diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2005-06-21 07:02:30 +0000 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2005-06-21 07:02:30 +0000 |
| commit | 1e0d9a642ffe5db23086301d3eeed63f4b7bca68 (patch) | |
| tree | 7eb7cfa3b2f3d9fa7c41666007e30eea86fbed22 | |
| parent | 6c8d354b8d9ca2fa62d0e062fa6346673dd15dbf (diff) | |
| download | rails-1e0d9a642ffe5db23086301d3eeed63f4b7bca68.tar.gz rails-1e0d9a642ffe5db23086301d3eeed63f4b7bca68.tar.bz2 rails-1e0d9a642ffe5db23086301d3eeed63f4b7bca68.zip | |
Added :xhr => true/false option to verify so you can ensure that a request is coming from an Ajax call or not #1464 [Thomas Fuchs]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1463 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
| -rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
| -rwxr-xr-x | actionpack/lib/action_controller/request.rb | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_controller/verification.rb | 4 | ||||
| -rw-r--r-- | actionpack/test/controller/request_test.rb | 14 | ||||
| -rw-r--r-- | actionpack/test/controller/verification_test.rb | 34 |
5 files changed, 54 insertions, 2 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index cb5e692d59..cbfb3993bb 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Added :xhr => true/false option to verify so you can ensure that a request is coming from an Ajax call or not #1464 [Thomas Fuchs] + * Added tag_options as a third parameter to AssetHelper#auto_discovery_link_tag to control options like the title of the link #1430 [kevin.clark@gmail.com] * Added option to pass in parameters to CaptureHelper#capture, so you can create more advanced view helper methods #1466 [duane.johnson@gmail.com]. Example: diff --git a/actionpack/lib/action_controller/request.rb b/actionpack/lib/action_controller/request.rb index 73247d510a..5b4d337f47 100755 --- a/actionpack/lib/action_controller/request.rb +++ b/actionpack/lib/action_controller/request.rb @@ -65,7 +65,7 @@ module ActionController # "XMLHttpRequest". (The Prototype Javascript library sends this header with # every Ajax request.) def xml_http_request? - env['HTTP_X_REQUESTED_WITH'] =~ /XMLHttpRequest/i + !((env['HTTP_X_REQUESTED_WITH'] || "") =~ /XMLHttpRequest/i).nil? end alias xhr? :xml_http_request? diff --git a/actionpack/lib/action_controller/verification.rb b/actionpack/lib/action_controller/verification.rb index ec3c5fe26c..78918f800c 100644 --- a/actionpack/lib/action_controller/verification.rb +++ b/actionpack/lib/action_controller/verification.rb @@ -76,7 +76,9 @@ module ActionController #:nodoc: prereqs_invalid ||= [*options[:method]].all? { |v| @request.method != v.to_sym } end - + + prereqs_invalid ||= (request.xhr? != options[:xhr]) unless options[:xhr].nil? + if prereqs_invalid flash.update(options[:add_flash]) if options[:add_flash] unless performed? diff --git a/actionpack/test/controller/request_test.rb b/actionpack/test/controller/request_test.rb index dd7c9f9d84..8980ac7520 100644 --- a/actionpack/test/controller/request_test.rb +++ b/actionpack/test/controller/request_test.rb @@ -210,4 +210,18 @@ class RequestTest < Test::Unit::TestCase @request.env['SERVER_SOFTWARE'] = 'lighttpd(1.1.4)' assert_equal 'lighttpd', @request.server_software end + + def test_xml_http_request + assert !@request.xml_http_request? + assert !@request.xhr? + + @request.env['HTTP_X_REQUESTED_WITH'] = "DefinitelyNotAjax1.0" + assert !@request.xml_http_request? + assert !@request.xhr? + + @request.env['HTTP_X_REQUESTED_WITH'] = "XMLHttpRequest" + assert @request.xml_http_request? + assert @request.xhr? + end + end diff --git a/actionpack/test/controller/verification_test.rb b/actionpack/test/controller/verification_test.rb index d5741526ef..fc49d5da67 100644 --- a/actionpack/test/controller/verification_test.rb +++ b/actionpack/test/controller/verification_test.rb @@ -20,6 +20,12 @@ class VerificationTest < Test::Unit::TestCase verify :only => :guarded_by_method, :method => :post, :redirect_to => { :action => "unguarded" } + + verify :only => :guarded_by_xhr, :xhr => true, + :redirect_to => { :action => "unguarded" } + + verify :only => :guarded_by_not_xhr, :xhr => false, + :redirect_to => { :action => "unguarded" } before_filter :unconditional_redirect, :only => :two_redirects verify :only => :two_redirects, :method => :post, @@ -54,6 +60,14 @@ class VerificationTest < Test::Unit::TestCase def guarded_by_method render :text => "#{@request.method}" end + + def guarded_by_xhr + render :text => "#{@request.xhr?}" + end + + def guarded_by_not_xhr + render :text => "#{@request.xhr?}" + end def unguarded render :text => "#{@params["one"]}" @@ -173,6 +187,26 @@ class VerificationTest < Test::Unit::TestCase assert_redirected_to :action => "unguarded" end + def test_guarded_by_xhr_with_prereqs + xhr :post, :guarded_by_xhr + assert_equal "true", @response.body + end + + def test_guarded_by_xhr_without_prereqs + get :guarded_by_xhr + assert_redirected_to :action => "unguarded" + end + + def test_guarded_by_not_xhr_with_prereqs + get :guarded_by_not_xhr + assert_equal "false", @response.body + end + + def test_guarded_by_not_xhr_without_prereqs + xhr :post, :guarded_by_not_xhr + assert_redirected_to :action => "unguarded" + end + def test_guarded_post_and_calls_render post :must_be_post assert_equal "Was a post!", @response.body |