rescues/_request_and_response" %>

data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb

@@ -0,0 +1,24 @@
+<header role="banner">
+  <h1>
+    <%= @exception.class.to_s %>
+    <% if @request.parameters['controller'] %>
+      in <%= @request.parameters['controller'].camelize %>Controller<% if @request.parameters['action'] %>#<%= @request.parameters['action'] %><% end %>
+    <% end %>
+  </h1>
+</header>
+
+<main role="main" id="container">
+  <h2>
+    <%= h @exception.message %>
+    <% if defined?(ActiveStorage) && @exception.message.match?(%r{#{ActiveStorage::Blob.table_name}|#{ActiveStorage::Attachment.table_name}}) %>
+      <br />To resolve this issue run: bin/rails active_storage:install
+    <% end %>
+    <% if defined?(ActionMailbox) && @exception.message.match?(%r{#{ActionMailbox::InboundEmail.table_name}}) %>
+      <br />To resolve this issue run: bin/rails action_mailbox:install
+    <% end %>
+  </h2>
+
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
+  <%= render template: "rescues/_request_and_response" %>
+</main>

data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb

@@ -0,0 +1,16 @@
+<%= @exception.class.to_s %><%
+  if @request.parameters['controller']
+%> in <%= @request.parameters['controller'].camelize %>Controller<% if @request.parameters['action'] %>#<%= @request.parameters['action'] %><% end %>
+<% end %>
+
+<%= @exception.message %>
+<% if defined?(ActiveStorage) && @exception.message.match?(%r{#{ActiveStorage::Blob.table_name}|#{ActiveStorage::Attachment.table_name}}) %>
+To resolve this issue run: bin/rails active_storage:install
+<% end %>
+<% if defined?(ActionMailbox) && @exception.message.match?(%r{#{ActionMailbox::InboundEmail.table_name}}) %>
+To resolve this issue run: bin/rails action_mailbox:install
+<% end %>
+
+<%= render template: "rescues/_source" %>
+<%= render template: "rescues/_trace" %>
+<%= render template: "rescues/_request_and_response" %>