turbolinks 2.2.0 → 2.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/assets/javascripts/turbolinks.js.coffee +11 -3
- data/lib/turbolinks.rb +12 -61
- data/lib/turbolinks/cookies.rb +10 -0
- data/lib/turbolinks/redirection.rb +15 -0
- data/lib/turbolinks/version.rb +3 -0
- data/lib/turbolinks/x_domain_blocker.rb +21 -0
- data/lib/turbolinks/xhr_headers.rb +40 -0
- data/lib/turbolinks/xhr_url_for.rb +20 -0
- metadata +8 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4b7c786dc5fe799560978873952c05876224aa42
|
4
|
+
data.tar.gz: f79c665b9dadef0b27cb3d252c9773f90b57e6c7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 652de423718540abd5069b448a58c6dde9c7c2e92e2ef01c1e48b3356ecee0e2cd706db3084a42489ac88415e3861b72304bc939f7d775891fe3be0e356664c7
|
7
|
+
data.tar.gz: 39eb0d8d11d6e73b69da4a191dbf99143f4b2b3c4ff0f730684536982808010899fe0cd1e22599e015c28d14899a446b54d8d5cf16420645870040104a552163
|
@@ -290,6 +290,12 @@ allowLinkExtensions = (extensions...) ->
|
|
290
290
|
htmlExtensions.push extension for extension in extensions
|
291
291
|
htmlExtensions
|
292
292
|
|
293
|
+
|
294
|
+
# Delay execution of function long enough to miss the popstate event
|
295
|
+
# some browsers fire on the initial page load.
|
296
|
+
bypassOnLoadPopstate = (fn) ->
|
297
|
+
setTimeout fn, 500
|
298
|
+
|
293
299
|
installDocumentReadyPageEventTriggers = ->
|
294
300
|
document.addEventListener 'DOMContentLoaded', ( ->
|
295
301
|
triggerEvent 'page:change'
|
@@ -316,11 +322,13 @@ initializeTurbolinks = ->
|
|
316
322
|
createDocument = browserCompatibleDocumentParser()
|
317
323
|
|
318
324
|
document.addEventListener 'click', installClickHandlerLast, true
|
319
|
-
window.addEventListener 'popstate', installHistoryChangeHandler, false
|
320
325
|
|
321
|
-
|
326
|
+
bypassOnLoadPopstate ->
|
327
|
+
window.addEventListener 'popstate', installHistoryChangeHandler, false
|
328
|
+
|
329
|
+
# Handle bug in Firefox 26/27 where history.state is initially undefined
|
322
330
|
historyStateIsDefined =
|
323
|
-
window.history.state != undefined or navigator.userAgent.match /Firefox\/
|
331
|
+
window.history.state != undefined or navigator.userAgent.match /Firefox\/2[6|7]/
|
324
332
|
|
325
333
|
browserSupportsPushState =
|
326
334
|
window.history and window.history.pushState and window.history.replaceState and historyStateIsDefined
|
data/lib/turbolinks.rb
CHANGED
@@ -1,66 +1,13 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
end
|
8
|
-
|
9
|
-
private
|
10
|
-
def _compute_redirect_to_location_with_xhr_referer(options)
|
11
|
-
session[:_turbolinks_redirect_to] =
|
12
|
-
if options == :back && request.headers["X-XHR-Referer"]
|
13
|
-
_compute_redirect_to_location_without_xhr_referer(request.headers["X-XHR-Referer"])
|
14
|
-
else
|
15
|
-
_compute_redirect_to_location_without_xhr_referer(options)
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
def set_xhr_redirected_to
|
20
|
-
if session[:_turbolinks_redirect_to]
|
21
|
-
response.headers['X-XHR-Redirected-To'] = session.delete :_turbolinks_redirect_to
|
22
|
-
end
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
module Cookies
|
27
|
-
private
|
28
|
-
def set_request_method_cookie
|
29
|
-
cookies[:request_method] = request.request_method
|
30
|
-
end
|
31
|
-
end
|
32
|
-
|
33
|
-
module XDomainBlocker
|
34
|
-
private
|
35
|
-
def same_origin?(a, b)
|
36
|
-
a = URI.parse URI.escape(a)
|
37
|
-
b = URI.parse URI.escape(b)
|
38
|
-
[a.scheme, a.host, a.port] == [b.scheme, b.host, b.port]
|
39
|
-
end
|
40
|
-
|
41
|
-
def abort_xdomain_redirect
|
42
|
-
to_uri = response.headers['Location'] || ""
|
43
|
-
current = request.headers['X-XHR-Referer'] || ""
|
44
|
-
unless to_uri.blank? || current.blank? || same_origin?(current, to_uri)
|
45
|
-
self.status = 403
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
module Redirection
|
51
|
-
extend ActiveSupport::Concern
|
52
|
-
|
53
|
-
def redirect_via_turbolinks_to(url = {}, response_status = {})
|
54
|
-
redirect_to(url, response_status)
|
55
|
-
|
56
|
-
self.status = 200
|
57
|
-
self.response_body = "Turbolinks.visit('#{location}');"
|
58
|
-
response.content_type = Mime::JS
|
59
|
-
end
|
60
|
-
end
|
1
|
+
require 'turbolinks/version'
|
2
|
+
require 'turbolinks/xhr_headers'
|
3
|
+
require 'turbolinks/xhr_url_for'
|
4
|
+
require 'turbolinks/cookies'
|
5
|
+
require 'turbolinks/x_domain_blocker'
|
6
|
+
require 'turbolinks/redirection'
|
61
7
|
|
8
|
+
module Turbolinks
|
62
9
|
class Engine < ::Rails::Engine
|
63
|
-
initializer :
|
10
|
+
initializer :turbolinks do |config|
|
64
11
|
ActionController::Base.class_eval do
|
65
12
|
include XHRHeaders, Cookies, XDomainBlocker, Redirection
|
66
13
|
before_filter :set_xhr_redirected_to, :set_request_method_cookie
|
@@ -73,6 +20,10 @@ module Turbolinks
|
|
73
20
|
end
|
74
21
|
alias referrer referer
|
75
22
|
end
|
23
|
+
|
24
|
+
(ActionView::RoutingUrlFor rescue ActionView::Helpers::UrlHelper).module_eval do
|
25
|
+
include XHRUrlFor
|
26
|
+
end
|
76
27
|
end
|
77
28
|
end
|
78
29
|
end
|
@@ -0,0 +1,10 @@
|
|
1
|
+
module Turbolinks
|
2
|
+
# Sets a request_method cookie containing the request method of the current request.
|
3
|
+
# The Turbolinks script will not initialize if this cookie is set to anything other than GET.
|
4
|
+
module Cookies
|
5
|
+
private
|
6
|
+
def set_request_method_cookie
|
7
|
+
cookies[:request_method] = request.request_method
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module Turbolinks
|
2
|
+
# Provides a means of using Turbolinks to perform redirects. The server
|
3
|
+
# will respond with a JavaScript call to Turbolinks.visit(url).
|
4
|
+
module Redirection
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
def redirect_via_turbolinks_to(url = {}, response_status = {})
|
8
|
+
redirect_to(url, response_status)
|
9
|
+
|
10
|
+
self.status = 200
|
11
|
+
self.response_body = "Turbolinks.visit('#{location}');"
|
12
|
+
response.content_type = Mime::JS
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
module Turbolinks
|
2
|
+
# Changes the response status to 403 Forbidden if all of these conditions are true:
|
3
|
+
# - The current request originated from Turbolinks
|
4
|
+
# - The request is being redirected to a different domain
|
5
|
+
module XDomainBlocker
|
6
|
+
private
|
7
|
+
def same_origin?(a, b)
|
8
|
+
a = URI.parse URI.escape(a)
|
9
|
+
b = URI.parse URI.escape(b)
|
10
|
+
[a.scheme, a.host, a.port] == [b.scheme, b.host, b.port]
|
11
|
+
end
|
12
|
+
|
13
|
+
def abort_xdomain_redirect
|
14
|
+
to_uri = response.headers['Location'] || ""
|
15
|
+
current = request.headers['X-XHR-Referer'] || ""
|
16
|
+
unless to_uri.blank? || current.blank? || same_origin?(current, to_uri)
|
17
|
+
self.status = 403
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
module Turbolinks
|
2
|
+
# Intercepts calls to _compute_redirect_to_location (used by redirect_to) for two purposes.
|
3
|
+
#
|
4
|
+
# 1. Corrects the behavior of redirect_to with the :back option by using the X-XHR-Referer
|
5
|
+
# request header instead of the standard Referer request header.
|
6
|
+
#
|
7
|
+
# 2. Stores the return value (the redirect target url) to persist through to the redirect
|
8
|
+
# request, where it will be used to set the X-XHR-Redirected-To response header. The
|
9
|
+
# Turbolinks script will detect the header and use replaceState to reflect the redirected
|
10
|
+
# url.
|
11
|
+
module XHRHeaders
|
12
|
+
extend ActiveSupport::Concern
|
13
|
+
|
14
|
+
included do
|
15
|
+
alias_method_chain :_compute_redirect_to_location, :xhr_referer
|
16
|
+
end
|
17
|
+
|
18
|
+
private
|
19
|
+
def _compute_redirect_to_location_with_xhr_referer(options)
|
20
|
+
store_for_turbolinks begin
|
21
|
+
if options == :back && request.headers["X-XHR-Referer"]
|
22
|
+
_compute_redirect_to_location_without_xhr_referer(request.headers["X-XHR-Referer"])
|
23
|
+
else
|
24
|
+
_compute_redirect_to_location_without_xhr_referer(options)
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def store_for_turbolinks(url)
|
30
|
+
session[:_turbolinks_redirect_to] = url if request.headers["X-XHR-Referer"]
|
31
|
+
url
|
32
|
+
end
|
33
|
+
|
34
|
+
def set_xhr_redirected_to
|
35
|
+
if session[:_turbolinks_redirect_to]
|
36
|
+
response.headers['X-XHR-Redirected-To'] = session.delete :_turbolinks_redirect_to
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
module Turbolinks
|
2
|
+
# Corrects the behavior of url_for (and link_to, which uses url_for) with the :back
|
3
|
+
# option by using the X-XHR-Referer request header instead of the standard Referer
|
4
|
+
# request header.
|
5
|
+
module XHRUrlFor
|
6
|
+
def self.included(base)
|
7
|
+
base.alias_method_chain :url_for, :xhr_referer
|
8
|
+
end
|
9
|
+
|
10
|
+
def url_for_with_xhr_referer(options)
|
11
|
+
options = (xhr_referer || options) if options == :back
|
12
|
+
url_for_without_xhr_referer options
|
13
|
+
end
|
14
|
+
|
15
|
+
private
|
16
|
+
def xhr_referer
|
17
|
+
controller.request.headers["X-XHR-Referer"]
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: turbolinks
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.2.
|
4
|
+
version: 2.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-01-
|
11
|
+
date: 2014-01-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: coffee-rails
|
@@ -32,6 +32,12 @@ extra_rdoc_files: []
|
|
32
32
|
files:
|
33
33
|
- lib/assets/javascripts/turbolinks.js.coffee
|
34
34
|
- lib/turbolinks.rb
|
35
|
+
- lib/turbolinks/cookies.rb
|
36
|
+
- lib/turbolinks/redirection.rb
|
37
|
+
- lib/turbolinks/version.rb
|
38
|
+
- lib/turbolinks/x_domain_blocker.rb
|
39
|
+
- lib/turbolinks/xhr_headers.rb
|
40
|
+
- lib/turbolinks/xhr_url_for.rb
|
35
41
|
- README.md
|
36
42
|
- MIT-LICENSE
|
37
43
|
- test/config.ru
|