turbolinks 2.2.0 → 2.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d3d08c4d35026032ba9df71e06412e39e6e2808b
-  data.tar.gz: bee4e26fe03db79826e124bb1f756f65a067e315
+  metadata.gz: 4b7c786dc5fe799560978873952c05876224aa42
+  data.tar.gz: f79c665b9dadef0b27cb3d252c9773f90b57e6c7
 SHA512:
-  metadata.gz: 9af7fec4638b55c127964a05d8ad8c9d79db475578656e4b41f5d79c5556023ef635b6c6fc201c3c4dd8a0154715d1ccc434d64764458f68c43fb70701134af1
-  data.tar.gz: 4671935850cac59c3f809661847a46dd8d98a5acc6b5a782f32f351e55eb8daaf804ed3ee6b71eaffda503f0b1319addee9086b8d1d05c8b91a5866aa96a9936
+  metadata.gz: 652de423718540abd5069b448a58c6dde9c7c2e92e2ef01c1e48b3356ecee0e2cd706db3084a42489ac88415e3861b72304bc939f7d775891fe3be0e356664c7
+  data.tar.gz: 39eb0d8d11d6e73b69da4a191dbf99143f4b2b3c4ff0f730684536982808010899fe0cd1e22599e015c28d14899a446b54d8d5cf16420645870040104a552163

data/lib/assets/javascripts/turbolinks.js.coffee

@@ -290,6 +290,12 @@ allowLinkExtensions = (extensions...) ->
   htmlExtensions.push extension for extension in extensions
   htmlExtensions
 
+
+# Delay execution of function long enough to miss the popstate event
+# some browsers fire on the initial page load.
+bypassOnLoadPopstate = (fn) ->
+  setTimeout fn, 500
+
 installDocumentReadyPageEventTriggers = ->
   document.addEventListener 'DOMContentLoaded', ( ->
     triggerEvent 'page:change'
@@ -316,11 +322,13 @@ initializeTurbolinks = ->
   createDocument = browserCompatibleDocumentParser()
 
   document.addEventListener 'click', installClickHandlerLast, true
-  window.addEventListener 'popstate', installHistoryChangeHandler, false
 
-# Handle bug in Firefox 26 where history.state is initially undefined
+  bypassOnLoadPopstate ->
+    window.addEventListener 'popstate', installHistoryChangeHandler, false
+
+# Handle bug in Firefox 26/27 where history.state is initially undefined
 historyStateIsDefined =
-  window.history.state != undefined or navigator.userAgent.match /Firefox\/26/
+  window.history.state != undefined or navigator.userAgent.match /Firefox\/2[6|7]/
 
 browserSupportsPushState =
   window.history and window.history.pushState and window.history.replaceState and historyStateIsDefined

data/lib/turbolinks.rb

@@ -1,66 +1,13 @@
-module Turbolinks
-  module XHRHeaders
-    extend ActiveSupport::Concern
-
-    included do
-      alias_method_chain :_compute_redirect_to_location, :xhr_referer
-    end
-
-    private
-      def _compute_redirect_to_location_with_xhr_referer(options)
-        session[:_turbolinks_redirect_to] =
-          if options == :back && request.headers["X-XHR-Referer"]
-            _compute_redirect_to_location_without_xhr_referer(request.headers["X-XHR-Referer"])
-          else
-            _compute_redirect_to_location_without_xhr_referer(options)
-          end
-      end
-
-      def set_xhr_redirected_to
-        if session[:_turbolinks_redirect_to]
-          response.headers['X-XHR-Redirected-To'] = session.delete :_turbolinks_redirect_to
-        end
-      end
-  end
-
-  module Cookies
-    private
-      def set_request_method_cookie
-        cookies[:request_method] = request.request_method
-      end
-  end
-
-  module XDomainBlocker
-    private
-    def same_origin?(a, b)
-      a = URI.parse URI.escape(a)
-      b = URI.parse URI.escape(b)
-      [a.scheme, a.host, a.port] == [b.scheme, b.host, b.port]
-    end
-
-    def abort_xdomain_redirect
-      to_uri = response.headers['Location'] || ""
-      current = request.headers['X-XHR-Referer'] || ""
-      unless to_uri.blank? || current.blank? || same_origin?(current, to_uri)
-        self.status = 403
-      end
-    end
-  end
-
-  module Redirection
-    extend ActiveSupport::Concern
-    
-    def redirect_via_turbolinks_to(url = {}, response_status = {})
-      redirect_to(url, response_status)
-
-      self.status           = 200
-      self.response_body    = "Turbolinks.visit('#{location}');"
-      response.content_type = Mime::JS
-    end
-  end
+require 'turbolinks/version'
+require 'turbolinks/xhr_headers'
+require 'turbolinks/xhr_url_for'
+require 'turbolinks/cookies'
+require 'turbolinks/x_domain_blocker'
+require 'turbolinks/redirection'
 
+module Turbolinks
   class Engine < ::Rails::Engine
-    initializer :turbolinks_xhr_headers do |config|
+    initializer :turbolinks do |config|
       ActionController::Base.class_eval do
         include XHRHeaders, Cookies, XDomainBlocker, Redirection
         before_filter :set_xhr_redirected_to, :set_request_method_cookie
@@ -73,6 +20,10 @@ module Turbolinks
         end
         alias referrer referer
       end
+
+      (ActionView::RoutingUrlFor rescue ActionView::Helpers::UrlHelper).module_eval do
+        include XHRUrlFor
+      end
     end
   end
 end

data/lib/turbolinks/cookies.rb

@@ -0,0 +1,10 @@
+module Turbolinks
+  # Sets a request_method cookie containing the request method of the current request.
+  # The Turbolinks script will not initialize if this cookie is set to anything other than GET.
+  module Cookies
+    private
+      def set_request_method_cookie
+        cookies[:request_method] = request.request_method
+      end
+  end
+end

data/lib/turbolinks/redirection.rb

@@ -0,0 +1,15 @@
+module Turbolinks
+  # Provides a means of using Turbolinks to perform redirects.  The server
+  # will respond with a JavaScript call to Turbolinks.visit(url).
+  module Redirection
+    extend ActiveSupport::Concern
+    
+    def redirect_via_turbolinks_to(url = {}, response_status = {})
+      redirect_to(url, response_status)
+
+      self.status           = 200
+      self.response_body    = "Turbolinks.visit('#{location}');"
+      response.content_type = Mime::JS
+    end
+  end
+end

data/lib/turbolinks/version.rb

@@ -0,0 +1,3 @@
+module Turbolinks
+  VERSION = '2.2.1'
+end

data/lib/turbolinks/x_domain_blocker.rb

@@ -0,0 +1,21 @@
+module Turbolinks
+  # Changes the response status to 403 Forbidden if all of these conditions are true:
+  # - The current request originated from Turbolinks
+  # - The request is being redirected to a different domain
+  module XDomainBlocker
+    private
+      def same_origin?(a, b)
+        a = URI.parse URI.escape(a)
+        b = URI.parse URI.escape(b)
+        [a.scheme, a.host, a.port] == [b.scheme, b.host, b.port]
+      end
+
+      def abort_xdomain_redirect
+        to_uri = response.headers['Location'] || ""
+        current = request.headers['X-XHR-Referer'] || ""
+        unless to_uri.blank? || current.blank? || same_origin?(current, to_uri)
+          self.status = 403
+        end
+      end
+  end
+end

data/lib/turbolinks/xhr_headers.rb

@@ -0,0 +1,40 @@
+module Turbolinks
+  # Intercepts calls to _compute_redirect_to_location (used by redirect_to) for two purposes.
+  #
+  # 1. Corrects the behavior of redirect_to with the :back option by using the X-XHR-Referer
+  # request header instead of the standard Referer request header.
+  #
+  # 2. Stores the return value (the redirect target url) to persist through to the redirect 
+  # request, where it will be used to set the X-XHR-Redirected-To response header.  The 
+  # Turbolinks script will detect the header and use replaceState to reflect the redirected
+  # url. 
+  module XHRHeaders
+    extend ActiveSupport::Concern
+
+    included do
+      alias_method_chain :_compute_redirect_to_location, :xhr_referer
+    end
+
+    private
+      def _compute_redirect_to_location_with_xhr_referer(options)
+        store_for_turbolinks begin
+          if options == :back && request.headers["X-XHR-Referer"]
+            _compute_redirect_to_location_without_xhr_referer(request.headers["X-XHR-Referer"])
+          else
+            _compute_redirect_to_location_without_xhr_referer(options)
+          end
+        end
+      end
+
+      def store_for_turbolinks(url)
+        session[:_turbolinks_redirect_to] = url if request.headers["X-XHR-Referer"]
+        url
+      end
+
+      def set_xhr_redirected_to
+        if session[:_turbolinks_redirect_to]
+          response.headers['X-XHR-Redirected-To'] = session.delete :_turbolinks_redirect_to
+        end
+      end
+  end
+end

data/lib/turbolinks/xhr_url_for.rb

@@ -0,0 +1,20 @@
+module Turbolinks
+  # Corrects the behavior of url_for (and link_to, which uses url_for) with the :back 
+  # option by using the X-XHR-Referer request header instead of the standard Referer 
+  # request header.
+  module XHRUrlFor
+    def self.included(base)
+      base.alias_method_chain :url_for, :xhr_referer
+    end
+ 
+    def url_for_with_xhr_referer(options)
+      options = (xhr_referer || options) if options == :back
+      url_for_without_xhr_referer options
+    end
+
+    private
+      def xhr_referer
+        controller.request.headers["X-XHR-Referer"]
+      end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: turbolinks
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.2.1
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-01-11 00:00:00.000000000 Z
+date: 2014-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: coffee-rails
@@ -32,6 +32,12 @@ extra_rdoc_files: []
 files:
 - lib/assets/javascripts/turbolinks.js.coffee
 - lib/turbolinks.rb
+- lib/turbolinks/cookies.rb
+- lib/turbolinks/redirection.rb
+- lib/turbolinks/version.rb
+- lib/turbolinks/x_domain_blocker.rb
+- lib/turbolinks/xhr_headers.rb
+- lib/turbolinks/xhr_url_for.rb
 - README.md
 - MIT-LICENSE
 - test/config.ru