web-console 3.6.2 → 4.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f09465d00b163545199aecc34e9f36d967cbfbeede260077e185a535a90c0640
-  data.tar.gz: 84b14845dd1dcce1fcbb644d64a5b3aca5532c8fae0a8b6062d73bce5c5cb7af
+  metadata.gz: 843f71412a6d2c6a31f35062ad86326656caed6a75de13d9e9c3b09d143ccb3c
+  data.tar.gz: 6a7a70ff565431ff9f1a2f47db2cfaf9498abf95a030e5ea285c27cf42412dab
 SHA512:
-  metadata.gz: f746e8ce11d5da555297a72a3015bbe73d5f5e2133162fbee9da4e42127f3dd8aced4f80f5f1decfd20e14266a999b626a29d94e213fc114b8735dbd66e15de2
-  data.tar.gz: 2060ce124965f5daee3a3f46f3827842bd3efd3996a71a16a82071b0c85b064051619ba69c1f916c7b70d657b29cd94c2e00ce9253ba32da367f98f0bd57e811
+  metadata.gz: 34e95ab70102f30b04fb9f538a5773b927773be82e9d350374e50d743bbcc02186d66b71506198cde59e169ad0fbaf291ca15e43aeac1b6bb676bf993de668d5
+  data.tar.gz: 0b3ad53ed8e1d27d06f11bd9d8f07f197e2a60e902fdba4d7cb1c8014eeac7c3cbc5af2f34b359fb6f60fbd005795cfdcc58185144b8e2ca5a8ca18a767182c6

data/CHANGELOG.markdown

@@ -2,6 +2,35 @@
 
 ## master (unreleased)
 
+## 4.0.3
+
+* [#291](https://github.com/rails/web-console/pull/291) Deprecate config.web_console.whitelisted_ips ([@JuanitoFatas])
+* [#290](https://github.com/rails/web-console/pull/290) Fix Content-Length for rack >= 2.1.0 ([@p8])
+
+## 4.0.2
+
+* [#285](https://github.com/rails/web-console/pull/285) Increase timeout on paste ([@celvro])
+
+## 4.0.1
+
+* [#279](https://github.com/rails/web-console/pull/279) Fix initial config.web_console.permissions value ([@patorash])
+
+## 4.0.0
+
+* [61ce65b5](https://github.com/rails/web-console/commit/61ce65b599f56809de1bd8da6590a80acbd92017) Move to config.web_console.permissions ([@gsamokovarov])
+* [96127ac1](https://github.com/rails/web-console/commit/96127aac143e1e653fffdc4bb65e1ce0b5ff342d) Introduce Binding#console as an alternative interface ([@gsamokovarov])
+* [d4591ca5](https://github.com/rails/web-console/commit/d4591ca5396ed15a08818f3da11134852a485b27) Introduce Rails 6 support ([@gsamokovarov])
+* [f97d8a88](https://github.com/rails/web-console/commit/f97d8a889a38366485e5c5e8985995c19bf61d13) Introduce Ruby 2.6 support ([@gsamokovarov])
+* [d6deacd9](https://github.com/rails/web-console/commit/d6deacd9d5fcaabf3e3051d6985b53f924f86956) Drop Rails 5 support ([@gsamokovarov])
+* [90fda878](https://github.com/rails/web-console/commit/90fda8789d402f05647c18f8cdf8e5c3d01692dd) Drop Ruby 2.4 support ([@gsamokovarov])
+* [#265](https://github.com/rails/web-console/pull/265) Add support for nested exceptions ([@yuki24])
+
+## 3.7.0
+
+* [#263](https://github.com/rails/web-console/pull/263) Show binding changes ([@causztic])
+* [#258](https://github.com/rails/web-console/pull/258) Support Ctrl-A, Ctrl-W and Ctrl-U ([@gsamokovarov])
+* [#257](https://github.com/rails/web-console/pull/257) Always try to keep the console underneath the website content ([@gsamokovarov])
+
 ## 3.6.2
 
 * [#255](https://github.com/rails/web-console/pull/255) Fix the truncated HTML body, because of wrong Content-Length header ([@timomeh])
@@ -131,3 +160,9 @@ go to 3.1.0 instead.
 [@ybart]: https://github.com/ybart
 [@fl0l0u]: https://github.com/fl0l0u
 [@timomeh]: https://github.com/timomeh
+[@causztic]: https://github.com/causztic
+[@yuki24]: https://github.com/yuki24
+[@patorash]: https://github.com/patorash
+[@celvro]: https://github.com/celvro
+[@JuanitoFatas]: https://github.com/JuanitoFatas
+[@p8]: https://github.com/p8

data/README.markdown

@@ -16,7 +16,7 @@ _Web Console_ is a debugging tool for your Ruby on Rails applications.
 
 ## Installation
 
-Add the following to your `Gemfile`.
+Add the following to your `Gemfile`:
 
 ```ruby
 group :development do
@@ -27,8 +27,8 @@ end
 ## Usage
 
 The web console allows you to create an interactive Ruby session in your
-browser. Those sessions are launched automatically in case of an error, but
-they can also be launched manually in any page.
+browser. Those sessions are launched automatically in case of an error and can
+also be launched manually in any page.
 
 For example, calling `console` in a view will display a console in the current
 page in the context of the view binding.
@@ -56,30 +56,30 @@ have multiple ones, `WebConsole::DoubleRenderError` will be raised.
 
 ## Configuration
 
-_Web Console_ allows you to execute arbitrary code on the server, so you
-should be very careful, who you give access to.
+_Web Console_ allows you to execute arbitrary code on the server. Therefore, be
+very careful who you give access to.
 
-### config.web_console.whitelisted_ips
+### config.web_console.permissions
 
 By default, only requests coming from IPv4 and IPv6 localhosts are allowed.
 
-`config.web_console.whitelisted_ips` lets you control which IP's have access to
+`config.web_console.permissions` lets you control which IP's have access to
 the console.
 
-You can whitelist single IP's or whole networks. Say you want to share your
-console with `192.168.0.100`. You can do this:
+You can allow single IP's or whole networks. Say you want to share your
+console with `192.168.0.100`:
 
 ```ruby
 class Application < Rails::Application
-  config.web_console.whitelisted_ips = '192.168.0.100'
+  config.web_console.permissions = '192.168.0.100'
 end
 ```
 
-If you want to whitelist the whole private network, you can do:
+If you want to allow the whole private network:
 
 ```ruby
 Rails.application.configure do
-  config.web_console.whitelisted_ips = '192.168.0.0/16'
+  config.web_console.permissions = '192.168.0.0/16'
 end
 ```
 
@@ -88,13 +88,13 @@ case in 2.0.
 
 ### config.web_console.whiny_requests
 
-When a console cannot be shown for a given IP address or content type, a
-messages like the following is printed in the server logs:
+When a console cannot be shown for a given IP address or content type,
+messages such as the following is printed in the server logs:
 
 > Cannot render console from 192.168.1.133! Allowed networks:
 > 127.0.0.0/127.255.255.255, ::1
 
-If you don't wanna see this message anymore, set this option to `false`:
+If you don't want to see this message anymore, set this option to `false`:
 
 ```ruby
 Rails.application.configure do
@@ -104,7 +104,7 @@ end
 
 ### config.web_console.template_paths
 
-If you wanna style the console yourself, you can place `style.css` at a
+If you want to style the console yourself, then you can place `style.css` at a
 directory pointed by `config.web_console.template_paths`:
 
 ```ruby
@@ -113,14 +113,14 @@ Rails.application.configure do
 end
 ```
 
-You may wanna check the [templates] folder at the source tree for the files you
+You may want to check the [templates] folder at the source tree for the files you
 may override.
 
 ### config.web_console.mount_point
 
 Usually the middleware of _Web Console_ is mounted at `/__web_console`.
-If you wanna change the path for some reasons, you can specify it
-by `config.web_console.mount_point`:
+If there is a need to change the path, then you can specify it by
+`config.web_console.mount_point`:
 
 ```ruby
 Rails.application.configure do
@@ -132,26 +132,31 @@ end
 
 ### Where did /console go?
 
-The remote terminal emulator was extracted in its own gem that is no longer
+The remote terminal emulator was extracted in its own gem which is no longer
 bundled with _Web Console_.
 
 If you miss this feature, check out [rvt].
 
-### Why I constantly get unavailable session errors?
+### Why do I constantly get unavailable session errors?
 
 All of _Web Console_ sessions are stored in memory. If you happen to run on a
-multi-process server (like Unicorn) you may get unavailable session errors
+multi-process server (like Unicorn), you may encounter unavailable session errors
 while the server is still running. This is because a request may hit a
 different worker (process) that doesn't have the desired session in memory.
 To avoid that, if you use such servers in development, configure them so they
-server requests only out of one process.
+serve requests only out of one process.
+
+#### Passenger
+
+Enable sticky sessions for [Passenger on Nginx] or [Passenger on Apache] to
+prevent unavailable session errors.
 
 ### How to inspect local and instance variables?
 
 The interactive console executes Ruby code. Invoking `instance_variables` and
 `local_variables` will give you what you want.
 
-### Why does console only appear on error pages but not when I call it?
+### Why does the console only appear on error pages but not when I call it?
 
 This can be happening if you are using `Rack::Deflater`. Be sure that
 `WebConsole::Middleware` is used after `Rack::Deflater`. The easiest way to do
@@ -163,7 +168,7 @@ Rails.application.configure do
 end
 ```
 
-### Why I'm getting an undefined method `web_console`?
+### Why am I getting an undefined method `web_console`?
 
 Make sure your configuration lives in `config/environments/development.rb`.
 
@@ -183,3 +188,5 @@ Make sure your configuration lives in `config/environments/development.rb`.
 [templates]: https://github.com/rails/web-console/tree/master/lib/web_console/templates
 [rvt]: https://github.com/gsamokovarov/rvt
 [contributors]: https://github.com/rails/web-console/graphs/contributors
+[Passenger on Nginx]: https://www.phusionpassenger.com/library/config/nginx/reference/#passengerstickysessions
+[Passenger on Apache]: https://www.phusionpassenger.com/library/config/apache/reference/#passengerstickysessions

data/lib/web_console.rb

@@ -11,12 +11,14 @@ module WebConsole
   autoload :ExceptionMapper
   autoload :Session
   autoload :Injector
+  autoload :Interceptor
   autoload :Request
   autoload :WhinyRequest
-  autoload :Whitelist
+  autoload :Permissions
   autoload :Template
   autoload :Middleware
   autoload :Context
+  autoload :SourceLocation
 
   autoload_at "web_console/errors" do
     autoload :Error

data/lib/web_console/evaluator.rb

@@ -8,9 +8,11 @@ module WebConsole
   # return a string and will format exception output.
   class Evaluator
     # Cleanses exceptions raised inside #eval.
-    cattr_reader :cleaner
-    @@cleaner = ActiveSupport::BacktraceCleaner.new
-    @@cleaner.add_silencer { |line| line.start_with?(File.expand_path("..", __FILE__)) }
+    cattr_reader :cleaner, default: begin
+      cleaner = ActiveSupport::BacktraceCleaner.new
+      cleaner.add_silencer { |line| line.start_with?(File.expand_path("..", __FILE__)) }
+      cleaner
+    end
 
     def initialize(binding = TOPLEVEL_BINDING)
       @binding = binding

data/lib/web_console/exception_mapper.rb

@@ -2,9 +2,28 @@
 
 module WebConsole
   class ExceptionMapper
+    attr_reader :exc
+
+    def self.follow(exc)
+      mappers = [new(exc)]
+
+      while cause = (cause || exc).cause
+        mappers << new(cause)
+      end
+
+      mappers
+    end
+
+    def self.find_binding(mappers, exception_object_id)
+      mappers.detect do |exception_mapper|
+        exception_mapper.exc.object_id == exception_object_id.to_i
+      end || mappers.first
+    end
+
     def initialize(exception)
       @backtrace = exception.backtrace
       @bindings = exception.bindings
+      @exc = exception
     end
 
     def first
@@ -22,13 +41,15 @@ module WebConsole
         line = line.to_i
 
         @bindings.find do |binding|
-          binding.eval("__FILE__") == file && binding.eval("__LINE__") == line
+          source_location = SourceLocation.new(binding)
+          source_location.path == file && source_location.lineno == line
         end
       end
 
       def guess_the_first_application_binding
         @bindings.find do |binding|
-          binding.eval("__FILE__").to_s.start_with?(Rails.root.to_s)
+          source_location = SourceLocation.new(binding)
+          source_location.path.to_s.start_with?(Rails.root.to_s)
         end
       end
   end

data/lib/web_console/extensions.rb

@@ -8,8 +8,8 @@ module Kernel
   # If +binding+ isn't explicitly given it will default to the binding of the
   # previous frame. E.g. the one that invoked +console+.
   #
-  # Raises DoubleRenderError if a double +console+ invocation per request is
-  # detected.
+  # Raises +DoubleRenderError+ if a more than one +console+ invocation per
+  # request is detected.
   def console(binding = Bindex.current_bindings.second)
     raise WebConsole::DoubleRenderError if Thread.current[:__web_console_binding]
 
@@ -22,26 +22,13 @@ module Kernel
   end
 end
 
-module ActionDispatch
-  class DebugExceptions
-    def render_exception_with_web_console(request, exception)
-      render_exception_without_web_console(request, exception).tap do
-        backtrace_cleaner = request.get_header("action_dispatch.backtrace_cleaner")
-        error = ExceptionWrapper.new(backtrace_cleaner, exception).exception
-
-        # Get the original exception if ExceptionWrapper decides to follow it.
-        Thread.current[:__web_console_exception] = error
-
-        # ActionView::Template::Error bypass ExceptionWrapper original
-        # exception following. The backtrace in the view is generated from
-        # reaching out to original_exception in the view.
-        if error.is_a?(ActionView::Template::Error)
-          Thread.current[:__web_console_exception] = error.cause
-        end
-      end
-    end
-
-    alias_method :render_exception_without_web_console, :render_exception
-    alias_method :render_exception, :render_exception_with_web_console
+class Binding
+  # Instructs Web Console to render a console in the current binding, without
+  # the need to unroll the stack.
+  #
+  # Raises +DoubleRenderError+ if a more than one +console+ invocation per
+  # request is detected.
+  def console
+    Kernel.console(self)
   end
 end

data/lib/web_console/injector.rb

@@ -13,9 +13,11 @@ module WebConsole
     end
 
     def inject(content)
-      # Remove any previously set Content-Length header because we modify
-      # the body. Otherwise the response will be truncated.
-      @headers.delete("Content-Length")
+      # Set Content-Length header to the size of the current body
+      # + the extra content. Otherwise the response will be truncated.
+      if @headers["Content-Length"]
+        @headers["Content-Length"] = @body.bytesize + content.bytesize
+      end
 
       [
         if position = @body.rindex("</body>")

data/lib/web_console/interceptor.rb

@@ -0,0 +1,18 @@
+module WebConsole
+  module Interceptor
+    def self.call(request, exception)
+      backtrace_cleaner = request.get_header("action_dispatch.backtrace_cleaner")
+      error = ActionDispatch::ExceptionWrapper.new(backtrace_cleaner, exception).exception
+
+      # Get the original exception if ExceptionWrapper decides to follow it.
+      Thread.current[:__web_console_exception] = error
+
+      # ActionView::Template::Error bypass ExceptionWrapper original
+      # exception following. The backtrace in the view is generated from
+      # reaching out to original_exception in the view.
+      if error.is_a?(ActionView::Template::Error)
+        Thread.current[:__web_console_exception] = error.cause
+      end
+    end
+  end
+end

data/lib/web_console/middleware.rb

@@ -6,11 +6,8 @@ module WebConsole
   class Middleware
     TEMPLATES_PATH = File.expand_path("../templates", __FILE__)
 
-    cattr_accessor :mount_point
-    @@mount_point = "/__web_console"
-
-    cattr_accessor :whiny_requests
-    @@whiny_requests = true
+    cattr_accessor :mount_point, default: "/__web_console"
+    cattr_accessor :whiny_requests, default: true
 
     def initialize(app)
       @app = app
@@ -19,7 +16,7 @@ module WebConsole
     def call(env)
       app_exception = catch :app_exception do
         request = create_regular_or_whiny_request(env)
-        return call_app(env) unless request.from_whitelisted_ip?
+        return call_app(env) unless request.permitted?
 
         if id = id_for_repl_session_update(request)
           return update_repl_session(id, request)
@@ -27,6 +24,7 @@ module WebConsole
           return change_stack_trace(id, request)
         end
 
+
         status, headers, body = call_app(env)
 
         if (session = Session.from(Thread.current)) && acceptable_content_type?(headers)
@@ -54,7 +52,7 @@ module WebConsole
     private
 
       def acceptable_content_type?(headers)
-        Mime::Type.parse(headers["Content-Type"].to_s).first == Mime[:html]
+        headers["Content-Type"].to_s.include?("html")
       end
 
       def json_response(opts = {})
@@ -66,7 +64,6 @@ module WebConsole
       end
 
       def json_response_with_session(id, request, opts = {})
-        return respond_with_unacceptable_request unless request.acceptable?
         return respond_with_unavailable_session(id) unless session = Session.find(id)
 
         json_response(opts) { yield session }
@@ -113,7 +110,7 @@ module WebConsole
 
       def change_stack_trace(id, request)
         json_response_with_session(id, request) do |session|
-          session.switch_binding_to(request.params[:frame_id])
+          session.switch_binding_to(request.params[:frame_id], request.params[:exception_object_id])
 
           { ok: true }
         end

data/lib/web_console/{whitelist.rb → permissions.rb}

@@ -3,20 +3,16 @@
 require "ipaddr"
 
 module WebConsole
-  # Whitelist of allowed networks that can access Web Console.
-  #
-  # Networks are represented by standard IPAddr and can be either IPv4 or IPv6
-  # networks.
-  class Whitelist
-    # IPv4 and IPv6 localhost should be always whitelisted.
-    ALWAYS_WHITELISTED_NETWORKS = %w( 127.0.0.0/8 ::1 )
+  class Permissions
+    # IPv4 and IPv6 localhost should be always allowed.
+    ALWAYS_PERMITTED_NETWORKS = %w( 127.0.0.0/8 ::1 )
 
     def initialize(networks = nil)
       @networks = normalize_networks(networks).map(&method(:coerce_network_to_ipaddr)).uniq
     end
 
     def include?(network)
-      @networks.any? { |whitelist| whitelist.include?(network.to_s) }
+      @networks.any? { |permission| permission.include?(network.to_s) }
     rescue IPAddr::InvalidAddressError
       false
     end
@@ -28,7 +24,7 @@ module WebConsole
     private
 
       def normalize_networks(networks)
-        Array(networks).concat(ALWAYS_WHITELISTED_NETWORKS)
+        Array(networks).concat(ALWAYS_PERMITTED_NETWORKS)
       end
 
       def coerce_network_to_ipaddr(network)