aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
diff options
context:
space:
mode:
authorCarl Lerche & Yehuda Katz <wycats@gmail.com>2009-04-13 15:18:45 -0700
committerCarl Lerche & Yehuda Katz <wycats@gmail.com>2009-04-13 15:18:45 -0700
commit906aebceedb95d8caa6db6314bc90f605bdfaf2b (patch)
tree5abc86bb6709b20df7cb5f4d1750b27c641dca4b /actionpack/lib
parent2036d3ba75da1a0f3061bf5a33c89e2b2eaff420 (diff)
parentc877857d59554d78dbf45f5f9fcaafb8badec4e2 (diff)
downloadrails-906aebceedb95d8caa6db6314bc90f605bdfaf2b.tar.gz
rails-906aebceedb95d8caa6db6314bc90f605bdfaf2b.tar.bz2
rails-906aebceedb95d8caa6db6314bc90f605bdfaf2b.zip
Bring abstract_controller up to date with rails/master
Resolved all the conflicts since 2.3.0 -> HEAD. Following is a list of commits that could not be applied cleanly or are obviated with the abstract_controller refactor. They all need to be revisited to ensure that fixes made in 2.3 do not reappear in 3.0: 2259ecf368e6a6715966f69216e3ee86bf1a82a7 AR not available * This will be reimplemented with ActionORM or equivalent 06182ea02e92afad579998aa80144588e8865ac3 implicitly rendering a js response should not use the default layout [#1844 state:resolved] * This will be handled generically 893e9eb99504705419ad6edac14d00e71cef5f12 Improve view rendering performance in development mode and reinstate template recompiling in production [#1909 state:resolved] * We will need to reimplement rails-dev-boost on top of the refactor; the changes here are very implementation specific and cannot be cleanly applied. The following commits are implicated: 199e750d46c04970b5e7684998d09405648ecbd4 3942cb406e1d5db0ac00e03153809cc8dc4cc4db f8ea9f85d4f1e3e6f3b5d895bef6b013aa4b0690 e3b166aab37ddc2fbab030b146eb61713b91bf55 ae9f258e03c9fd5088da12c1c6cd216cc89a01f7 44423126c6f6133a1d9cf1d0832b527e8711d40f 0cb020b4d6d838025859bd60fb8151c8e21b8e84 workaround for picking layouts based on wrong view_paths [#1974 state:resolved] * The specifics of this commit no longer apply. Since it is a two-line commit, we will reimplement this change. 8c5cc66a831aadb159f3daaffa4208064c30af0e make action_controller/layouts pick templates from the current instance's view_paths instead of the class view_paths [#1974 state:resolved] * This does not apply at all. It should be trivial to apply the feature to the reimplemented ActionController::Base. 87e8b162463f13bd50d27398f020769460a770e3 fix HTML fallback for explicit templates [#2052 state:resolved] * There were a number of patches related to this that simply compounded each other. Basically none of them apply cleanly, and the underlying issue needs to be revisited. After discussing the underlying problem with Koz, we will defer these fixes for further discussion.
Diffstat (limited to 'actionpack/lib')
-rw-r--r--actionpack/lib/action_controller.rb11
-rw-r--r--actionpack/lib/action_controller/base/base.rb50
-rw-r--r--actionpack/lib/action_controller/base/cookies.rb2
-rw-r--r--actionpack/lib/action_controller/base/http_authentication.rb72
-rw-r--r--actionpack/lib/action_controller/base/redirect.rb2
-rw-r--r--actionpack/lib/action_controller/base/render.rb18
-rw-r--r--actionpack/lib/action_controller/base/responder.rb1
-rw-r--r--actionpack/lib/action_controller/base/streaming.rb16
-rw-r--r--actionpack/lib/action_controller/base/verification.rb2
-rw-r--r--actionpack/lib/action_controller/caching.rb1
-rw-r--r--actionpack/lib/action_controller/caching/actions.rb27
-rw-r--r--actionpack/lib/action_controller/cgi/process.rb5
-rw-r--r--actionpack/lib/action_controller/dispatch/dispatcher.rb52
-rw-r--r--actionpack/lib/action_controller/dispatch/middlewares.rb14
-rw-r--r--actionpack/lib/action_controller/dispatch/rescue.rb16
-rw-r--r--actionpack/lib/action_controller/reloader.rb14
-rw-r--r--actionpack/lib/action_controller/routing.rb2
-rw-r--r--actionpack/lib/action_controller/routing/builder.rb3
-rw-r--r--actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb7
-rw-r--r--actionpack/lib/action_controller/routing/generation/url_rewriter.rb22
-rw-r--r--actionpack/lib/action_controller/routing/recognition_optimisation.rb1
-rw-r--r--actionpack/lib/action_controller/routing/resources.rb50
-rw-r--r--actionpack/lib/action_controller/routing/segments.rb46
-rw-r--r--actionpack/lib/action_controller/testing/integration.rb25
-rw-r--r--actionpack/lib/action_controller/testing/process.rb22
-rw-r--r--actionpack/lib/action_controller/testing/test_case.rb13
-rw-r--r--actionpack/lib/action_controller/vendor/html-scanner/html/selector.rb2
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack.rb89
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/adapter/camping.rb22
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/handler.rb37
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/request.rb37
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/basic.rb58
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/md5.rb124
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/nonce.rb51
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/params.rb55
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/request.rb40
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/openid.rb480
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/builder.rb63
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/cascade.rb36
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/chunked.rb49
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/commonlogger.rb61
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/conditionalget.rb45
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/content_length.rb29
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/content_type.rb23
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/deflater.rb85
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/directory.rb153
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/file.rb88
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler.rb48
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/cgi.rb61
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/evented_mongrel.rb8
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/fastcgi.rb89
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/lsws.rb55
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/mongrel.rb84
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/scgi.rb59
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/swiftiplied_mongrel.rb8
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/thin.rb18
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/webrick.rb67
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/head.rb19
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/lint.rb462
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/lobster.rb65
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/lock.rb16
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/methodoverride.rb27
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/mime.rb204
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/mock.rb160
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/recursive.rb57
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/reloader.rb64
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/request.rb241
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/response.rb179
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/session/abstract/id.rb142
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/session/cookie.rb91
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/session/memcache.rb109
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/session/pool.rb100
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/showexceptions.rb349
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/showstatus.rb106
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/static.rb38
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/urlmap.rb55
-rw-r--r--actionpack/lib/action_controller/vendor/rack-1.0/rack/utils.rb392
-rwxr-xr-xactionpack/lib/action_dispatch/http/request.rb34
-rw-r--r--actionpack/lib/action_dispatch/http/response.rb80
-rw-r--r--actionpack/lib/action_dispatch/middleware/session/abstract_store.rb61
-rw-r--r--actionpack/lib/action_dispatch/middleware/session/cookie_store.rb13
-rw-r--r--actionpack/lib/action_dispatch/rack.rb6
-rw-r--r--actionpack/lib/action_dispatch/rack/lock.rb21
-rw-r--r--actionpack/lib/action_dispatch/rack/multipart.rb22
-rw-r--r--actionpack/lib/action_dispatch/rack/parse_query.rb18
-rw-r--r--actionpack/lib/action_dispatch/utils/middleware_stack.rb16
-rw-r--r--actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb155
-rw-r--r--actionpack/lib/action_pack/version.rb2
-rw-r--r--actionpack/lib/action_view/base.rb33
-rw-r--r--actionpack/lib/action_view/helpers/active_record_helper.rb6
-rw-r--r--actionpack/lib/action_view/helpers/asset_tag_helper.rb3
-rw-r--r--actionpack/lib/action_view/helpers/atom_feed_helper.rb2
-rw-r--r--actionpack/lib/action_view/helpers/capture_helper.rb8
-rw-r--r--actionpack/lib/action_view/helpers/date_helper.rb6
-rw-r--r--actionpack/lib/action_view/helpers/form_helper.rb384
-rw-r--r--actionpack/lib/action_view/helpers/form_options_helper.rb107
-rw-r--r--actionpack/lib/action_view/helpers/form_tag_helper.rb4
-rw-r--r--actionpack/lib/action_view/helpers/number_helper.rb6
-rw-r--r--actionpack/lib/action_view/helpers/prototype_helper.rb2
-rw-r--r--actionpack/lib/action_view/helpers/text_helper.rb13
-rw-r--r--actionpack/lib/action_view/helpers/translation_helper.rb20
-rw-r--r--actionpack/lib/action_view/helpers/url_helper.rb27
-rw-r--r--actionpack/lib/action_view/paths.rb16
-rw-r--r--actionpack/lib/action_view/render/rendering.rb25
-rw-r--r--actionpack/lib/action_view/template/renderable.rb2
-rw-r--r--actionpack/lib/action_view/template/template.rb55
106 files changed, 6000 insertions, 641 deletions
diff --git a/actionpack/lib/action_controller.rb b/actionpack/lib/action_controller.rb
index eb596ba40e..e435bdbae1 100644
--- a/actionpack/lib/action_controller.rb
+++ b/actionpack/lib/action_controller.rb
@@ -32,6 +32,13 @@ rescue LoadError
end
require File.join(File.dirname(__FILE__), "action_pack")
+$:.unshift "#{File.dirname(__FILE__)}/action_controller/vendor/rack-1.0"
+begin
+ gem 'rack', '~> 1.0.0'
+ require 'rack'
+rescue Gem::LoadError
+ require 'action_controller/vendor/rack-1.0/rack'
+end
module ActionController
# TODO: Review explicit to see if they will automatically be handled by
@@ -57,6 +64,7 @@ module ActionController
autoload :PolymorphicRoutes, 'action_controller/routing/generation/polymorphic_routes'
autoload :RecordIdentifier, 'action_controller/record_identifier'
autoload :Redirector, 'action_controller/base/redirect'
+ autoload :Reloader, 'action_controller/reloader'
autoload :Renderer, 'action_controller/base/render'
autoload :RequestForgeryProtection, 'action_controller/base/request_forgery_protection'
autoload :Rescue, 'action_controller/dispatch/rescue'
@@ -72,6 +80,9 @@ module ActionController
autoload :UrlRewriter, 'action_controller/routing/generation/url_rewriter'
autoload :UrlWriter, 'action_controller/routing/generation/url_rewriter'
autoload :Verification, 'action_controller/base/verification'
+ autoload :UploadedFile, 'action_dispatch/utils/uploaded_file'
+ autoload :UploadedStringIO, 'action_dispatch/utils/uploaded_file'
+ autoload :UploadedTempfile, 'action_dispatch/utils/uploaded_file'
module Assertions
autoload :DomAssertions, 'action_controller/testing/assertions/dom'
diff --git a/actionpack/lib/action_controller/base/base.rb b/actionpack/lib/action_controller/base/base.rb
index 7a745ea040..aea434ffa0 100644
--- a/actionpack/lib/action_controller/base/base.rb
+++ b/actionpack/lib/action_controller/base/base.rb
@@ -22,7 +22,7 @@ module ActionController #:nodoc:
attr_reader :allowed_methods
def initialize(*allowed_methods)
- super("Only #{allowed_methods.to_sentence} requests are allowed.")
+ super("Only #{allowed_methods.to_sentence(:locale => :en)} requests are allowed.")
@allowed_methods = allowed_methods
end
@@ -394,7 +394,7 @@ module ActionController #:nodoc:
# Return an array containing the names of public methods that have been marked hidden from the action processor.
# By default, all methods defined in ActionController::Base and included modules are hidden.
- # More methods can be hidden using <tt>hide_actions</tt>.
+ # More methods can be hidden using <tt>hide_action</tt>.
def hidden_actions
read_inheritable_attribute(:hidden_actions) || write_inheritable_attribute(:hidden_actions, [])
end
@@ -690,6 +690,11 @@ module ActionController #:nodoc:
# request is considered stale and should be generated from scratch. Otherwise,
# it's fresh and we don't need to generate anything and a reply of "304 Not Modified" is sent.
#
+ # Parameters:
+ # * <tt>:etag</tt>
+ # * <tt>:last_modified</tt>
+ # * <tt>:public</tt> By default the Cache-Control header is private, set this to true if you want your application to be cachable by other devices (proxy caches).
+ #
# Example:
#
# def show
@@ -710,20 +715,34 @@ module ActionController #:nodoc:
# Sets the etag, last_modified, or both on the response and renders a
# "304 Not Modified" response if the request is already fresh.
#
+ # Parameters:
+ # * <tt>:etag</tt>
+ # * <tt>:last_modified</tt>
+ # * <tt>:public</tt> By default the Cache-Control header is private, set this to true if you want your application to be cachable by other devices (proxy caches).
+ #
# Example:
#
# def show
# @article = Article.find(params[:id])
- # fresh_when(:etag => @article, :last_modified => @article.created_at.utc)
+ # fresh_when(:etag => @article, :last_modified => @article.created_at.utc, :public => true)
# end
#
# This will render the show template if the request isn't sending a matching etag or
# If-Modified-Since header and just a "304 Not Modified" response if there's a match.
+ #
def fresh_when(options)
- options.assert_valid_keys(:etag, :last_modified)
+ options.assert_valid_keys(:etag, :last_modified, :public)
response.etag = options[:etag] if options[:etag]
response.last_modified = options[:last_modified] if options[:last_modified]
+
+ if options[:public]
+ cache_control = response.headers["Cache-Control"].split(",").map {|k| k.strip }
+ cache_control.delete("private")
+ cache_control.delete("no-cache")
+ cache_control << "public"
+ response.headers["Cache-Control"] = cache_control.join(', ')
+ end
if request.fresh?(response)
head :not_modified
@@ -735,15 +754,26 @@ module ActionController #:nodoc:
#
# Examples:
# expires_in 20.minutes
- # expires_in 3.hours, :private => false
- # expires in 3.hours, 'max-stale' => 5.hours, :private => nil, :public => true
+ # expires_in 3.hours, :public => true
+ # expires in 3.hours, 'max-stale' => 5.hours, :public => true
#
# This method will overwrite an existing Cache-Control header.
# See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html for more possibilities.
def expires_in(seconds, options = {}) #:doc:
- cache_options = { 'max-age' => seconds, 'private' => true }.symbolize_keys.merge!(options.symbolize_keys)
- cache_options.delete_if { |k,v| v.nil? or v == false }
- cache_control = cache_options.map{ |k,v| v == true ? k.to_s : "#{k.to_s}=#{v.to_s}"}
+ cache_control = response.headers["Cache-Control"].split(",").map {|k| k.strip }
+
+ cache_control << "max-age=#{seconds}"
+ cache_control.delete("no-cache")
+ if options[:public]
+ cache_control.delete("private")
+ cache_control << "public"
+ else
+ cache_control << "private"
+ end
+
+ # This allows for additional headers to be passed through like 'max-stale' => 5.hours
+ cache_control += options.symbolize_keys.reject{|k,v| k == :public || k == :private }.map{ |k,v| v == true ? k.to_s : "#{k.to_s}=#{v.to_s}"}
+
response.headers["Cache-Control"] = cache_control.join(', ')
end
@@ -839,6 +869,7 @@ module ActionController #:nodoc:
end
end
+ # Returns true if a render or redirect has already been performed.
def performed?
@performed_render || @performed_redirect
end
@@ -857,6 +888,7 @@ module ActionController #:nodoc:
@request_origin ||= "#{request.remote_ip} at #{Time.now.to_s(:db)}"
end
+ # Returns the request URI used to get to the current location
def complete_request_uri
"#{request.protocol}#{request.host}#{request.request_uri}"
end
diff --git a/actionpack/lib/action_controller/base/cookies.rb b/actionpack/lib/action_controller/base/cookies.rb
index 840ceb5abd..ca380e98d0 100644
--- a/actionpack/lib/action_controller/base/cookies.rb
+++ b/actionpack/lib/action_controller/base/cookies.rb
@@ -41,7 +41,7 @@ module ActionController #:nodoc:
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
# Default is +false+.
- # * <tt>:http_only</tt> - Whether this cookie is accessible via scripting or
+ # * <tt>:httponly</tt> - Whether this cookie is accessible via scripting or
# only HTTP. Defaults to +false+.
module Cookies
def self.included(base)
diff --git a/actionpack/lib/action_controller/base/http_authentication.rb b/actionpack/lib/action_controller/base/http_authentication.rb
index 5d915fda08..b6b5267c66 100644
--- a/actionpack/lib/action_controller/base/http_authentication.rb
+++ b/actionpack/lib/action_controller/base/http_authentication.rb
@@ -68,8 +68,11 @@ module ActionController
#
# Simple Digest example:
#
+ # require 'digest/md5'
# class PostsController < ApplicationController
- # USERS = {"dhh" => "secret"}
+ # REALM = "SuperSecret"
+ # USERS = {"dhh" => "secret", #plain text password
+ # "dap" => Digest:MD5::hexdigest(["dap",REALM,"secret"].join(":")) #ha1 digest password
#
# before_filter :authenticate, :except => [:index]
#
@@ -83,14 +86,18 @@ module ActionController
#
# private
# def authenticate
- # authenticate_or_request_with_http_digest(realm) do |username|
+ # authenticate_or_request_with_http_digest(REALM) do |username|
# USERS[username]
# end
# end
# end
#
- # NOTE: The +authenticate_or_request_with_http_digest+ block must return the user's password so the framework can appropriately
- # hash it to check the user's credentials. Returning +nil+ will cause authentication to fail.
+ # NOTE: The +authenticate_or_request_with_http_digest+ block must return the user's password or the ha1 digest hash so the framework can appropriately
+ # hash to check the user's credentials. Returning +nil+ will cause authentication to fail.
+ # Storing the ha1 hash: MD5(username:realm:password), is better than storing a plain password. If
+ # the password file or database is compromised, the attacker would be able to use the ha1 hash to
+ # authenticate as the user at this +realm+, but would not have the user's password to try using at
+ # other sites.
#
# On shared hosts, Apache sometimes doesn't pass authentication headers to
# FCGI instances. If your environment matches this description and you cannot
@@ -177,26 +184,37 @@ module ActionController
end
# Raises error unless the request credentials response value matches the expected value.
+ # First try the password as a ha1 digest password. If this fails, then try it as a plain
+ # text password.
def validate_digest_response(request, realm, &password_procedure)
credentials = decode_credentials_header(request)
valid_nonce = validate_nonce(request, credentials[:nonce])
- if valid_nonce && realm == credentials[:realm] && opaque(request.session.session_id) == credentials[:opaque]
+ if valid_nonce && realm == credentials[:realm] && opaque == credentials[:opaque]
password = password_procedure.call(credentials[:username])
- expected = expected_response(request.env['REQUEST_METHOD'], request.url, credentials, password)
- expected == credentials[:response]
+
+ [true, false].any? do |password_is_ha1|
+ expected = expected_response(request.env['REQUEST_METHOD'], request.env['REQUEST_URI'], credentials, password, password_is_ha1)
+ expected == credentials[:response]
+ end
end
end
# Returns the expected response for a request of +http_method+ to +uri+ with the decoded +credentials+ and the expected +password+
- def expected_response(http_method, uri, credentials, password)
- ha1 = ::Digest::MD5.hexdigest([credentials[:username], credentials[:realm], password].join(':'))
+ # Optional parameter +password_is_ha1+ is set to +true+ by default, since best practice is to store ha1 digest instead
+ # of a plain-text password.
+ def expected_response(http_method, uri, credentials, password, password_is_ha1=true)
+ ha1 = password_is_ha1 ? password : ha1(credentials, password)
ha2 = ::Digest::MD5.hexdigest([http_method.to_s.upcase, uri].join(':'))
::Digest::MD5.hexdigest([ha1, credentials[:nonce], credentials[:nc], credentials[:cnonce], credentials[:qop], ha2].join(':'))
end
- def encode_credentials(http_method, credentials, password)
- credentials[:response] = expected_response(http_method, credentials[:uri], credentials, password)
+ def ha1(credentials, password)
+ ::Digest::MD5.hexdigest([credentials[:username], credentials[:realm], password].join(':'))
+ end
+
+ def encode_credentials(http_method, credentials, password, password_is_ha1)
+ credentials[:response] = expected_response(http_method, credentials[:uri], credentials, password, password_is_ha1)
"Digest " + credentials.sort_by {|x| x[0].to_s }.inject([]) {|a, v| a << "#{v[0]}='#{v[1]}'" }.join(', ')
end
@@ -213,8 +231,7 @@ module ActionController
end
def authentication_header(controller, realm)
- session_id = controller.request.session.session_id
- controller.headers["WWW-Authenticate"] = %(Digest realm="#{realm}", qop="auth", algorithm=MD5, nonce="#{nonce(session_id)}", opaque="#{opaque(session_id)}")
+ controller.headers["WWW-Authenticate"] = %(Digest realm="#{realm}", qop="auth", algorithm=MD5, nonce="#{nonce}", opaque="#{opaque}")
end
def authentication_request(controller, realm, message = nil)
@@ -252,23 +269,36 @@ module ActionController
# POST or PUT requests and a time-stamp for GET requests. For more details on the issues involved see Section 4
# of this document.
#
- # The nonce is opaque to the client.
- def nonce(session_id, time = Time.now)
+ # The nonce is opaque to the client. Composed of Time, and hash of Time with secret
+ # key from the Rails session secret generated upon creation of project. Ensures
+ # the time cannot be modifed by client.
+ def nonce(time = Time.now)
t = time.to_i
- hashed = [t, session_id]
+ hashed = [t, secret_key]
digest = ::Digest::MD5.hexdigest(hashed.join(":"))
Base64.encode64("#{t}:#{digest}").gsub("\n", '')
end
- def validate_nonce(request, value)
+ # Might want a shorter timeout depending on whether the request
+ # is a PUT or POST, and if client is browser or web service.
+ # Can be much shorter if the Stale directive is implemented. This would
+ # allow a user to use new nonce without prompting user again for their
+ # username and password.
+ def validate_nonce(request, value, seconds_to_timeout=5*60)
t = Base64.decode64(value).split(":").first.to_i
- nonce(request.session.session_id, t) == value && (t - Time.now.to_i).abs <= 10 * 60
+ nonce(t) == value && (t - Time.now.to_i).abs <= seconds_to_timeout
end
- # Opaque based on digest of session_id
- def opaque(session_id)
- Base64.encode64(::Digest::MD5::hexdigest(session_id)).gsub("\n", '')
+ # Opaque based on random generation - but changing each request?
+ def opaque()
+ ::Digest::MD5.hexdigest(secret_key)
end
+
+ # Set in /initializers/session_store.rb, and loaded even if sessions are not in use.
+ def secret_key
+ ActionController::Base.session_options[:secret]
+ end
+
end
end
end
diff --git a/actionpack/lib/action_controller/base/redirect.rb b/actionpack/lib/action_controller/base/redirect.rb
index 83af793978..2e92117e7c 100644
--- a/actionpack/lib/action_controller/base/redirect.rb
+++ b/actionpack/lib/action_controller/base/redirect.rb
@@ -49,7 +49,6 @@ module ActionController
end
response.redirected_to = options
- logger.info("Redirected to #{options}") if logger && logger.info?
case options
# The scheme name consist of a letter followed by any combination of
@@ -72,6 +71,7 @@ module ActionController
def redirect_to_full_url(url, status)
raise DoubleRenderError if performed?
+ logger.info("Redirected to #{url}") if logger && logger.info?
response.redirect(url, interpret_status(status))
@performed_redirect = true
end
diff --git a/actionpack/lib/action_controller/base/render.rb b/actionpack/lib/action_controller/base/render.rb
index abba059969..c4a3725079 100644
--- a/actionpack/lib/action_controller/base/render.rb
+++ b/actionpack/lib/action_controller/base/render.rb
@@ -197,7 +197,17 @@ module ActionController
raise DoubleRenderError, "Can only render or redirect once per action" if performed?
options = { :layout => true } if options.nil?
- original, options = options, extra_options unless options.is_a?(Hash)
+
+ # This handles render "string", render :symbol, and render object
+ # render string and symbol are handled by render_for_name
+ # render object becomes render :partial => object
+ unless options.is_a?(Hash)
+ if options.is_a?(String) || options.is_a?(Symbol)
+ original, options = options, extra_options
+ else
+ extra_options[:partial], options = options, extra_options
+ end
+ end
layout_name = options.delete(:layout)
@@ -300,6 +310,7 @@ module ActionController
# of sending it as the response body to the browser.
def render_to_string(options = nil, &block) #:doc:
render(options, &block)
+ response.body
ensure
response.content_type = nil
erase_render_results
@@ -308,7 +319,7 @@ module ActionController
# Clears the rendered results, allowing for another render to be performed.
def erase_render_results #:nodoc:
- response.body = nil
+ response.body = []
@performed_render = false
end
@@ -360,8 +371,9 @@ module ActionController
def render_for_parts(parts, layout, options = {})
tmp = view_paths.find_by_parts(*parts)
- layout = _pick_layout(*layout) unless tmp.exempt_from_layout?
+ layout = _pick_layout(*layout) unless tmp.exempt_from_layout?
+
render_for_text(
@template._render_template_with_layout(tmp, layout, options, parts[3]))
end
diff --git a/actionpack/lib/action_controller/base/responder.rb b/actionpack/lib/action_controller/base/responder.rb
index f83abb5a4b..989f82444b 100644
--- a/actionpack/lib/action_controller/base/responder.rb
+++ b/actionpack/lib/action_controller/base/responder.rb
@@ -20,6 +20,7 @@ module ActionController
end
end
+ # Returns a set of the methods defined as actions in your controller
def action_methods
self.class.action_methods
end
diff --git a/actionpack/lib/action_controller/base/streaming.rb b/actionpack/lib/action_controller/base/streaming.rb
index e1786913a7..9f80f48c3d 100644
--- a/actionpack/lib/action_controller/base/streaming.rb
+++ b/actionpack/lib/action_controller/base/streaming.rb
@@ -1,5 +1,6 @@
module ActionController #:nodoc:
- # Methods for sending files and streams to the browser instead of rendering.
+ # Methods for sending arbitrary data and for streaming files to the browser,
+ # instead of rendering.
module Streaming
DEFAULT_SEND_FILE_OPTIONS = {
:type => 'application/octet-stream'.freeze,
@@ -103,8 +104,11 @@ module ActionController #:nodoc:
end
end
- # Send binary data to the user as a file download. May set content type, apparent file name,
- # and specify whether to show data inline or download as an attachment.
+ # Sends the given binary data to the browser. This method is similar to
+ # <tt>render :text => data</tt>, but also allows you to specify whether
+ # the browser should display the response as a file attachment (i.e. in a
+ # download dialog) or as inline data. You may also set the content type,
+ # the apparent file name, and other things.
#
# Options:
# * <tt>:filename</tt> - suggests a filename for the browser to use.
@@ -127,6 +131,10 @@ module ActionController #:nodoc:
# send_data image.data, :type => image.content_type, :disposition => 'inline'
#
# See +send_file+ for more information on HTTP Content-* headers and caching.
+ #
+ # <b>Tip:</b> if you want to stream large amounts of on-the-fly generated
+ # data to the browser, then use <tt>render :text => proc { ... }</tt>
+ # instead. See ActionController::Base#render for more information.
def send_data(data, options = {}) #:doc:
logger.info "Sending data #{options[:filename]}" if logger
send_file_headers! options.merge(:length => data.size)
@@ -152,7 +160,7 @@ module ActionController #:nodoc:
end
content_type = content_type.to_s.strip # fixes a problem with extra '\r' with some browsers
- headers.update(
+ headers.merge!(
'Content-Length' => options[:length],
'Content-Type' => content_type,
'Content-Disposition' => disposition,
diff --git a/actionpack/lib/action_controller/base/verification.rb b/actionpack/lib/action_controller/base/verification.rb
index 7bf09ba6ea..c62b81b666 100644
--- a/actionpack/lib/action_controller/base/verification.rb
+++ b/actionpack/lib/action_controller/base/verification.rb
@@ -90,7 +90,7 @@ module ActionController #:nodoc:
def verify_action(options) #:nodoc:
if prereqs_invalid?(options)
flash.update(options[:add_flash]) if options[:add_flash]
- response.headers.update(options[:add_headers]) if options[:add_headers]
+ response.headers.merge!(options[:add_headers]) if options[:add_headers]
apply_remaining_actions(options) unless performed?
end
end
diff --git a/actionpack/lib/action_controller/caching.rb b/actionpack/lib/action_controller/caching.rb
index 1d14df0052..80d13e25f1 100644
--- a/actionpack/lib/action_controller/caching.rb
+++ b/actionpack/lib/action_controller/caching.rb
@@ -27,6 +27,7 @@ module ActionController #:nodoc:
autoload :Actions, 'action_controller/caching/actions'
autoload :Fragments, 'action_controller/caching/fragments'
autoload :Pages, 'action_controller/caching/pages'
+ autoload :Sweeper, 'action_controller/caching/sweeping'
autoload :Sweeping, 'action_controller/caching/sweeping'
def self.included(base) #:nodoc:
diff --git a/actionpack/lib/action_controller/caching/actions.rb b/actionpack/lib/action_controller/caching/actions.rb
index 34e1c3527f..87b5029e57 100644
--- a/actionpack/lib/action_controller/caching/actions.rb
+++ b/actionpack/lib/action_controller/caching/actions.rb
@@ -129,24 +129,23 @@ module ActionController #:nodoc:
attr_reader :path, :extension
class << self
- def path_for(controller, options, infer_extension=true)
+ def path_for(controller, options, infer_extension = true)
new(controller, options, infer_extension).path
end
end
# When true, infer_extension will look up the cache path extension from the request's path & format.
- # This is desirable when reading and writing the cache, but not when expiring the cache - expire_action should expire the same files regardless of the request format.
- def initialize(controller, options = {}, infer_extension=true)
- if infer_extension and options.is_a? Hash
- request_extension = extract_extension(controller.request)
- options = options.reverse_merge(:format => request_extension)
+ # This is desirable when reading and writing the cache, but not when expiring the cache -
+ # expire_action should expire the same files regardless of the request format.
+ def initialize(controller, options = {}, infer_extension = true)
+ if infer_extension
+ extract_extension(controller.request)
+ options = options.reverse_merge(:format => @extension) if options.is_a?(Hash)
end
+
path = controller.url_for(options).split('://').last
normalize!(path)
- if infer_extension
- @extension = request_extension
- add_extension!(path, @extension)
- end
+ add_extension!(path, @extension)
@path = URI.unescape(path)
end
@@ -162,13 +161,7 @@ module ActionController #:nodoc:
def extract_extension(request)
# Don't want just what comes after the last '.' to accommodate multi part extensions
# such as tar.gz.
- extension = request.path[/^[^.]+\.(.+)$/, 1]
-
- # If there's no extension in the path, check request.format
- if extension.nil?
- extension = request.cache_format
- end
- extension
+ @extension = request.path[/^[^.]+\.(.+)$/, 1] || request.cache_format
end
end
end
diff --git a/actionpack/lib/action_controller/cgi/process.rb b/actionpack/lib/action_controller/cgi/process.rb
index ffcad5666a..34b97776f5 100644
--- a/actionpack/lib/action_controller/cgi/process.rb
+++ b/actionpack/lib/action_controller/cgi/process.rb
@@ -45,6 +45,11 @@ module ActionController #:nodoc:
out.sync = false if out.respond_to?(:sync=)
headers['Status'] = status.to_s
+
+ if headers.include?('Set-Cookie')
+ headers['cookie'] = headers.delete('Set-Cookie').split("\n")
+ end
+
out.write(cgi.header(headers))
body.each { |part|
diff --git a/actionpack/lib/action_controller/dispatch/dispatcher.rb b/actionpack/lib/action_controller/dispatch/dispatcher.rb
index e205245f13..74c72e1a8b 100644
--- a/actionpack/lib/action_controller/dispatch/dispatcher.rb
+++ b/actionpack/lib/action_controller/dispatch/dispatcher.rb
@@ -5,15 +5,14 @@ module ActionController
class << self
def define_dispatcher_callbacks(cache_classes)
unless cache_classes
- # Development mode callbacks
- before_dispatch :reload_application
- after_dispatch :cleanup_application
+ unless self.middleware.include?(Reloader)
+ self.middleware.insert_after(ActionDispatch::Failsafe, Reloader)
+ end
ActionView::Helpers::AssetTagHelper.cache_asset_timestamps = false
end
if defined?(ActiveRecord)
- after_dispatch :checkin_connections
to_prepare(:activerecord_instantiate_observers) { ActiveRecord::Base.instantiate_observers }
end
@@ -42,6 +41,30 @@ module ActionController
callback = ActiveSupport::Callbacks::Callback.new(:prepare_dispatch, block, :identifier => identifier)
@prepare_dispatch_callbacks.replace_or_append!(callback)
end
+
+ def run_prepare_callbacks
+ if defined?(Rails) && Rails.logger
+ logger = Rails.logger
+ else
+ logger = Logger.new($stderr)
+ end
+
+ new(logger).send :run_callbacks, :prepare_dispatch
+ end
+
+ def reload_application
+ # Run prepare callbacks before every request in development mode
+ run_prepare_callbacks
+
+ Routing::Routes.reload
+ end
+
+ def cleanup_application
+ # Cleanup the application before processing the current request.
+ ActiveRecord::Base.reset_subclasses if defined?(ActiveRecord)
+ ActiveSupport::Dependencies.clear
+ ActiveRecord::Base.clear_reloadable_connections! if defined?(ActiveRecord)
+ end
end
cattr_accessor :middleware
@@ -88,29 +111,8 @@ module ActionController
dispatch
end
- def reload_application
- # Run prepare callbacks before every request in development mode
- run_callbacks :prepare_dispatch
-
- Routing::Routes.reload
- end
-
- # Cleanup the application by clearing out loaded classes so they can
- # be reloaded on the next request without restarting the server.
- def cleanup_application
- ActiveRecord::Base.reset_subclasses if defined?(ActiveRecord)
- ActiveSupport::Dependencies.clear
- ActiveRecord::Base.clear_reloadable_connections! if defined?(ActiveRecord)
- end
-
def flush_logger
Base.logger.flush
end
-
- def checkin_connections
- # Don't return connection (and peform implicit rollback) if this request is a part of integration test
- return if @env.key?("rack.test")
- ActiveRecord::Base.clear_active_connections!
- end
end
end
diff --git a/actionpack/lib/action_controller/dispatch/middlewares.rb b/actionpack/lib/action_controller/dispatch/middlewares.rb
index 3bf3dbebab..b62b4f84a1 100644
--- a/actionpack/lib/action_controller/dispatch/middlewares.rb
+++ b/actionpack/lib/action_controller/dispatch/middlewares.rb
@@ -4,18 +4,10 @@ use "Rack::Lock", :if => lambda {
use "ActionDispatch::Failsafe"
-["ActionDispatch::Session::CookieStore",
- "ActionDispatch::Session::MemCacheStore",
- "ActiveRecord::SessionStore"].each do |store|
- use(store, ActionController::Base.session_options,
- :if => lambda {
- if session_store = ActionController::Base.session_store
- session_store.name == store
- end
- }
- )
-end
+use lambda { ActionController::Base.session_store },
+ lambda { ActionController::Base.session_options }
use "ActionDispatch::RewindableInput"
use "ActionDispatch::ParamsParser"
use "Rack::MethodOverride"
+use "Rack::Head"
diff --git a/actionpack/lib/action_controller/dispatch/rescue.rb b/actionpack/lib/action_controller/dispatch/rescue.rb
index df0a976204..ec9eff65a9 100644
--- a/actionpack/lib/action_controller/dispatch/rescue.rb
+++ b/actionpack/lib/action_controller/dispatch/rescue.rb
@@ -99,13 +99,19 @@ module ActionController #:nodoc:
# Attempts to render a static error page based on the
# <tt>status_code</tt> thrown, or just return headers if no such file
- # exists. For example, if a 500 error is being handled Rails will first
- # attempt to render the file at <tt>public/500.html</tt>. If the file
- # doesn't exist, the body of the response will be left empty.
+ # exists. At first, it will try to render a localized static page.
+ # For example, if a 500 error is being handled Rails and locale is :da,
+ # it will first attempt to render the file at <tt>public/500.da.html</tt>
+ # then attempt to render <tt>public/500.html</tt>. If none of them exist,
+ # the body of the response will be left empty.
def render_optional_error_file(status_code)
status = interpret_status(status_code)
- path = "#{Rails.public_path}/#{status.to_s[0,3]}.html"
- if File.exist?(path)
+ locale_path = "#{Rails.public_path}/#{status[0,3]}.#{I18n.locale}.html" if I18n.locale
+ path = "#{Rails.public_path}/#{status[0,3]}.html"
+
+ if locale_path && File.exist?(locale_path)
+ render :file => locale_path, :status => status, :content_type => Mime::HTML
+ elsif File.exist?(path)
render :file => path, :status => status, :content_type => Mime::HTML
else
head status
diff --git a/actionpack/lib/action_controller/reloader.rb b/actionpack/lib/action_controller/reloader.rb
new file mode 100644
index 0000000000..46789309cd
--- /dev/null
+++ b/actionpack/lib/action_controller/reloader.rb
@@ -0,0 +1,14 @@
+module ActionController
+ class Reloader
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ Dispatcher.reload_application
+ @app.call(env)
+ ensure
+ Dispatcher.cleanup_application
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/routing.rb b/actionpack/lib/action_controller/routing.rb
index a2141a77dc..c0eb61340b 100644
--- a/actionpack/lib/action_controller/routing.rb
+++ b/actionpack/lib/action_controller/routing.rb
@@ -267,7 +267,7 @@ module ActionController
module Routing
SEPARATORS = %w( / . ? )
- HTTP_METHODS = [:get, :head, :post, :put, :delete]
+ HTTP_METHODS = [:get, :head, :post, :put, :delete, :options]
ALLOWED_REQUIREMENTS_FOR_OPTIMISATION = [:controller, :action].to_set
diff --git a/actionpack/lib/action_controller/routing/builder.rb b/actionpack/lib/action_controller/routing/builder.rb
index 44d759444a..d9590c88b8 100644
--- a/actionpack/lib/action_controller/routing/builder.rb
+++ b/actionpack/lib/action_controller/routing/builder.rb
@@ -159,7 +159,8 @@ module ActionController
path = "/#{path}" unless path[0] == ?/
path = "#{path}/" unless path[-1] == ?/
- path = "/#{options[:path_prefix].to_s.gsub(/^\//,'')}#{path}" if options[:path_prefix]
+ prefix = options[:path_prefix].to_s.gsub(/^\//,'')
+ path = "/#{prefix}#{path}" unless prefix.blank?
segments = segments_for_route_path(path)
defaults, requirements, conditions = divide_route_options(segments, options)
diff --git a/actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb b/actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb
index 924d1aa6bd..d9b614c237 100644
--- a/actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb
+++ b/actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb
@@ -163,7 +163,8 @@ module ActionController
if parent.is_a?(Symbol) || parent.is_a?(String)
string << "#{parent}_"
else
- string << "#{RecordIdentifier.__send__("singular_class_name", parent)}_"
+ string << "#{RecordIdentifier.__send__("plural_class_name", parent)}".singularize
+ string << "_"
end
end
end
@@ -171,7 +172,9 @@ module ActionController
if record.is_a?(Symbol) || record.is_a?(String)
route << "#{record}_"
else
- route << "#{RecordIdentifier.__send__("#{inflection}_class_name", record)}_"
+ route << "#{RecordIdentifier.__send__("plural_class_name", record)}"
+ route = route.singularize if inflection == :singular
+ route << "_"
end
action_prefix(options) + namespace + route + routing_type(options).to_s
diff --git a/actionpack/lib/action_controller/routing/generation/url_rewriter.rb b/actionpack/lib/action_controller/routing/generation/url_rewriter.rb
index bb6cb437b7..16720b915b 100644
--- a/actionpack/lib/action_controller/routing/generation/url_rewriter.rb
+++ b/actionpack/lib/action_controller/routing/generation/url_rewriter.rb
@@ -68,29 +68,17 @@ module ActionController
# This generates, among other things, the method <tt>users_path</tt>. By default,
# this method is accessible from your controllers, views and mailers. If you need
# to access this auto-generated method from other places (such as a model), then
- # you can do that in two ways.
- #
- # The first way is to include ActionController::UrlWriter in your class:
+ # you can do that by including ActionController::UrlWriter in your class:
#
# class User < ActiveRecord::Base
- # include ActionController::UrlWriter # !!!
+ # include ActionController::UrlWriter
#
- # def name=(value)
- # write_attribute('name', value)
- # write_attribute('base_uri', users_path) # !!!
+ # def base_uri
+ # user_path(self)
# end
# end
#
- # The second way is to access them through ActionController::UrlWriter.
- # The autogenerated named routes methods are available as class methods:
- #
- # class User < ActiveRecord::Base
- # def name=(value)
- # write_attribute('name', value)
- # path = ActionController::UrlWriter.users_path # !!!
- # write_attribute('base_uri', path) # !!!
- # end
- # end
+ # User.find(1).base_uri # => "/users/1"
module UrlWriter
def self.included(base) #:nodoc:
ActionController::Routing::Routes.install_helpers(base)
diff --git a/actionpack/lib/action_controller/routing/recognition_optimisation.rb b/actionpack/lib/action_controller/routing/recognition_optimisation.rb
index ebc553512f..9bfebff0c0 100644
--- a/actionpack/lib/action_controller/routing/recognition_optimisation.rb
+++ b/actionpack/lib/action_controller/routing/recognition_optimisation.rb
@@ -98,7 +98,6 @@ module ActionController
if Array === item
i += 1
start = (i == 1)
- final = (i == list.size)
tag, sub = item
if tag == :dynamic
body += padding + "#{start ? 'if' : 'elsif'} true\n"
diff --git a/actionpack/lib/action_controller/routing/resources.rb b/actionpack/lib/action_controller/routing/resources.rb
index e8988aa737..86abb7b2f4 100644
--- a/actionpack/lib/action_controller/routing/resources.rb
+++ b/actionpack/lib/action_controller/routing/resources.rb
@@ -42,7 +42,7 @@ module ActionController
#
# Read more about REST at http://en.wikipedia.org/wiki/Representational_State_Transfer
module Resources
- INHERITABLE_OPTIONS = :namespace, :shallow, :actions
+ INHERITABLE_OPTIONS = :namespace, :shallow
class Resource #:nodoc:
DEFAULT_ACTIONS = :index, :create, :new, :edit, :show, :update, :destroy
@@ -91,7 +91,7 @@ module ActionController
end
def shallow_path_prefix
- @shallow_path_prefix ||= "#{path_prefix unless @options[:shallow]}"
+ @shallow_path_prefix ||= @options[:shallow] ? @options[:namespace].try(:sub, /\/$/, '') : path_prefix
end
def member_path
@@ -103,7 +103,7 @@ module ActionController
end
def shallow_name_prefix
- @shallow_name_prefix ||= "#{name_prefix unless @options[:shallow]}"
+ @shallow_name_prefix ||= @options[:shallow] ? @options[:namespace].try(:gsub, /\//, '_') : name_prefix
end
def nesting_name_prefix
@@ -119,7 +119,7 @@ module ActionController
end
def has_action?(action)
- !DEFAULT_ACTIONS.include?(action) || @options[:actions].nil? || @options[:actions].include?(action)
+ !DEFAULT_ACTIONS.include?(action) || action_allowed?(action)
end
protected
@@ -135,24 +135,29 @@ module ActionController
end
def set_allowed_actions
- only = @options.delete(:only)
- except = @options.delete(:except)
+ only, except = @options.values_at(:only, :except)
+ @allowed_actions ||= {}
- if only && except
- raise ArgumentError, 'Please supply either :only or :except, not both.'
- elsif only == :all || except == :none
- options[:actions] = DEFAULT_ACTIONS
+ if only == :all || except == :none
+ only = nil
+ except = []
elsif only == :none || except == :all
- options[:actions] = []
- elsif only
- options[:actions] = DEFAULT_ACTIONS & Array(only).map(&:to_sym)
+ only = []
+ except = nil
+ end
+
+ if only
+ @allowed_actions[:only] = Array(only).map(&:to_sym)
elsif except
- options[:actions] = DEFAULT_ACTIONS - Array(except).map(&:to_sym)
- else
- # leave options[:actions] alone
+ @allowed_actions[:except] = Array(except).map(&:to_sym)
end
end
+ def action_allowed?(action)
+ only, except = @allowed_actions.values_at(:only, :except)
+ (!only || only.include?(action)) && (!except || !except.include?(action))
+ end
+
def set_prefixes
@path_prefix = options.delete(:path_prefix)
@name_prefix = options.delete(:name_prefix)
@@ -403,8 +408,6 @@ module ActionController
# # --> POST /posts/1/comments (maps to the CommentsController#create action)
# # --> PUT /posts/1/comments/1 (fails)
#
- # The <tt>:only</tt> and <tt>:except</tt> options are inherited by any nested resource(s).
- #
# If <tt>map.resources</tt> is called with multiple resources, they all get the same options applied.
#
# Examples:
@@ -627,7 +630,7 @@ module ActionController
action_path = resource.options[:path_names][action] if resource.options[:path_names].is_a?(Hash)
action_path ||= Base.resources_path_names[action] || action
- map_resource_routes(map, resource, action, "#{resource.member_path}#{resource.action_separator}#{action_path}", "#{action}_#{resource.shallow_name_prefix}#{resource.singular}", m)
+ map_resource_routes(map, resource, action, "#{resource.member_path}#{resource.action_separator}#{action_path}", "#{action}_#{resource.shallow_name_prefix}#{resource.singular}", m, { :force_id => true })
end
end
end
@@ -638,9 +641,9 @@ module ActionController
map_resource_routes(map, resource, :destroy, resource.member_path, route_path)
end
- def map_resource_routes(map, resource, action, route_path, route_name = nil, method = nil)
+ def map_resource_routes(map, resource, action, route_path, route_name = nil, method = nil, resource_options = {} )
if resource.has_action?(action)
- action_options = action_options_for(action, resource, method)
+ action_options = action_options_for(action, resource, method, resource_options)
formatted_route_path = "#{route_path}.:format"
if route_name && @set.named_routes[route_name.to_sym].nil?
@@ -657,9 +660,10 @@ module ActionController
end
end
- def action_options_for(action, resource, method = nil)
+ def action_options_for(action, resource, method = nil, resource_options = {})
default_options = { :action => action.to_s }
require_id = !resource.kind_of?(SingletonResource)
+ force_id = resource_options[:force_id] && !resource.kind_of?(SingletonResource)
case default_options[:action]
when "index", "new"; default_options.merge(add_conditions_for(resource.conditions, method || :get)).merge(resource.requirements)
@@ -667,7 +671,7 @@ module ActionController
when "show", "edit"; default_options.merge(add_conditions_for(resource.conditions, method || :get)).merge(resource.requirements(require_id))
when "update"; default_options.merge(add_conditions_for(resource.conditions, method || :put)).merge(resource.requirements(require_id))
when "destroy"; default_options.merge(add_conditions_for(resource.conditions, method || :delete)).merge(resource.requirements(require_id))
- else default_options.merge(add_conditions_for(resource.conditions, method)).merge(resource.requirements)
+ else default_options.merge(add_conditions_for(resource.conditions, method)).merge(resource.requirements(force_id))
end
end
end
diff --git a/actionpack/lib/action_controller/routing/segments.rb b/actionpack/lib/action_controller/routing/segments.rb
index 5dda3d4d00..4f936d51d2 100644
--- a/actionpack/lib/action_controller/routing/segments.rb
+++ b/actionpack/lib/action_controller/routing/segments.rb
@@ -3,7 +3,11 @@ module ActionController
class Segment #:nodoc:
RESERVED_PCHAR = ':@&=+$,;'
SAFE_PCHAR = "#{URI::REGEXP::PATTERN::UNRESERVED}#{RESERVED_PCHAR}"
- UNSAFE_PCHAR = Regexp.new("[^#{SAFE_PCHAR}]", false, 'N').freeze
+ if RUBY_VERSION >= '1.9'
+ UNSAFE_PCHAR = Regexp.new("[^#{SAFE_PCHAR}]", false).freeze
+ else
+ UNSAFE_PCHAR = Regexp.new("[^#{SAFE_PCHAR}]", false, 'N').freeze
+ end
# TODO: Convert :is_optional accessor to read only
attr_accessor :is_optional
@@ -191,23 +195,19 @@ module ActionController
end
def regexp_chunk
- if regexp
- if regexp_has_modifiers?
- "(#{regexp.to_s})"
- else
- "(#{regexp.source})"
- end
- else
- "([^#{Routing::SEPARATORS.join}]+)"
- end
+ regexp ? regexp_string : default_regexp_chunk
+ end
+
+ def regexp_string
+ regexp_has_modifiers? ? "(#{regexp.to_s})" : "(#{regexp.source})"
+ end
+
+ def default_regexp_chunk
+ "([^#{Routing::SEPARATORS.join}]+)"
end
def number_of_captures
- if regexp
- regexp.number_of_captures + 1
- else
- 1
- end
+ regexp ? regexp.number_of_captures + 1 : 1
end
def build_pattern(pattern)
@@ -244,10 +244,6 @@ module ActionController
"(?i-:(#{(regexp || Regexp.union(*possible_names)).source}))"
end
- def number_of_captures
- 1
- end
-
# Don't URI.escape the controller name since it may contain slashes.
def interpolation_chunk(value_code = local_name)
"\#{#{value_code}.to_s}"
@@ -289,8 +285,8 @@ module ActionController
"params[:#{key}] = PathSegment::Result.new_escaped((match[#{next_capture}]#{" || " + default.inspect if default}).split('/'))#{" if match[" + next_capture + "]" if !default}"
end
- def regexp_chunk
- regexp || "(.*)"
+ def default_regexp_chunk
+ "(.*)"
end
def number_of_captures
@@ -322,13 +318,17 @@ module ActionController
end
def regexp_chunk
- '(\.[^/?\.]+)?'
+ '/|(\.[^/?\.]+)?'
end
def to_s
'(.:format)?'
end
-
+
+ def extract_value
+ "#{local_name} = options[:#{key}] && options[:#{key}].to_s.downcase"
+ end
+
#the value should not include the period (.)
def match_extraction(next_capture)
%[
diff --git a/actionpack/lib/action_controller/testing/integration.rb b/actionpack/lib/action_controller/testing/integration.rb
index 0da23f9dc8..d51b9b63ff 100644
--- a/actionpack/lib/action_controller/testing/integration.rb
+++ b/actionpack/lib/action_controller/testing/integration.rb
@@ -5,7 +5,7 @@ require 'active_support/test_case'
module ActionController
module Integration #:nodoc:
# An integration Session instance represents a set of requests and responses
- # performed sequentially by some virtual user. Becase you can instantiate
+ # performed sequentially by some virtual user. Because you can instantiate
# multiple sessions and run them side-by-side, you can also mimic (to some
# limited extent) multiple simultaneous users interacting with your system.
#
@@ -26,6 +26,9 @@ module ActionController
# The status message that accompanied the status code of the last request.
attr_reader :status_message
+ # The body of the last request.
+ attr_reader :body
+
# The URI of the last request.
attr_reader :path
@@ -308,7 +311,11 @@ module ActionController
ActionController::Base.clear_last_instantiation!
- app = Rack::Lint.new(@application)
+ app = @application
+ # Rack::Lint doesn't accept String headers or bodies in Ruby 1.9
+ unless RUBY_VERSION >= '1.9.0' && Rack.release <= '0.9.0'
+ app = Rack::Lint.new(app)
+ end
status, headers, body = app.call(env)
@request_count += 1
@@ -320,13 +327,19 @@ module ActionController
@headers = Rack::Utils::HeaderHash.new(headers)
- (@headers['Set-Cookie'] || []).each do |cookie|
+ (@headers['Set-Cookie'] || "").split("\n").each do |cookie|
name, value = cookie.match(/^([^=]*)=([^;]*);/)[1,2]
@cookies[name] = value
end
- @body = ""
- body.each { |part| @body << part }
+ if body.is_a?(String)
+ @body_parts = [body]
+ @body = body
+ else
+ @body_parts = []
+ body.each { |part| @body_parts << part.to_s }
+ @body = @body_parts.join
+ end
if @controller = ActionController::Base.last_instantiation
@request = @controller.request
@@ -338,7 +351,7 @@ module ActionController
@response = ActionDispatch::Response.new
@response.status = status.to_s
@response.headers.replace(@headers)
- @response.body = @body
+ @response.body = @body_parts
end
# Decorate the response with the standard behavior of the
diff --git a/actionpack/lib/action_controller/testing/process.rb b/actionpack/lib/action_controller/testing/process.rb
index 38e37c7a18..86e193efa9 100644
--- a/actionpack/lib/action_controller/testing/process.rb
+++ b/actionpack/lib/action_controller/testing/process.rb
@@ -1,14 +1,21 @@
+require 'rack/session/abstract/id'
module ActionController #:nodoc:
class TestRequest < ActionDispatch::Request #:nodoc:
attr_accessor :cookies, :session_options
attr_accessor :query_parameters, :path, :session
attr_accessor :host
- def initialize
- super(Rack::MockRequest.env_for("/"))
+ def self.new(env = {})
+ super
+ end
+
+ def initialize(env = {})
+ super(Rack::MockRequest.env_for("/").merge(env))
@query_parameters = {}
@session = TestSession.new
+ default_rack_options = Rack::Session::Abstract::ID::DEFAULT_OPTIONS
+ @session_options ||= {:id => generate_sid(default_rack_options[:sidbits])}.merge(default_rack_options)
initialize_default_values
initialize_containers
@@ -106,6 +113,7 @@ module ActionController #:nodoc:
end
def recycle!
+ @env["action_controller.request.request_parameters"] = {}
self.query_parameters = {}
self.path_parameters = {}
@headers, @request_method, @accepts, @content_type = nil, nil, nil, nil
@@ -116,6 +124,10 @@ module ActionController #:nodoc:
end
private
+ def generate_sid(sidbits)
+ "%0#{sidbits / 4}x" % rand(2**sidbits - 1)
+ end
+
def initialize_containers
@cookies = {}
end
@@ -246,7 +258,7 @@ module ActionController #:nodoc:
def cookies
cookies = {}
Array(headers['Set-Cookie']).each do |cookie|
- key, value = cookie.split(";").first.split("=")
+ key, value = cookie.split(";").first.split("=").map {|val| Rack::Utils.unescape(val)}
cookies[key] = value
end
cookies
@@ -254,11 +266,11 @@ module ActionController #:nodoc:
# Returns binary content (downloadable file), converted to a String
def binary_content
- raise "Response body is not a Proc: #{body.inspect}" unless body.kind_of?(Proc)
+ raise "Response body is not a Proc: #{body_parts.inspect}" unless body_parts.kind_of?(Proc)
require 'stringio'
sio = StringIO.new
- body.call(self, sio)
+ body_parts.call(self, sio)
sio.rewind
sio.read
diff --git a/actionpack/lib/action_controller/testing/test_case.rb b/actionpack/lib/action_controller/testing/test_case.rb
index 4f38f75f41..b020b755a0 100644
--- a/actionpack/lib/action_controller/testing/test_case.rb
+++ b/actionpack/lib/action_controller/testing/test_case.rb
@@ -127,9 +127,14 @@ module ActionController
#
# The exception is stored in the exception accessor for further inspection.
module RaiseActionExceptions
- protected
- attr_accessor :exception
+ def self.included(base)
+ base.class_eval do
+ attr_accessor :exception
+ protected :exception, :exception=
+ end
+ end
+ protected
def rescue_action_without_handler(e)
self.exception = e
@@ -141,9 +146,7 @@ module ActionController
end
end
- def setup
- setup_controller_request_and_response
- end
+ setup :setup_controller_request_and_response
@@controller_class = nil
diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/selector.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/selector.rb
index 376bb87409..e2c49c284f 100644
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/selector.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/selector.rb
@@ -556,7 +556,7 @@ module HTML
end
# Attribute value.
- next if statement.sub!(/^\[\s*([[:alpha:]][\w\-]*)\s*((?:[~|^$*])?=)?\s*('[^']*'|"[^*]"|[^\]]*)\s*\]/) do |match|
+ next if statement.sub!(/^\[\s*([[:alpha:]][\w\-:]*)\s*((?:[~|^$*])?=)?\s*('[^']*'|"[^*]"|[^\]]*)\s*\]/) do |match|
name, equality, value = $1, $2, $3
if value == "?"
value = values.shift
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack.rb
new file mode 100644
index 0000000000..6349b95094
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack.rb
@@ -0,0 +1,89 @@
+# Copyright (C) 2007, 2008, 2009 Christian Neukirchen <purl.org/net/chneukirchen>
+#
+# Rack is freely distributable under the terms of an MIT-style license.
+# See COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+$:.unshift(File.expand_path(File.dirname(__FILE__)))
+
+
+# The Rack main module, serving as a namespace for all core Rack
+# modules and classes.
+#
+# All modules meant for use in your application are <tt>autoload</tt>ed here,
+# so it should be enough just to <tt>require rack.rb</tt> in your code.
+
+module Rack
+ # The Rack protocol version number implemented.
+ VERSION = [0,1]
+
+ # Return the Rack protocol version as a dotted string.
+ def self.version
+ VERSION.join(".")
+ end
+
+ # Return the Rack release as a dotted string.
+ def self.release
+ "1.0 bundled"
+ end
+
+ autoload :Builder, "rack/builder"
+ autoload :Cascade, "rack/cascade"
+ autoload :Chunked, "rack/chunked"
+ autoload :CommonLogger, "rack/commonlogger"
+ autoload :ConditionalGet, "rack/conditionalget"
+ autoload :ContentLength, "rack/content_length"
+ autoload :ContentType, "rack/content_type"
+ autoload :File, "rack/file"
+ autoload :Deflater, "rack/deflater"
+ autoload :Directory, "rack/directory"
+ autoload :ForwardRequest, "rack/recursive"
+ autoload :Handler, "rack/handler"
+ autoload :Head, "rack/head"
+ autoload :Lint, "rack/lint"
+ autoload :Lock, "rack/lock"
+ autoload :MethodOverride, "rack/methodoverride"
+ autoload :Mime, "rack/mime"
+ autoload :Recursive, "rack/recursive"
+ autoload :Reloader, "rack/reloader"
+ autoload :ShowExceptions, "rack/showexceptions"
+ autoload :ShowStatus, "rack/showstatus"
+ autoload :Static, "rack/static"
+ autoload :URLMap, "rack/urlmap"
+ autoload :Utils, "rack/utils"
+
+ autoload :MockRequest, "rack/mock"
+ autoload :MockResponse, "rack/mock"
+
+ autoload :Request, "rack/request"
+ autoload :Response, "rack/response"
+
+ module Auth
+ autoload :Basic, "rack/auth/basic"
+ autoload :AbstractRequest, "rack/auth/abstract/request"
+ autoload :AbstractHandler, "rack/auth/abstract/handler"
+ autoload :OpenID, "rack/auth/openid"
+ module Digest
+ autoload :MD5, "rack/auth/digest/md5"
+ autoload :Nonce, "rack/auth/digest/nonce"
+ autoload :Params, "rack/auth/digest/params"
+ autoload :Request, "rack/auth/digest/request"
+ end
+ end
+
+ module Session
+ autoload :Cookie, "rack/session/cookie"
+ autoload :Pool, "rack/session/pool"
+ autoload :Memcache, "rack/session/memcache"
+ end
+
+ # *Adapters* connect Rack with third party web frameworks.
+ #
+ # Rack includes an adapter for Camping, see README for other
+ # frameworks supporting Rack in their code bases.
+ #
+ # Refer to the submodules for framework-specific calling details.
+
+ module Adapter
+ autoload :Camping, "rack/adapter/camping"
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/adapter/camping.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/adapter/camping.rb
new file mode 100644
index 0000000000..63bc787f54
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/adapter/camping.rb
@@ -0,0 +1,22 @@
+module Rack
+ module Adapter
+ class Camping
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ env["PATH_INFO"] ||= ""
+ env["SCRIPT_NAME"] ||= ""
+ controller = @app.run(env['rack.input'], env)
+ h = controller.headers
+ h.each_pair do |k,v|
+ if v.kind_of? URI
+ h[k] = v.to_s
+ end
+ end
+ [controller.status, controller.headers, [controller.body.to_s]]
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/handler.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/handler.rb
new file mode 100644
index 0000000000..214df6299e
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/handler.rb
@@ -0,0 +1,37 @@
+module Rack
+ module Auth
+ # Rack::Auth::AbstractHandler implements common authentication functionality.
+ #
+ # +realm+ should be set for all handlers.
+
+ class AbstractHandler
+
+ attr_accessor :realm
+
+ def initialize(app, realm=nil, &authenticator)
+ @app, @realm, @authenticator = app, realm, authenticator
+ end
+
+
+ private
+
+ def unauthorized(www_authenticate = challenge)
+ return [ 401,
+ { 'Content-Type' => 'text/plain',
+ 'Content-Length' => '0',
+ 'WWW-Authenticate' => www_authenticate.to_s },
+ []
+ ]
+ end
+
+ def bad_request
+ return [ 400,
+ { 'Content-Type' => 'text/plain',
+ 'Content-Length' => '0' },
+ []
+ ]
+ end
+
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/request.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/request.rb
new file mode 100644
index 0000000000..1d9ccec685
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/request.rb
@@ -0,0 +1,37 @@
+module Rack
+ module Auth
+ class AbstractRequest
+
+ def initialize(env)
+ @env = env
+ end
+
+ def provided?
+ !authorization_key.nil?
+ end
+
+ def parts
+ @parts ||= @env[authorization_key].split(' ', 2)
+ end
+
+ def scheme
+ @scheme ||= parts.first.downcase.to_sym
+ end
+
+ def params
+ @params ||= parts.last
+ end
+
+
+ private
+
+ AUTHORIZATION_KEYS = ['HTTP_AUTHORIZATION', 'X-HTTP_AUTHORIZATION', 'X_HTTP_AUTHORIZATION']
+
+ def authorization_key
+ @authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.has_key?(key) }
+ end
+
+ end
+
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/basic.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/basic.rb
new file mode 100644
index 0000000000..9557224648
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/basic.rb
@@ -0,0 +1,58 @@
+require 'rack/auth/abstract/handler'
+require 'rack/auth/abstract/request'
+
+module Rack
+ module Auth
+ # Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
+ #
+ # Initialize with the Rack application that you want protecting,
+ # and a block that checks if a username and password pair are valid.
+ #
+ # See also: <tt>example/protectedlobster.rb</tt>
+
+ class Basic < AbstractHandler
+
+ def call(env)
+ auth = Basic::Request.new(env)
+
+ return unauthorized unless auth.provided?
+
+ return bad_request unless auth.basic?
+
+ if valid?(auth)
+ env['REMOTE_USER'] = auth.username
+
+ return @app.call(env)
+ end
+
+ unauthorized
+ end
+
+
+ private
+
+ def challenge
+ 'Basic realm="%s"' % realm
+ end
+
+ def valid?(auth)
+ @authenticator.call(*auth.credentials)
+ end
+
+ class Request < Auth::AbstractRequest
+ def basic?
+ :basic == scheme
+ end
+
+ def credentials
+ @credentials ||= params.unpack("m*").first.split(/:/, 2)
+ end
+
+ def username
+ credentials.first
+ end
+ end
+
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/md5.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/md5.rb
new file mode 100644
index 0000000000..e579dc9632
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/md5.rb
@@ -0,0 +1,124 @@
+require 'rack/auth/abstract/handler'
+require 'rack/auth/digest/request'
+require 'rack/auth/digest/params'
+require 'rack/auth/digest/nonce'
+require 'digest/md5'
+
+module Rack
+ module Auth
+ module Digest
+ # Rack::Auth::Digest::MD5 implements the MD5 algorithm version of
+ # HTTP Digest Authentication, as per RFC 2617.
+ #
+ # Initialize with the [Rack] application that you want protecting,
+ # and a block that looks up a plaintext password for a given username.
+ #
+ # +opaque+ needs to be set to a constant base64/hexadecimal string.
+ #
+ class MD5 < AbstractHandler
+
+ attr_accessor :opaque
+
+ attr_writer :passwords_hashed
+
+ def initialize(*args)
+ super
+ @passwords_hashed = nil
+ end
+
+ def passwords_hashed?
+ !!@passwords_hashed
+ end
+
+ def call(env)
+ auth = Request.new(env)
+
+ unless auth.provided?
+ return unauthorized
+ end
+
+ if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
+ return bad_request
+ end
+
+ if valid?(auth)
+ if auth.nonce.stale?
+ return unauthorized(challenge(:stale => true))
+ else
+ env['REMOTE_USER'] = auth.username
+
+ return @app.call(env)
+ end
+ end
+
+ unauthorized
+ end
+
+
+ private
+
+ QOP = 'auth'.freeze
+
+ def params(hash = {})
+ Params.new do |params|
+ params['realm'] = realm
+ params['nonce'] = Nonce.new.to_s
+ params['opaque'] = H(opaque)
+ params['qop'] = QOP
+
+ hash.each { |k, v| params[k] = v }
+ end
+ end
+
+ def challenge(hash = {})
+ "Digest #{params(hash)}"
+ end
+
+ def valid?(auth)
+ valid_opaque?(auth) && valid_nonce?(auth) && valid_digest?(auth)
+ end
+
+ def valid_qop?(auth)
+ QOP == auth.qop
+ end
+
+ def valid_opaque?(auth)
+ H(opaque) == auth.opaque
+ end
+
+ def valid_nonce?(auth)
+ auth.nonce.valid?
+ end
+
+ def valid_digest?(auth)
+ digest(auth, @authenticator.call(auth.username)) == auth.response
+ end
+
+ def md5(data)
+ ::Digest::MD5.hexdigest(data)
+ end
+
+ alias :H :md5
+
+ def KD(secret, data)
+ H([secret, data] * ':')
+ end
+
+ def A1(auth, password)
+ [ auth.username, auth.realm, password ] * ':'
+ end
+
+ def A2(auth)
+ [ auth.method, auth.uri ] * ':'
+ end
+
+ def digest(auth, password)
+ password_hash = passwords_hashed? ? password : H(A1(auth, password))
+
+ KD(password_hash, [ auth.nonce, auth.nc, auth.cnonce, QOP, H(A2(auth)) ] * ':')
+ end
+
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/nonce.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/nonce.rb
new file mode 100644
index 0000000000..dbe109f29a
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/nonce.rb
@@ -0,0 +1,51 @@
+require 'digest/md5'
+
+module Rack
+ module Auth
+ module Digest
+ # Rack::Auth::Digest::Nonce is the default nonce generator for the
+ # Rack::Auth::Digest::MD5 authentication handler.
+ #
+ # +private_key+ needs to set to a constant string.
+ #
+ # +time_limit+ can be optionally set to an integer (number of seconds),
+ # to limit the validity of the generated nonces.
+
+ class Nonce
+
+ class << self
+ attr_accessor :private_key, :time_limit
+ end
+
+ def self.parse(string)
+ new(*string.unpack("m*").first.split(' ', 2))
+ end
+
+ def initialize(timestamp = Time.now, given_digest = nil)
+ @timestamp, @given_digest = timestamp.to_i, given_digest
+ end
+
+ def to_s
+ [([ @timestamp, digest ] * ' ')].pack("m*").strip
+ end
+
+ def digest
+ ::Digest::MD5.hexdigest([ @timestamp, self.class.private_key ] * ':')
+ end
+
+ def valid?
+ digest == @given_digest
+ end
+
+ def stale?
+ !self.class.time_limit.nil? && (@timestamp - Time.now.to_i) < self.class.time_limit
+ end
+
+ def fresh?
+ !stale?
+ end
+
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/params.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/params.rb
new file mode 100644
index 0000000000..730e2efdc8
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/params.rb
@@ -0,0 +1,55 @@
+module Rack
+ module Auth
+ module Digest
+ class Params < Hash
+
+ def self.parse(str)
+ split_header_value(str).inject(new) do |header, param|
+ k, v = param.split('=', 2)
+ header[k] = dequote(v)
+ header
+ end
+ end
+
+ def self.dequote(str) # From WEBrick::HTTPUtils
+ ret = (/\A"(.*)"\Z/ =~ str) ? $1 : str.dup
+ ret.gsub!(/\\(.)/, "\\1")
+ ret
+ end
+
+ def self.split_header_value(str)
+ str.scan( /(\w+\=(?:"[^\"]+"|[^,]+))/n ).collect{ |v| v[0] }
+ end
+
+ def initialize
+ super
+
+ yield self if block_given?
+ end
+
+ def [](k)
+ super k.to_s
+ end
+
+ def []=(k, v)
+ super k.to_s, v.to_s
+ end
+
+ UNQUOTED = ['qop', 'nc', 'stale']
+
+ def to_s
+ inject([]) do |parts, (k, v)|
+ parts << "#{k}=" + (UNQUOTED.include?(k) ? v.to_s : quote(v))
+ parts
+ end.join(', ')
+ end
+
+ def quote(str) # From WEBrick::HTTPUtils
+ '"' << str.gsub(/[\\\"]/o, "\\\1") << '"'
+ end
+
+ end
+ end
+ end
+end
+
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/request.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/request.rb
new file mode 100644
index 0000000000..a8aa3bf996
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/digest/request.rb
@@ -0,0 +1,40 @@
+require 'rack/auth/abstract/request'
+require 'rack/auth/digest/params'
+require 'rack/auth/digest/nonce'
+
+module Rack
+ module Auth
+ module Digest
+ class Request < Auth::AbstractRequest
+
+ def method
+ @env['rack.methodoverride.original_method'] || @env['REQUEST_METHOD']
+ end
+
+ def digest?
+ :digest == scheme
+ end
+
+ def correct_uri?
+ (@env['SCRIPT_NAME'].to_s + @env['PATH_INFO'].to_s) == uri
+ end
+
+ def nonce
+ @nonce ||= Nonce.parse(params['nonce'])
+ end
+
+ def params
+ @params ||= Params.parse(parts.last)
+ end
+
+ def method_missing(sym)
+ if params.has_key? key = sym.to_s
+ return params[key]
+ end
+ super
+ end
+
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/openid.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/openid.rb
new file mode 100644
index 0000000000..c5f6a5143e
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/auth/openid.rb
@@ -0,0 +1,480 @@
+# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
+
+gem 'ruby-openid', '~> 2' if defined? Gem
+require 'rack/request'
+require 'rack/utils'
+require 'rack/auth/abstract/handler'
+require 'uri'
+require 'openid' #gem
+require 'openid/extension' #gem
+require 'openid/store/memory' #gem
+
+module Rack
+ class Request
+ def openid_request
+ @env['rack.auth.openid.request']
+ end
+
+ def openid_response
+ @env['rack.auth.openid.response']
+ end
+ end
+
+ module Auth
+
+ # Rack::Auth::OpenID provides a simple method for setting up an OpenID
+ # Consumer. It requires the ruby-openid library from janrain to operate,
+ # as well as a rack method of session management.
+ #
+ # The ruby-openid home page is at http://openidenabled.com/ruby-openid/.
+ #
+ # The OpenID specifications can be found at
+ # http://openid.net/specs/openid-authentication-1_1.html
+ # and
+ # http://openid.net/specs/openid-authentication-2_0.html. Documentation
+ # for published OpenID extensions and related topics can be found at
+ # http://openid.net/developers/specs/.
+ #
+ # It is recommended to read through the OpenID spec, as well as
+ # ruby-openid's documentation, to understand what exactly goes on. However
+ # a setup as simple as the presented examples is enough to provide
+ # Consumer functionality.
+ #
+ # This library strongly intends to utilize the OpenID 2.0 features of the
+ # ruby-openid library, which provides OpenID 1.0 compatiblity.
+ #
+ # NOTE: Due to the amount of data that this library stores in the
+ # session, Rack::Session::Cookie may fault.
+
+ class OpenID
+
+ class NoSession < RuntimeError; end
+ class BadExtension < RuntimeError; end
+ # Required for ruby-openid
+ ValidStatus = [:success, :setup_needed, :cancel, :failure]
+
+ # = Arguments
+ #
+ # The first argument is the realm, identifying the site they are trusting
+ # with their identity. This is required, also treated as the trust_root
+ # in OpenID 1.x exchanges.
+ #
+ # The optional second argument is a hash of options.
+ #
+ # == Options
+ #
+ # <tt>:return_to</tt> defines the url to return to after the client
+ # authenticates with the openid service provider. This url should point
+ # to where Rack::Auth::OpenID is mounted. If <tt>:return_to</tt> is not
+ # provided, return_to will be the current url which allows flexibility
+ # with caveats.
+ #
+ # <tt>:session_key</tt> defines the key to the session hash in the env.
+ # It defaults to 'rack.session'.
+ #
+ # <tt>:openid_param</tt> defines at what key in the request parameters to
+ # find the identifier to resolve. As per the 2.0 spec, the default is
+ # 'openid_identifier'.
+ #
+ # <tt>:store</tt> defined what OpenID Store to use for persistant
+ # information. By default a Store::Memory will be used.
+ #
+ # <tt>:immediate</tt> as true will make initial requests to be of an
+ # immediate type. This is false by default. See OpenID specification
+ # documentation.
+ #
+ # <tt>:extensions</tt> should be a hash of openid extension
+ # implementations. The key should be the extension main module, the value
+ # should be an array of arguments for extension::Request.new.
+ # The hash is iterated over and passed to #add_extension for processing.
+ # Please see #add_extension for further documentation.
+ #
+ # == Examples
+ #
+ # simple_oid = OpenID.new('http://mysite.com/')
+ #
+ # return_oid = OpenID.new('http://mysite.com/', {
+ # :return_to => 'http://mysite.com/openid'
+ # })
+ #
+ # complex_oid = OpenID.new('http://mysite.com/',
+ # :immediate => true,
+ # :extensions => {
+ # ::OpenID::SReg => [['email'],['nickname']]
+ # }
+ # )
+ #
+ # = Advanced
+ #
+ # Most of the functionality of this library is encapsulated such that
+ # expansion and overriding functions isn't difficult nor tricky.
+ # Alternately, to avoid opening up singleton objects or subclassing, a
+ # wrapper rack middleware can be composed to act upon Auth::OpenID's
+ # responses. See #check and #finish for locations of pertinent data.
+ #
+ # == Responses
+ #
+ # To change the responses that Auth::OpenID returns, override the methods
+ # #redirect, #bad_request, #unauthorized, #access_denied, and
+ # #foreign_server_failure.
+ #
+ # Additionally #confirm_post_params is used when the URI would exceed
+ # length limits on a GET request when doing the initial verification
+ # request.
+ #
+ # == Processing
+ #
+ # To change methods of processing completed transactions, override the
+ # methods #success, #setup_needed, #cancel, and #failure. Please ensure
+ # the returned object is a rack compatible response.
+ #
+ # The first argument is an OpenID::Response, the second is a
+ # Rack::Request of the current request, the last is the hash used in
+ # ruby-openid handling, which can be found manually at
+ # env['rack.session'][:openid].
+ #
+ # This is useful if you wanted to expand the processing done, such as
+ # setting up user accounts.
+ #
+ # oid_app = Rack::Auth::OpenID.new realm, :return_to => return_to
+ # def oid_app.success oid, request, session
+ # user = Models::User[oid.identity_url]
+ # user ||= Models::User.create_from_openid oid
+ # request['rack.session'][:user] = user.id
+ # redirect MyApp.site_home
+ # end
+ #
+ # site_map['/openid'] = oid_app
+ # map = Rack::URLMap.new site_map
+ # ...
+
+ def initialize(realm, options={})
+ realm = URI(realm)
+ raise ArgumentError, "Invalid realm: #{realm}" \
+ unless realm.absolute? \
+ and realm.fragment.nil? \
+ and realm.scheme =~ /^https?$/ \
+ and realm.host =~ /^(\*\.)?#{URI::REGEXP::PATTERN::URIC_NO_SLASH}+/
+ realm.path = '/' if realm.path.empty?
+ @realm = realm.to_s
+
+ if ruri = options[:return_to]
+ ruri = URI(ruri)
+ raise ArgumentError, "Invalid return_to: #{ruri}" \
+ unless ruri.absolute? \
+ and ruri.scheme =~ /^https?$/ \
+ and ruri.fragment.nil?
+ raise ArgumentError, "return_to #{ruri} not within realm #{realm}" \
+ unless self.within_realm?(ruri)
+ @return_to = ruri.to_s
+ end
+
+ @session_key = options[:session_key] || 'rack.session'
+ @openid_param = options[:openid_param] || 'openid_identifier'
+ @store = options[:store] || ::OpenID::Store::Memory.new
+ @immediate = !!options[:immediate]
+
+ @extensions = {}
+ if extensions = options.delete(:extensions)
+ extensions.each do |ext, args|
+ add_extension ext, *args
+ end
+ end
+
+ # Undocumented, semi-experimental
+ @anonymous = !!options[:anonymous]
+ end
+
+ attr_reader :realm, :return_to, :session_key, :openid_param, :store,
+ :immediate, :extensions
+
+ # Sets up and uses session data at <tt>:openid</tt> within the session.
+ # Errors in this setup will raise a NoSession exception.
+ #
+ # If the parameter 'openid.mode' is set, which implies a followup from
+ # the openid server, processing is passed to #finish and the result is
+ # returned. However, if there is no appropriate openid information in the
+ # session, a 400 error is returned.
+ #
+ # If the parameter specified by <tt>options[:openid_param]</tt> is
+ # present, processing is passed to #check and the result is returned.
+ #
+ # If neither of these conditions are met, #unauthorized is called.
+
+ def call(env)
+ env['rack.auth.openid'] = self
+ env_session = env[@session_key]
+ unless env_session and env_session.is_a?(Hash)
+ raise NoSession, 'No compatible session'
+ end
+ # let us work in our own namespace...
+ session = (env_session[:openid] ||= {})
+ unless session and session.is_a?(Hash)
+ raise NoSession, 'Incompatible openid session'
+ end
+
+ request = Rack::Request.new(env)
+ consumer = ::OpenID::Consumer.new(session, @store)
+
+ if mode = request.GET['openid.mode']
+ if session.key?(:openid_param)
+ finish(consumer, session, request)
+ else
+ bad_request
+ end
+ elsif request.GET[@openid_param]
+ check(consumer, session, request)
+ else
+ unauthorized
+ end
+ end
+
+ # As the first part of OpenID consumer action, #check retrieves the data
+ # required for completion.
+ #
+ # If all parameters fit within the max length of a URI, a 303 redirect
+ # will be returned. Otherwise #confirm_post_params will be called.
+ #
+ # Any messages from OpenID's request are logged to env['rack.errors']
+ #
+ # <tt>env['rack.auth.openid.request']</tt> is the openid checkid request
+ # instance.
+ #
+ # <tt>session[:openid_param]</tt> is set to the openid identifier
+ # provided by the user.
+ #
+ # <tt>session[:return_to]</tt> is set to the return_to uri given to the
+ # identity provider.
+
+ def check(consumer, session, req)
+ oid = consumer.begin(req.GET[@openid_param], @anonymous)
+ req.env['rack.auth.openid.request'] = oid
+ req.env['rack.errors'].puts(oid.message)
+ p oid if $DEBUG
+
+ ## Extension support
+ extensions.each do |ext,args|
+ oid.add_extension(ext::Request.new(*args))
+ end
+
+ session[:openid_param] = req.GET[openid_param]
+ return_to_uri = return_to ? return_to : req.url
+ session[:return_to] = return_to_uri
+ immediate = session.key?(:setup_needed) ? false : immediate
+
+ if oid.send_redirect?(realm, return_to_uri, immediate)
+ uri = oid.redirect_url(realm, return_to_uri, immediate)
+ redirect(uri)
+ else
+ confirm_post_params(oid, realm, return_to_uri, immediate)
+ end
+ rescue ::OpenID::DiscoveryFailure => e
+ # thrown from inside OpenID::Consumer#begin by yadis stuff
+ req.env['rack.errors'].puts([e.message, *e.backtrace]*"\n")
+ return foreign_server_failure
+ end
+
+ # This is the final portion of authentication.
+ # If successful, a redirect to the realm is be returned.
+ # Data gathered from extensions are stored in session[:openid] with the
+ # extension's namespace uri as the key.
+ #
+ # Any messages from OpenID's response are logged to env['rack.errors']
+ #
+ # <tt>env['rack.auth.openid.response']</tt> will contain the openid
+ # response.
+
+ def finish(consumer, session, req)
+ oid = consumer.complete(req.GET, req.url)
+ req.env['rack.auth.openid.response'] = oid
+ req.env['rack.errors'].puts(oid.message)
+ p oid if $DEBUG
+
+ raise unless ValidStatus.include?(oid.status)
+ __send__(oid.status, oid, req, session)
+ end
+
+ # The first argument should be the main extension module.
+ # The extension module should contain the constants:
+ # * class Request, should have OpenID::Extension as an ancestor
+ # * class Response, should have OpenID::Extension as an ancestor
+ # * string NS_URI, which defining the namespace of the extension
+ #
+ # All trailing arguments will be passed to extension::Request.new in
+ # #check.
+ # The openid response will be passed to
+ # extension::Response#from_success_response, #get_extension_args will be
+ # called on the result to attain the gathered data.
+ #
+ # This method returns the key at which the response data will be found in
+ # the session, which is the namespace uri by default.
+
+ def add_extension(ext, *args)
+ raise BadExtension unless valid_extension?(ext)
+ extensions[ext] = args
+ return ext::NS_URI
+ end
+
+ # Checks the validitity, in the context of usage, of a submitted
+ # extension.
+
+ def valid_extension?(ext)
+ if not %w[NS_URI Request Response].all?{|c| ext.const_defined?(c) }
+ raise ArgumentError, 'Extension is missing constants.'
+ elsif not ext::Response.respond_to?(:from_success_response)
+ raise ArgumentError, 'Response is missing required method.'
+ end
+ return true
+ rescue
+ return false
+ end
+
+ # Checks the provided uri to ensure it'd be considered within the realm.
+ # is currently not compatible with wildcard realms.
+
+ def within_realm? uri
+ uri = URI.parse(uri.to_s)
+ realm = URI.parse(self.realm)
+ return false unless uri.absolute?
+ return false unless uri.path[0, realm.path.size] == realm.path
+ return false unless uri.host == realm.host or realm.host[/^\*\./]
+ # for wildcard support, is awkward with URI limitations
+ realm_match = Regexp.escape(realm.host).
+ sub(/^\*\./,"^#{URI::REGEXP::PATTERN::URIC_NO_SLASH}+.")+'$'
+ return false unless uri.host.match(realm_match)
+ return true
+ end
+ alias_method :include?, :within_realm?
+
+ protected
+
+ ### These methods define some of the boilerplate responses.
+
+ # Returns an html form page for posting to an Identity Provider if the
+ # GET request would exceed the upper URI length limit.
+
+ def confirm_post_params(oid, realm, return_to, immediate)
+ Rack::Response.new.finish do |r|
+ r.write '<html><head><title>Confirm...</title></head><body>'
+ r.write oid.form_markup(realm, return_to, immediate)
+ r.write '</body></html>'
+ end
+ end
+
+ # Returns a 303 redirect with the destination of that provided by the
+ # argument.
+
+ def redirect(uri)
+ [ 303, {'Content-Length'=>'0', 'Content-Type'=>'text/plain',
+ 'Location' => uri},
+ [] ]
+ end
+
+ # Returns an empty 400 response.
+
+ def bad_request
+ [ 400, {'Content-Type'=>'text/plain', 'Content-Length'=>'0'},
+ [''] ]
+ end
+
+ # Returns a basic unauthorized 401 response.
+
+ def unauthorized
+ [ 401, {'Content-Type' => 'text/plain', 'Content-Length' => '13'},
+ ['Unauthorized.'] ]
+ end
+
+ # Returns a basic access denied 403 response.
+
+ def access_denied
+ [ 403, {'Content-Type' => 'text/plain', 'Content-Length' => '14'},
+ ['Access denied.'] ]
+ end
+
+ # Returns a 503 response to be used if communication with the remote
+ # OpenID server fails.
+
+ def foreign_server_failure
+ [ 503, {'Content-Type'=>'text/plain', 'Content-Length' => '23'},
+ ['Foreign server failure.'] ]
+ end
+
+ private
+
+ ### These methods are called after a transaction is completed, depending
+ # on its outcome. These should all return a rack compatible response.
+ # You'd want to override these to provide additional functionality.
+
+ # Called to complete processing on a successful transaction.
+ # Within the openid session, :openid_identity and :openid_identifier are
+ # set to the user friendly and the standard representation of the
+ # validated identity. All other data in the openid session is cleared.
+
+ def success(oid, request, session)
+ session.clear
+ session[:openid_identity] = oid.display_identifier
+ session[:openid_identifier] = oid.identity_url
+ extensions.keys.each do |ext|
+ label = ext.name[/[^:]+$/].downcase
+ response = ext::Response.from_success_response(oid)
+ session[label] = response.data
+ end
+ redirect(realm)
+ end
+
+ # Called if the Identity Provider indicates further setup by the user is
+ # required.
+ # The identifier is retrived from the openid session at :openid_param.
+ # And :setup_needed is set to true to prevent looping.
+
+ def setup_needed(oid, request, session)
+ identifier = session[:openid_param]
+ session[:setup_needed] = true
+ redirect req.script_name + '?' + openid_param + '=' + identifier
+ end
+
+ # Called if the user indicates they wish to cancel identification.
+ # Data within openid session is cleared.
+
+ def cancel(oid, request, session)
+ session.clear
+ access_denied
+ end
+
+ # Called if the Identity Provider indicates the user is unable to confirm
+ # their identity. Data within the openid session is left alone, in case
+ # of swarm auth attacks.
+
+ def failure(oid, request, session)
+ unauthorized
+ end
+ end
+
+ # A class developed out of the request to use OpenID as an authentication
+ # middleware. The request will be sent to the OpenID instance unless the
+ # block evaluates to true. For example in rackup, you can use it as such:
+ #
+ # use Rack::Session::Pool
+ # use Rack::Auth::OpenIDAuth, realm, openid_options do |env|
+ # env['rack.session'][:authkey] == a_string
+ # end
+ # run RackApp
+ #
+ # Or simply:
+ #
+ # app = Rack::Auth::OpenIDAuth.new app, realm, openid_options, &auth
+
+ class OpenIDAuth < Rack::Auth::AbstractHandler
+ attr_reader :oid
+ def initialize(app, realm, options={}, &auth)
+ @oid = OpenID.new(realm, options)
+ super(app, &auth)
+ end
+
+ def call(env)
+ to = auth.call(env) ? @app : @oid
+ to.call env
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/builder.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/builder.rb
new file mode 100644
index 0000000000..295235e56a
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/builder.rb
@@ -0,0 +1,63 @@
+module Rack
+ # Rack::Builder implements a small DSL to iteratively construct Rack
+ # applications.
+ #
+ # Example:
+ #
+ # app = Rack::Builder.new {
+ # use Rack::CommonLogger
+ # use Rack::ShowExceptions
+ # map "/lobster" do
+ # use Rack::Lint
+ # run Rack::Lobster.new
+ # end
+ # }
+ #
+ # Or
+ #
+ # app = Rack::Builder.app do
+ # use Rack::CommonLogger
+ # lambda { |env| [200, {'Content-Type' => 'text/plain'}, 'OK'] }
+ # end
+ #
+ # +use+ adds a middleware to the stack, +run+ dispatches to an application.
+ # You can use +map+ to construct a Rack::URLMap in a convenient way.
+
+ class Builder
+ def initialize(&block)
+ @ins = []
+ instance_eval(&block) if block_given?
+ end
+
+ def self.app(&block)
+ self.new(&block).to_app
+ end
+
+ def use(middleware, *args, &block)
+ @ins << lambda { |app| middleware.new(app, *args, &block) }
+ end
+
+ def run(app)
+ @ins << app #lambda { |nothing| app }
+ end
+
+ def map(path, &block)
+ if @ins.last.kind_of? Hash
+ @ins.last[path] = self.class.new(&block).to_app
+ else
+ @ins << {}
+ map(path, &block)
+ end
+ end
+
+ def to_app
+ @ins[-1] = Rack::URLMap.new(@ins.last) if Hash === @ins.last
+ inner_app = @ins.last
+ @ins[0...-1].reverse.inject(inner_app) { |a, e| e.call(a) }
+ end
+
+ def call(env)
+ to_app.call(env)
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/cascade.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/cascade.rb
new file mode 100644
index 0000000000..a038aa1105
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/cascade.rb
@@ -0,0 +1,36 @@
+module Rack
+ # Rack::Cascade tries an request on several apps, and returns the
+ # first response that is not 404 (or in a list of configurable
+ # status codes).
+
+ class Cascade
+ attr_reader :apps
+
+ def initialize(apps, catch=404)
+ @apps = apps
+ @catch = [*catch]
+ end
+
+ def call(env)
+ status = headers = body = nil
+ raise ArgumentError, "empty cascade" if @apps.empty?
+ @apps.each { |app|
+ begin
+ status, headers, body = app.call(env)
+ break unless @catch.include?(status.to_i)
+ end
+ }
+ [status, headers, body]
+ end
+
+ def add app
+ @apps << app
+ end
+
+ def include? app
+ @apps.include? app
+ end
+
+ alias_method :<<, :add
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/chunked.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/chunked.rb
new file mode 100644
index 0000000000..280d89dd65
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/chunked.rb
@@ -0,0 +1,49 @@
+require 'rack/utils'
+
+module Rack
+
+ # Middleware that applies chunked transfer encoding to response bodies
+ # when the response does not include a Content-Length header.
+ class Chunked
+ include Rack::Utils
+
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ status, headers, body = @app.call(env)
+ headers = HeaderHash.new(headers)
+
+ if env['HTTP_VERSION'] == 'HTTP/1.0' ||
+ STATUS_WITH_NO_ENTITY_BODY.include?(status) ||
+ headers['Content-Length'] ||
+ headers['Transfer-Encoding']
+ [status, headers.to_hash, body]
+ else
+ dup.chunk(status, headers, body)
+ end
+ end
+
+ def chunk(status, headers, body)
+ @body = body
+ headers.delete('Content-Length')
+ headers['Transfer-Encoding'] = 'chunked'
+ [status, headers.to_hash, self]
+ end
+
+ def each
+ term = "\r\n"
+ @body.each do |chunk|
+ size = bytesize(chunk)
+ next if size == 0
+ yield [size.to_s(16), term, chunk, term].join
+ end
+ yield ["0", term, "", term].join
+ end
+
+ def close
+ @body.close if @body.respond_to?(:close)
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/commonlogger.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/commonlogger.rb
new file mode 100644
index 0000000000..5e68ac626d
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/commonlogger.rb
@@ -0,0 +1,61 @@
+module Rack
+ # Rack::CommonLogger forwards every request to an +app+ given, and
+ # logs a line in the Apache common log format to the +logger+, or
+ # rack.errors by default.
+
+ class CommonLogger
+ def initialize(app, logger=nil)
+ @app = app
+ @logger = logger
+ end
+
+ def call(env)
+ dup._call(env)
+ end
+
+ def _call(env)
+ @env = env
+ @logger ||= self
+ @time = Time.now
+ @status, @header, @body = @app.call(env)
+ [@status, @header, self]
+ end
+
+ def close
+ @body.close if @body.respond_to? :close
+ end
+
+ # By default, log to rack.errors.
+ def <<(str)
+ @env["rack.errors"].write(str)
+ @env["rack.errors"].flush
+ end
+
+ def each
+ length = 0
+ @body.each { |part|
+ length += part.size
+ yield part
+ }
+
+ @now = Time.now
+
+ # Common Log Format: http://httpd.apache.org/docs/1.3/logs.html#common
+ # lilith.local - - [07/Aug/2006 23:58:02] "GET / HTTP/1.1" 500 -
+ # %{%s - %s [%s] "%s %s%s %s" %d %s\n} %
+ @logger << %{%s - %s [%s] "%s %s%s %s" %d %s %0.4f\n} %
+ [
+ @env['HTTP_X_FORWARDED_FOR'] || @env["REMOTE_ADDR"] || "-",
+ @env["REMOTE_USER"] || "-",
+ @now.strftime("%d/%b/%Y %H:%M:%S"),
+ @env["REQUEST_METHOD"],
+ @env["PATH_INFO"],
+ @env["QUERY_STRING"].empty? ? "" : "?"+@env["QUERY_STRING"],
+ @env["HTTP_VERSION"],
+ @status.to_s[0..3],
+ (length.zero? ? "-" : length.to_s),
+ @now - @time
+ ]
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/conditionalget.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/conditionalget.rb
new file mode 100644
index 0000000000..7bec824181
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/conditionalget.rb
@@ -0,0 +1,45 @@
+require 'rack/utils'
+
+module Rack
+
+ # Middleware that enables conditional GET using If-None-Match and
+ # If-Modified-Since. The application should set either or both of the
+ # Last-Modified or Etag response headers according to RFC 2616. When
+ # either of the conditions is met, the response body is set to be zero
+ # length and the response status is set to 304 Not Modified.
+ #
+ # Applications that defer response body generation until the body's each
+ # message is received will avoid response body generation completely when
+ # a conditional GET matches.
+ #
+ # Adapted from Michael Klishin's Merb implementation:
+ # http://github.com/wycats/merb-core/tree/master/lib/merb-core/rack/middleware/conditional_get.rb
+ class ConditionalGet
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ return @app.call(env) unless %w[GET HEAD].include?(env['REQUEST_METHOD'])
+
+ status, headers, body = @app.call(env)
+ headers = Utils::HeaderHash.new(headers)
+ if etag_matches?(env, headers) || modified_since?(env, headers)
+ status = 304
+ body = []
+ end
+ [status, headers, body]
+ end
+
+ private
+ def etag_matches?(env, headers)
+ etag = headers['Etag'] and etag == env['HTTP_IF_NONE_MATCH']
+ end
+
+ def modified_since?(env, headers)
+ last_modified = headers['Last-Modified'] and
+ last_modified == env['HTTP_IF_MODIFIED_SINCE']
+ end
+ end
+
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/content_length.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/content_length.rb
new file mode 100644
index 0000000000..1e56d43853
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/content_length.rb
@@ -0,0 +1,29 @@
+require 'rack/utils'
+
+module Rack
+ # Sets the Content-Length header on responses with fixed-length bodies.
+ class ContentLength
+ include Rack::Utils
+
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ status, headers, body = @app.call(env)
+ headers = HeaderHash.new(headers)
+
+ if !STATUS_WITH_NO_ENTITY_BODY.include?(status) &&
+ !headers['Content-Length'] &&
+ !headers['Transfer-Encoding'] &&
+ (body.respond_to?(:to_ary) || body.respond_to?(:to_str))
+
+ body = [body] if body.respond_to?(:to_str) # rack 0.4 compat
+ length = body.to_ary.inject(0) { |len, part| len + bytesize(part) }
+ headers['Content-Length'] = length.to_s
+ end
+
+ [status, headers, body]
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/content_type.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/content_type.rb
new file mode 100644
index 0000000000..0c1e1ca3e1
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/content_type.rb
@@ -0,0 +1,23 @@
+require 'rack/utils'
+
+module Rack
+
+ # Sets the Content-Type header on responses which don't have one.
+ #
+ # Builder Usage:
+ # use Rack::ContentType, "text/plain"
+ #
+ # When no content type argument is provided, "text/html" is assumed.
+ class ContentType
+ def initialize(app, content_type = "text/html")
+ @app, @content_type = app, content_type
+ end
+
+ def call(env)
+ status, headers, body = @app.call(env)
+ headers = Utils::HeaderHash.new(headers)
+ headers['Content-Type'] ||= @content_type
+ [status, headers.to_hash, body]
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/deflater.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/deflater.rb
new file mode 100644
index 0000000000..a42b7477ae
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/deflater.rb
@@ -0,0 +1,85 @@
+require "zlib"
+require "stringio"
+require "time" # for Time.httpdate
+require 'rack/utils'
+
+module Rack
+ class Deflater
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ status, headers, body = @app.call(env)
+ headers = Utils::HeaderHash.new(headers)
+
+ # Skip compressing empty entity body responses and responses with
+ # no-transform set.
+ if Utils::STATUS_WITH_NO_ENTITY_BODY.include?(status) ||
+ headers['Cache-Control'].to_s =~ /\bno-transform\b/
+ return [status, headers, body]
+ end
+
+ request = Request.new(env)
+
+ encoding = Utils.select_best_encoding(%w(gzip deflate identity),
+ request.accept_encoding)
+
+ # Set the Vary HTTP header.
+ vary = headers["Vary"].to_s.split(",").map { |v| v.strip }
+ unless vary.include?("*") || vary.include?("Accept-Encoding")
+ headers["Vary"] = vary.push("Accept-Encoding").join(",")
+ end
+
+ case encoding
+ when "gzip"
+ mtime = headers.key?("Last-Modified") ?
+ Time.httpdate(headers["Last-Modified"]) : Time.now
+ body = self.class.gzip(body, mtime)
+ size = Rack::Utils.bytesize(body)
+ headers = headers.merge("Content-Encoding" => "gzip", "Content-Length" => size.to_s)
+ [status, headers, [body]]
+ when "deflate"
+ body = self.class.deflate(body)
+ size = Rack::Utils.bytesize(body)
+ headers = headers.merge("Content-Encoding" => "deflate", "Content-Length" => size.to_s)
+ [status, headers, [body]]
+ when "identity"
+ [status, headers, body]
+ when nil
+ message = "An acceptable encoding for the requested resource #{request.fullpath} could not be found."
+ [406, {"Content-Type" => "text/plain", "Content-Length" => message.length.to_s}, [message]]
+ end
+ end
+
+ def self.gzip(body, mtime)
+ io = StringIO.new
+ gzip = Zlib::GzipWriter.new(io)
+ gzip.mtime = mtime
+
+ # TODO: Add streaming
+ body.each { |part| gzip << part }
+
+ gzip.close
+ return io.string
+ end
+
+ DEFLATE_ARGS = [
+ Zlib::DEFAULT_COMPRESSION,
+ # drop the zlib header which causes both Safari and IE to choke
+ -Zlib::MAX_WBITS,
+ Zlib::DEF_MEM_LEVEL,
+ Zlib::DEFAULT_STRATEGY
+ ]
+
+ # Loosely based on Mongrel's Deflate handler
+ def self.deflate(body)
+ deflater = Zlib::Deflate.new(*DEFLATE_ARGS)
+
+ # TODO: Add streaming
+ body.each { |part| deflater << part }
+
+ return deflater.finish
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/directory.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/directory.rb
new file mode 100644
index 0000000000..acdd3029d3
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/directory.rb
@@ -0,0 +1,153 @@
+require 'time'
+require 'rack/utils'
+require 'rack/mime'
+
+module Rack
+ # Rack::Directory serves entries below the +root+ given, according to the
+ # path info of the Rack request. If a directory is found, the file's contents
+ # will be presented in an html based index. If a file is found, the env will
+ # be passed to the specified +app+.
+ #
+ # If +app+ is not specified, a Rack::File of the same +root+ will be used.
+
+ class Directory
+ DIR_FILE = "<tr><td class='name'><a href='%s'>%s</a></td><td class='size'>%s</td><td class='type'>%s</td><td class='mtime'>%s</td></tr>"
+ DIR_PAGE = <<-PAGE
+<html><head>
+ <title>%s</title>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <style type='text/css'>
+table { width:100%%; }
+.name { text-align:left; }
+.size, .mtime { text-align:right; }
+.type { width:11em; }
+.mtime { width:15em; }
+ </style>
+</head><body>
+<h1>%s</h1>
+<hr />
+<table>
+ <tr>
+ <th class='name'>Name</th>
+ <th class='size'>Size</th>
+ <th class='type'>Type</th>
+ <th class='mtime'>Last Modified</th>
+ </tr>
+%s
+</table>
+<hr />
+</body></html>
+ PAGE
+
+ attr_reader :files
+ attr_accessor :root, :path
+
+ def initialize(root, app=nil)
+ @root = F.expand_path(root)
+ @app = app || Rack::File.new(@root)
+ end
+
+ def call(env)
+ dup._call(env)
+ end
+
+ F = ::File
+
+ def _call(env)
+ @env = env
+ @script_name = env['SCRIPT_NAME']
+ @path_info = Utils.unescape(env['PATH_INFO'])
+
+ if forbidden = check_forbidden
+ forbidden
+ else
+ @path = F.join(@root, @path_info)
+ list_path
+ end
+ end
+
+ def check_forbidden
+ return unless @path_info.include? ".."
+
+ body = "Forbidden\n"
+ size = Rack::Utils.bytesize(body)
+ return [403, {"Content-Type" => "text/plain","Content-Length" => size.to_s}, [body]]
+ end
+
+ def list_directory
+ @files = [['../','Parent Directory','','','']]
+ glob = F.join(@path, '*')
+
+ Dir[glob].sort.each do |node|
+ stat = stat(node)
+ next unless stat
+ basename = F.basename(node)
+ ext = F.extname(node)
+
+ url = F.join(@script_name, @path_info, basename)
+ size = stat.size
+ type = stat.directory? ? 'directory' : Mime.mime_type(ext)
+ size = stat.directory? ? '-' : filesize_format(size)
+ mtime = stat.mtime.httpdate
+ url << '/' if stat.directory?
+ basename << '/' if stat.directory?
+
+ @files << [ url, basename, size, type, mtime ]
+ end
+
+ return [ 200, {'Content-Type'=>'text/html; charset=utf-8'}, self ]
+ end
+
+ def stat(node, max = 10)
+ F.stat(node)
+ rescue Errno::ENOENT, Errno::ELOOP
+ return nil
+ end
+
+ # TODO: add correct response if not readable, not sure if 404 is the best
+ # option
+ def list_path
+ @stat = F.stat(@path)
+
+ if @stat.readable?
+ return @app.call(@env) if @stat.file?
+ return list_directory if @stat.directory?
+ else
+ raise Errno::ENOENT, 'No such file or directory'
+ end
+
+ rescue Errno::ENOENT, Errno::ELOOP
+ return entity_not_found
+ end
+
+ def entity_not_found
+ body = "Entity not found: #{@path_info}\n"
+ size = Rack::Utils.bytesize(body)
+ return [404, {"Content-Type" => "text/plain", "Content-Length" => size.to_s}, [body]]
+ end
+
+ def each
+ show_path = @path.sub(/^#{@root}/,'')
+ files = @files.map{|f| DIR_FILE % f }*"\n"
+ page = DIR_PAGE % [ show_path, show_path , files ]
+ page.each_line{|l| yield l }
+ end
+
+ # Stolen from Ramaze
+
+ FILESIZE_FORMAT = [
+ ['%.1fT', 1 << 40],
+ ['%.1fG', 1 << 30],
+ ['%.1fM', 1 << 20],
+ ['%.1fK', 1 << 10],
+ ]
+
+ def filesize_format(int)
+ FILESIZE_FORMAT.each do |format, size|
+ return format % (int.to_f / size) if int >= size
+ end
+
+ int.to_s + 'B'
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/file.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/file.rb
new file mode 100644
index 0000000000..fe62bd6b86
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/file.rb
@@ -0,0 +1,88 @@
+require 'time'
+require 'rack/utils'
+require 'rack/mime'
+
+module Rack
+ # Rack::File serves files below the +root+ given, according to the
+ # path info of the Rack request.
+ #
+ # Handlers can detect if bodies are a Rack::File, and use mechanisms
+ # like sendfile on the +path+.
+
+ class File
+ attr_accessor :root
+ attr_accessor :path
+
+ alias :to_path :path
+
+ def initialize(root)
+ @root = root
+ end
+
+ def call(env)
+ dup._call(env)
+ end
+
+ F = ::File
+
+ def _call(env)
+ @path_info = Utils.unescape(env["PATH_INFO"])
+ return forbidden if @path_info.include? ".."
+
+ @path = F.join(@root, @path_info)
+
+ begin
+ if F.file?(@path) && F.readable?(@path)
+ serving
+ else
+ raise Errno::EPERM
+ end
+ rescue SystemCallError
+ not_found
+ end
+ end
+
+ def forbidden
+ body = "Forbidden\n"
+ [403, {"Content-Type" => "text/plain",
+ "Content-Length" => body.size.to_s},
+ [body]]
+ end
+
+ # NOTE:
+ # We check via File::size? whether this file provides size info
+ # via stat (e.g. /proc files often don't), otherwise we have to
+ # figure it out by reading the whole file into memory. And while
+ # we're at it we also use this as body then.
+
+ def serving
+ if size = F.size?(@path)
+ body = self
+ else
+ body = [F.read(@path)]
+ size = Utils.bytesize(body.first)
+ end
+
+ [200, {
+ "Last-Modified" => F.mtime(@path).httpdate,
+ "Content-Type" => Mime.mime_type(F.extname(@path), 'text/plain'),
+ "Content-Length" => size.to_s
+ }, body]
+ end
+
+ def not_found
+ body = "File not found: #{@path_info}\n"
+ [404, {"Content-Type" => "text/plain",
+ "Content-Length" => body.size.to_s},
+ [body]]
+ end
+
+ def each
+ F.open(@path, "rb") { |file|
+ while part = file.read(8192)
+ yield part
+ end
+ }
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler.rb
new file mode 100644
index 0000000000..1018af64c7
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler.rb
@@ -0,0 +1,48 @@
+module Rack
+ # *Handlers* connect web servers with Rack.
+ #
+ # Rack includes Handlers for Mongrel, WEBrick, FastCGI, CGI, SCGI
+ # and LiteSpeed.
+ #
+ # Handlers usually are activated by calling <tt>MyHandler.run(myapp)</tt>.
+ # A second optional hash can be passed to include server-specific
+ # configuration.
+ module Handler
+ def self.get(server)
+ return unless server
+
+ if klass = @handlers[server]
+ obj = Object
+ klass.split("::").each { |x| obj = obj.const_get(x) }
+ obj
+ else
+ Rack::Handler.const_get(server.capitalize)
+ end
+ end
+
+ def self.register(server, klass)
+ @handlers ||= {}
+ @handlers[server] = klass
+ end
+
+ autoload :CGI, "rack/handler/cgi"
+ autoload :FastCGI, "rack/handler/fastcgi"
+ autoload :Mongrel, "rack/handler/mongrel"
+ autoload :EventedMongrel, "rack/handler/evented_mongrel"
+ autoload :SwiftipliedMongrel, "rack/handler/swiftiplied_mongrel"
+ autoload :WEBrick, "rack/handler/webrick"
+ autoload :LSWS, "rack/handler/lsws"
+ autoload :SCGI, "rack/handler/scgi"
+ autoload :Thin, "rack/handler/thin"
+
+ register 'cgi', 'Rack::Handler::CGI'
+ register 'fastcgi', 'Rack::Handler::FastCGI'
+ register 'mongrel', 'Rack::Handler::Mongrel'
+ register 'emongrel', 'Rack::Handler::EventedMongrel'
+ register 'smongrel', 'Rack::Handler::SwiftipliedMongrel'
+ register 'webrick', 'Rack::Handler::WEBrick'
+ register 'lsws', 'Rack::Handler::LSWS'
+ register 'scgi', 'Rack::Handler::SCGI'
+ register 'thin', 'Rack::Handler::Thin'
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/cgi.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/cgi.rb
new file mode 100644
index 0000000000..e38156c7f0
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/cgi.rb
@@ -0,0 +1,61 @@
+require 'rack/content_length'
+
+module Rack
+ module Handler
+ class CGI
+ def self.run(app, options=nil)
+ serve app
+ end
+
+ def self.serve(app)
+ app = ContentLength.new(app)
+
+ env = ENV.to_hash
+ env.delete "HTTP_CONTENT_LENGTH"
+
+ env["SCRIPT_NAME"] = "" if env["SCRIPT_NAME"] == "/"
+
+ env.update({"rack.version" => [0,1],
+ "rack.input" => $stdin,
+ "rack.errors" => $stderr,
+
+ "rack.multithread" => false,
+ "rack.multiprocess" => true,
+ "rack.run_once" => true,
+
+ "rack.url_scheme" => ["yes", "on", "1"].include?(ENV["HTTPS"]) ? "https" : "http"
+ })
+
+ env["QUERY_STRING"] ||= ""
+ env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"]
+ env["REQUEST_PATH"] ||= "/"
+
+ status, headers, body = app.call(env)
+ begin
+ send_headers status, headers
+ send_body body
+ ensure
+ body.close if body.respond_to? :close
+ end
+ end
+
+ def self.send_headers(status, headers)
+ STDOUT.print "Status: #{status}\r\n"
+ headers.each { |k, vs|
+ vs.split("\n").each { |v|
+ STDOUT.print "#{k}: #{v}\r\n"
+ }
+ }
+ STDOUT.print "\r\n"
+ STDOUT.flush
+ end
+
+ def self.send_body(body)
+ body.each { |part|
+ STDOUT.print part
+ STDOUT.flush
+ }
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/evented_mongrel.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/evented_mongrel.rb
new file mode 100644
index 0000000000..0f5cbf7293
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/evented_mongrel.rb
@@ -0,0 +1,8 @@
+require 'swiftcore/evented_mongrel'
+
+module Rack
+ module Handler
+ class EventedMongrel < Handler::Mongrel
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/fastcgi.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/fastcgi.rb
new file mode 100644
index 0000000000..6324c7d274
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/fastcgi.rb
@@ -0,0 +1,89 @@
+require 'fcgi'
+require 'socket'
+require 'rack/content_length'
+
+module Rack
+ module Handler
+ class FastCGI
+ def self.run(app, options={})
+ file = options[:File] and STDIN.reopen(UNIXServer.new(file))
+ port = options[:Port] and STDIN.reopen(TCPServer.new(port))
+ FCGI.each { |request|
+ serve request, app
+ }
+ end
+
+ module ProperStream # :nodoc:
+ def each # This is missing by default.
+ while line = gets
+ yield line
+ end
+ end
+
+ def read(*args)
+ if args.empty?
+ super || "" # Empty string on EOF.
+ else
+ super
+ end
+ end
+ end
+
+ def self.serve(request, app)
+ app = Rack::ContentLength.new(app)
+
+ env = request.env
+ env.delete "HTTP_CONTENT_LENGTH"
+
+ request.in.extend ProperStream
+
+ env["SCRIPT_NAME"] = "" if env["SCRIPT_NAME"] == "/"
+
+ env.update({"rack.version" => [0,1],
+ "rack.input" => request.in,
+ "rack.errors" => request.err,
+
+ "rack.multithread" => false,
+ "rack.multiprocess" => true,
+ "rack.run_once" => false,
+
+ "rack.url_scheme" => ["yes", "on", "1"].include?(env["HTTPS"]) ? "https" : "http"
+ })
+
+ env["QUERY_STRING"] ||= ""
+ env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"]
+ env["REQUEST_PATH"] ||= "/"
+ env.delete "PATH_INFO" if env["PATH_INFO"] == ""
+ env.delete "CONTENT_TYPE" if env["CONTENT_TYPE"] == ""
+ env.delete "CONTENT_LENGTH" if env["CONTENT_LENGTH"] == ""
+
+ status, headers, body = app.call(env)
+ begin
+ send_headers request.out, status, headers
+ send_body request.out, body
+ ensure
+ body.close if body.respond_to? :close
+ request.finish
+ end
+ end
+
+ def self.send_headers(out, status, headers)
+ out.print "Status: #{status}\r\n"
+ headers.each { |k, vs|
+ vs.split("\n").each { |v|
+ out.print "#{k}: #{v}\r\n"
+ }
+ }
+ out.print "\r\n"
+ out.flush
+ end
+
+ def self.send_body(out, body)
+ body.each { |part|
+ out.print part
+ out.flush
+ }
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/lsws.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/lsws.rb
new file mode 100644
index 0000000000..c65ba3ec8e
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/lsws.rb
@@ -0,0 +1,55 @@
+require 'lsapi'
+require 'rack/content_length'
+
+module Rack
+ module Handler
+ class LSWS
+ def self.run(app, options=nil)
+ while LSAPI.accept != nil
+ serve app
+ end
+ end
+ def self.serve(app)
+ app = Rack::ContentLength.new(app)
+
+ env = ENV.to_hash
+ env.delete "HTTP_CONTENT_LENGTH"
+ env["SCRIPT_NAME"] = "" if env["SCRIPT_NAME"] == "/"
+ env.update({"rack.version" => [0,1],
+ "rack.input" => StringIO.new($stdin.read.to_s),
+ "rack.errors" => $stderr,
+ "rack.multithread" => false,
+ "rack.multiprocess" => true,
+ "rack.run_once" => false,
+ "rack.url_scheme" => ["yes", "on", "1"].include?(ENV["HTTPS"]) ? "https" : "http"
+ })
+ env["QUERY_STRING"] ||= ""
+ env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"]
+ env["REQUEST_PATH"] ||= "/"
+ status, headers, body = app.call(env)
+ begin
+ send_headers status, headers
+ send_body body
+ ensure
+ body.close if body.respond_to? :close
+ end
+ end
+ def self.send_headers(status, headers)
+ print "Status: #{status}\r\n"
+ headers.each { |k, vs|
+ vs.split("\n").each { |v|
+ print "#{k}: #{v}\r\n"
+ }
+ }
+ print "\r\n"
+ STDOUT.flush
+ end
+ def self.send_body(body)
+ body.each { |part|
+ print part
+ STDOUT.flush
+ }
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/mongrel.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/mongrel.rb
new file mode 100644
index 0000000000..f0c0d58330
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/mongrel.rb
@@ -0,0 +1,84 @@
+require 'mongrel'
+require 'stringio'
+require 'rack/content_length'
+require 'rack/chunked'
+
+module Rack
+ module Handler
+ class Mongrel < ::Mongrel::HttpHandler
+ def self.run(app, options={})
+ server = ::Mongrel::HttpServer.new(options[:Host] || '0.0.0.0',
+ options[:Port] || 8080)
+ # Acts like Rack::URLMap, utilizing Mongrel's own path finding methods.
+ # Use is similar to #run, replacing the app argument with a hash of
+ # { path=>app, ... } or an instance of Rack::URLMap.
+ if options[:map]
+ if app.is_a? Hash
+ app.each do |path, appl|
+ path = '/'+path unless path[0] == ?/
+ server.register(path, Rack::Handler::Mongrel.new(appl))
+ end
+ elsif app.is_a? URLMap
+ app.instance_variable_get(:@mapping).each do |(host, path, appl)|
+ next if !host.nil? && !options[:Host].nil? && options[:Host] != host
+ path = '/'+path unless path[0] == ?/
+ server.register(path, Rack::Handler::Mongrel.new(appl))
+ end
+ else
+ raise ArgumentError, "first argument should be a Hash or URLMap"
+ end
+ else
+ server.register('/', Rack::Handler::Mongrel.new(app))
+ end
+ yield server if block_given?
+ server.run.join
+ end
+
+ def initialize(app)
+ @app = Rack::Chunked.new(Rack::ContentLength.new(app))
+ end
+
+ def process(request, response)
+ env = {}.replace(request.params)
+ env.delete "HTTP_CONTENT_TYPE"
+ env.delete "HTTP_CONTENT_LENGTH"
+
+ env["SCRIPT_NAME"] = "" if env["SCRIPT_NAME"] == "/"
+
+ env.update({"rack.version" => [0,1],
+ "rack.input" => request.body || StringIO.new(""),
+ "rack.errors" => $stderr,
+
+ "rack.multithread" => true,
+ "rack.multiprocess" => false, # ???
+ "rack.run_once" => false,
+
+ "rack.url_scheme" => "http",
+ })
+ env["QUERY_STRING"] ||= ""
+ env.delete "PATH_INFO" if env["PATH_INFO"] == ""
+
+ status, headers, body = @app.call(env)
+
+ begin
+ response.status = status.to_i
+ response.send_status(nil)
+
+ headers.each { |k, vs|
+ vs.split("\n").each { |v|
+ response.header[k] = v
+ }
+ }
+ response.send_header
+
+ body.each { |part|
+ response.write part
+ response.socket.flush
+ }
+ ensure
+ body.close if body.respond_to? :close
+ end
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/scgi.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/scgi.rb
new file mode 100644
index 0000000000..9495c66374
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/scgi.rb
@@ -0,0 +1,59 @@
+require 'scgi'
+require 'stringio'
+require 'rack/content_length'
+require 'rack/chunked'
+
+module Rack
+ module Handler
+ class SCGI < ::SCGI::Processor
+ attr_accessor :app
+
+ def self.run(app, options=nil)
+ new(options.merge(:app=>app,
+ :host=>options[:Host],
+ :port=>options[:Port],
+ :socket=>options[:Socket])).listen
+ end
+
+ def initialize(settings = {})
+ @app = Rack::Chunked.new(Rack::ContentLength.new(settings[:app]))
+ @log = Object.new
+ def @log.info(*args); end
+ def @log.error(*args); end
+ super(settings)
+ end
+
+ def process_request(request, input_body, socket)
+ env = {}.replace(request)
+ env.delete "HTTP_CONTENT_TYPE"
+ env.delete "HTTP_CONTENT_LENGTH"
+ env["REQUEST_PATH"], env["QUERY_STRING"] = env["REQUEST_URI"].split('?', 2)
+ env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"]
+ env["PATH_INFO"] = env["REQUEST_PATH"]
+ env["QUERY_STRING"] ||= ""
+ env["SCRIPT_NAME"] = ""
+ env.update({"rack.version" => [0,1],
+ "rack.input" => StringIO.new(input_body),
+ "rack.errors" => $stderr,
+
+ "rack.multithread" => true,
+ "rack.multiprocess" => true,
+ "rack.run_once" => false,
+
+ "rack.url_scheme" => ["yes", "on", "1"].include?(env["HTTPS"]) ? "https" : "http"
+ })
+ status, headers, body = app.call(env)
+ begin
+ socket.write("Status: #{status}\r\n")
+ headers.each do |k, vs|
+ vs.split("\n").each { |v| socket.write("#{k}: #{v}\r\n")}
+ end
+ socket.write("\r\n")
+ body.each {|s| socket.write(s)}
+ ensure
+ body.close if body.respond_to? :close
+ end
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/swiftiplied_mongrel.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/swiftiplied_mongrel.rb
new file mode 100644
index 0000000000..4bafd0b953
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/swiftiplied_mongrel.rb
@@ -0,0 +1,8 @@
+require 'swiftcore/swiftiplied_mongrel'
+
+module Rack
+ module Handler
+ class SwiftipliedMongrel < Handler::Mongrel
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/thin.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/thin.rb
new file mode 100644
index 0000000000..3d4fedff75
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/thin.rb
@@ -0,0 +1,18 @@
+require "thin"
+require "rack/content_length"
+require "rack/chunked"
+
+module Rack
+ module Handler
+ class Thin
+ def self.run(app, options={})
+ app = Rack::Chunked.new(Rack::ContentLength.new(app))
+ server = ::Thin::Server.new(options[:Host] || '0.0.0.0',
+ options[:Port] || 8080,
+ app)
+ yield server if block_given?
+ server.start
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/webrick.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/webrick.rb
new file mode 100644
index 0000000000..829e7d6bf8
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/handler/webrick.rb
@@ -0,0 +1,67 @@
+require 'webrick'
+require 'stringio'
+require 'rack/content_length'
+
+module Rack
+ module Handler
+ class WEBrick < ::WEBrick::HTTPServlet::AbstractServlet
+ def self.run(app, options={})
+ server = ::WEBrick::HTTPServer.new(options)
+ server.mount "/", Rack::Handler::WEBrick, app
+ trap(:INT) { server.shutdown }
+ yield server if block_given?
+ server.start
+ end
+
+ def initialize(server, app)
+ super server
+ @app = Rack::ContentLength.new(app)
+ end
+
+ def service(req, res)
+ env = req.meta_vars
+ env.delete_if { |k, v| v.nil? }
+
+ env.update({"rack.version" => [0,1],
+ "rack.input" => StringIO.new(req.body.to_s),
+ "rack.errors" => $stderr,
+
+ "rack.multithread" => true,
+ "rack.multiprocess" => false,
+ "rack.run_once" => false,
+
+ "rack.url_scheme" => ["yes", "on", "1"].include?(ENV["HTTPS"]) ? "https" : "http"
+ })
+
+ env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"]
+ env["QUERY_STRING"] ||= ""
+ env["REQUEST_PATH"] ||= "/"
+ if env["PATH_INFO"] == ""
+ env.delete "PATH_INFO"
+ else
+ path, n = req.request_uri.path, env["SCRIPT_NAME"].length
+ env["PATH_INFO"] = path[n, path.length-n]
+ end
+
+ status, headers, body = @app.call(env)
+ begin
+ res.status = status.to_i
+ headers.each { |k, vs|
+ if k.downcase == "set-cookie"
+ res.cookies.concat vs.split("\n")
+ else
+ vs.split("\n").each { |v|
+ res[k] = v
+ }
+ end
+ }
+ body.each { |part|
+ res.body << part
+ }
+ ensure
+ body.close if body.respond_to? :close
+ end
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/head.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/head.rb
new file mode 100644
index 0000000000..deab822a99
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/head.rb
@@ -0,0 +1,19 @@
+module Rack
+
+class Head
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ status, headers, body = @app.call(env)
+
+ if env["REQUEST_METHOD"] == "HEAD"
+ [status, headers, []]
+ else
+ [status, headers, body]
+ end
+ end
+end
+
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/lint.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/lint.rb
new file mode 100644
index 0000000000..44a33ce36e
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/lint.rb
@@ -0,0 +1,462 @@
+require 'rack/utils'
+
+module Rack
+ # Rack::Lint validates your application and the requests and
+ # responses according to the Rack spec.
+
+ class Lint
+ def initialize(app)
+ @app = app
+ end
+
+ # :stopdoc:
+
+ class LintError < RuntimeError; end
+ module Assertion
+ def assert(message, &block)
+ unless block.call
+ raise LintError, message
+ end
+ end
+ end
+ include Assertion
+
+ ## This specification aims to formalize the Rack protocol. You
+ ## can (and should) use Rack::Lint to enforce it.
+ ##
+ ## When you develop middleware, be sure to add a Lint before and
+ ## after to catch all mistakes.
+
+ ## = Rack applications
+
+ ## A Rack application is an Ruby object (not a class) that
+ ## responds to +call+.
+ def call(env=nil)
+ dup._call(env)
+ end
+
+ def _call(env)
+ ## It takes exactly one argument, the *environment*
+ assert("No env given") { env }
+ check_env env
+
+ env['rack.input'] = InputWrapper.new(env['rack.input'])
+ env['rack.errors'] = ErrorWrapper.new(env['rack.errors'])
+
+ ## and returns an Array of exactly three values:
+ status, headers, @body = @app.call(env)
+ ## The *status*,
+ check_status status
+ ## the *headers*,
+ check_headers headers
+ ## and the *body*.
+ check_content_type status, headers
+ check_content_length status, headers, env
+ [status, headers, self]
+ end
+
+ ## == The Environment
+ def check_env(env)
+ ## The environment must be an true instance of Hash (no
+ ## subclassing allowed) that includes CGI-like headers.
+ ## The application is free to modify the environment.
+ assert("env #{env.inspect} is not a Hash, but #{env.class}") {
+ env.instance_of? Hash
+ }
+
+ ##
+ ## The environment is required to include these variables
+ ## (adopted from PEP333), except when they'd be empty, but see
+ ## below.
+
+ ## <tt>REQUEST_METHOD</tt>:: The HTTP request method, such as
+ ## "GET" or "POST". This cannot ever
+ ## be an empty string, and so is
+ ## always required.
+
+ ## <tt>SCRIPT_NAME</tt>:: The initial portion of the request
+ ## URL's "path" that corresponds to the
+ ## application object, so that the
+ ## application knows its virtual
+ ## "location". This may be an empty
+ ## string, if the application corresponds
+ ## to the "root" of the server.
+
+ ## <tt>PATH_INFO</tt>:: The remainder of the request URL's
+ ## "path", designating the virtual
+ ## "location" of the request's target
+ ## within the application. This may be an
+ ## empty string, if the request URL targets
+ ## the application root and does not have a
+ ## trailing slash. This information should be
+ ## decoded by the server if it comes from a
+ ## URL.
+
+ ## <tt>QUERY_STRING</tt>:: The portion of the request URL that
+ ## follows the <tt>?</tt>, if any. May be
+ ## empty, but is always required!
+
+ ## <tt>SERVER_NAME</tt>, <tt>SERVER_PORT</tt>:: When combined with <tt>SCRIPT_NAME</tt> and <tt>PATH_INFO</tt>, these variables can be used to complete the URL. Note, however, that <tt>HTTP_HOST</tt>, if present, should be used in preference to <tt>SERVER_NAME</tt> for reconstructing the request URL. <tt>SERVER_NAME</tt> and <tt>SERVER_PORT</tt> can never be empty strings, and so are always required.
+
+ ## <tt>HTTP_</tt> Variables:: Variables corresponding to the
+ ## client-supplied HTTP request
+ ## headers (i.e., variables whose
+ ## names begin with <tt>HTTP_</tt>). The
+ ## presence or absence of these
+ ## variables should correspond with
+ ## the presence or absence of the
+ ## appropriate HTTP header in the
+ ## request.
+
+ ## In addition to this, the Rack environment must include these
+ ## Rack-specific variables:
+
+ ## <tt>rack.version</tt>:: The Array [0,1], representing this version of Rack.
+ ## <tt>rack.url_scheme</tt>:: +http+ or +https+, depending on the request URL.
+ ## <tt>rack.input</tt>:: See below, the input stream.
+ ## <tt>rack.errors</tt>:: See below, the error stream.
+ ## <tt>rack.multithread</tt>:: true if the application object may be simultaneously invoked by another thread in the same process, false otherwise.
+ ## <tt>rack.multiprocess</tt>:: true if an equivalent application object may be simultaneously invoked by another process, false otherwise.
+ ## <tt>rack.run_once</tt>:: true if the server expects (but does not guarantee!) that the application will only be invoked this one time during the life of its containing process. Normally, this will only be true for a server based on CGI (or something similar).
+
+ ## The server or the application can store their own data in the
+ ## environment, too. The keys must contain at least one dot,
+ ## and should be prefixed uniquely. The prefix <tt>rack.</tt>
+ ## is reserved for use with the Rack core distribution and must
+ ## not be used otherwise.
+ ##
+
+ %w[REQUEST_METHOD SERVER_NAME SERVER_PORT
+ QUERY_STRING
+ rack.version rack.input rack.errors
+ rack.multithread rack.multiprocess rack.run_once].each { |header|
+ assert("env missing required key #{header}") { env.include? header }
+ }
+
+ ## The environment must not contain the keys
+ ## <tt>HTTP_CONTENT_TYPE</tt> or <tt>HTTP_CONTENT_LENGTH</tt>
+ ## (use the versions without <tt>HTTP_</tt>).
+ %w[HTTP_CONTENT_TYPE HTTP_CONTENT_LENGTH].each { |header|
+ assert("env contains #{header}, must use #{header[5,-1]}") {
+ not env.include? header
+ }
+ }
+
+ ## The CGI keys (named without a period) must have String values.
+ env.each { |key, value|
+ next if key.include? "." # Skip extensions
+ assert("env variable #{key} has non-string value #{value.inspect}") {
+ value.instance_of? String
+ }
+ }
+
+ ##
+ ## There are the following restrictions:
+
+ ## * <tt>rack.version</tt> must be an array of Integers.
+ assert("rack.version must be an Array, was #{env["rack.version"].class}") {
+ env["rack.version"].instance_of? Array
+ }
+ ## * <tt>rack.url_scheme</tt> must either be +http+ or +https+.
+ assert("rack.url_scheme unknown: #{env["rack.url_scheme"].inspect}") {
+ %w[http https].include? env["rack.url_scheme"]
+ }
+
+ ## * There must be a valid input stream in <tt>rack.input</tt>.
+ check_input env["rack.input"]
+ ## * There must be a valid error stream in <tt>rack.errors</tt>.
+ check_error env["rack.errors"]
+
+ ## * The <tt>REQUEST_METHOD</tt> must be a valid token.
+ assert("REQUEST_METHOD unknown: #{env["REQUEST_METHOD"]}") {
+ env["REQUEST_METHOD"] =~ /\A[0-9A-Za-z!\#$%&'*+.^_`|~-]+\z/
+ }
+
+ ## * The <tt>SCRIPT_NAME</tt>, if non-empty, must start with <tt>/</tt>
+ assert("SCRIPT_NAME must start with /") {
+ !env.include?("SCRIPT_NAME") ||
+ env["SCRIPT_NAME"] == "" ||
+ env["SCRIPT_NAME"] =~ /\A\//
+ }
+ ## * The <tt>PATH_INFO</tt>, if non-empty, must start with <tt>/</tt>
+ assert("PATH_INFO must start with /") {
+ !env.include?("PATH_INFO") ||
+ env["PATH_INFO"] == "" ||
+ env["PATH_INFO"] =~ /\A\//
+ }
+ ## * The <tt>CONTENT_LENGTH</tt>, if given, must consist of digits only.
+ assert("Invalid CONTENT_LENGTH: #{env["CONTENT_LENGTH"]}") {
+ !env.include?("CONTENT_LENGTH") || env["CONTENT_LENGTH"] =~ /\A\d+\z/
+ }
+
+ ## * One of <tt>SCRIPT_NAME</tt> or <tt>PATH_INFO</tt> must be
+ ## set. <tt>PATH_INFO</tt> should be <tt>/</tt> if
+ ## <tt>SCRIPT_NAME</tt> is empty.
+ assert("One of SCRIPT_NAME or PATH_INFO must be set (make PATH_INFO '/' if SCRIPT_NAME is empty)") {
+ env["SCRIPT_NAME"] || env["PATH_INFO"]
+ }
+ ## <tt>SCRIPT_NAME</tt> never should be <tt>/</tt>, but instead be empty.
+ assert("SCRIPT_NAME cannot be '/', make it '' and PATH_INFO '/'") {
+ env["SCRIPT_NAME"] != "/"
+ }
+ end
+
+ ## === The Input Stream
+ def check_input(input)
+ ## The input stream must respond to +gets+, +each+ and +read+.
+ [:gets, :each, :read].each { |method|
+ assert("rack.input #{input} does not respond to ##{method}") {
+ input.respond_to? method
+ }
+ }
+ end
+
+ class InputWrapper
+ include Assertion
+
+ def initialize(input)
+ @input = input
+ end
+
+ def size
+ @input.size
+ end
+
+ def rewind
+ @input.rewind
+ end
+
+ ## * +gets+ must be called without arguments and return a string,
+ ## or +nil+ on EOF.
+ def gets(*args)
+ assert("rack.input#gets called with arguments") { args.size == 0 }
+ v = @input.gets
+ assert("rack.input#gets didn't return a String") {
+ v.nil? or v.instance_of? String
+ }
+ v
+ end
+
+ ## * +read+ must be called without or with one integer argument
+ ## and return a string, or +nil+ on EOF.
+ def read(*args)
+ assert("rack.input#read called with too many arguments") {
+ args.size <= 1
+ }
+ if args.size == 1
+ assert("rack.input#read called with non-integer argument") {
+ args.first.kind_of? Integer
+ }
+ end
+ v = @input.read(*args)
+ assert("rack.input#read didn't return a String") {
+ v.nil? or v.instance_of? String
+ }
+ v
+ end
+
+ ## * +each+ must be called without arguments and only yield Strings.
+ def each(*args)
+ assert("rack.input#each called with arguments") { args.size == 0 }
+ @input.each { |line|
+ assert("rack.input#each didn't yield a String") {
+ line.instance_of? String
+ }
+ yield line
+ }
+ end
+
+ ## * +close+ must never be called on the input stream.
+ def close(*args)
+ assert("rack.input#close must not be called") { false }
+ end
+ end
+
+ ## === The Error Stream
+ def check_error(error)
+ ## The error stream must respond to +puts+, +write+ and +flush+.
+ [:puts, :write, :flush].each { |method|
+ assert("rack.error #{error} does not respond to ##{method}") {
+ error.respond_to? method
+ }
+ }
+ end
+
+ class ErrorWrapper
+ include Assertion
+
+ def initialize(error)
+ @error = error
+ end
+
+ ## * +puts+ must be called with a single argument that responds to +to_s+.
+ def puts(str)
+ @error.puts str
+ end
+
+ ## * +write+ must be called with a single argument that is a String.
+ def write(str)
+ assert("rack.errors#write not called with a String") { str.instance_of? String }
+ @error.write str
+ end
+
+ ## * +flush+ must be called without arguments and must be called
+ ## in order to make the error appear for sure.
+ def flush
+ @error.flush
+ end
+
+ ## * +close+ must never be called on the error stream.
+ def close(*args)
+ assert("rack.errors#close must not be called") { false }
+ end
+ end
+
+ ## == The Response
+
+ ## === The Status
+ def check_status(status)
+ ## The status, if parsed as integer (+to_i+), must be greater than or equal to 100.
+ assert("Status must be >=100 seen as integer") { status.to_i >= 100 }
+ end
+
+ ## === The Headers
+ def check_headers(header)
+ ## The header must respond to each, and yield values of key and value.
+ assert("headers object should respond to #each, but doesn't (got #{header.class} as headers)") {
+ header.respond_to? :each
+ }
+ header.each { |key, value|
+ ## The header keys must be Strings.
+ assert("header key must be a string, was #{key.class}") {
+ key.instance_of? String
+ }
+ ## The header must not contain a +Status+ key,
+ assert("header must not contain Status") { key.downcase != "status" }
+ ## contain keys with <tt>:</tt> or newlines in their name,
+ assert("header names must not contain : or \\n") { key !~ /[:\n]/ }
+ ## contain keys names that end in <tt>-</tt> or <tt>_</tt>,
+ assert("header names must not end in - or _") { key !~ /[-_]\z/ }
+ ## but only contain keys that consist of
+ ## letters, digits, <tt>_</tt> or <tt>-</tt> and start with a letter.
+ assert("invalid header name: #{key}") { key =~ /\A[a-zA-Z][a-zA-Z0-9_-]*\z/ }
+
+ ## The values of the header must be Strings,
+ assert("a header value must be a String, but the value of " +
+ "'#{key}' is a #{value.class}") { value.kind_of? String }
+ ## consisting of lines (for multiple header values) seperated by "\n".
+ value.split("\n").each { |item|
+ ## The lines must not contain characters below 037.
+ assert("invalid header value #{key}: #{item.inspect}") {
+ item !~ /[\000-\037]/
+ }
+ }
+ }
+ end
+
+ ## === The Content-Type
+ def check_content_type(status, headers)
+ headers.each { |key, value|
+ ## There must be a <tt>Content-Type</tt>, except when the
+ ## +Status+ is 1xx, 204 or 304, in which case there must be none
+ ## given.
+ if key.downcase == "content-type"
+ assert("Content-Type header found in #{status} response, not allowed") {
+ not Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
+ }
+ return
+ end
+ }
+ assert("No Content-Type header found") {
+ Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
+ }
+ end
+
+ ## === The Content-Length
+ def check_content_length(status, headers, env)
+ headers.each { |key, value|
+ if key.downcase == 'content-length'
+ ## There must not be a <tt>Content-Length</tt> header when the
+ ## +Status+ is 1xx, 204 or 304.
+ assert("Content-Length header found in #{status} response, not allowed") {
+ not Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
+ }
+
+ bytes = 0
+ string_body = true
+
+ if @body.respond_to?(:to_ary)
+ @body.each { |part|
+ unless part.kind_of?(String)
+ string_body = false
+ break
+ end
+
+ bytes += Rack::Utils.bytesize(part)
+ }
+
+ if env["REQUEST_METHOD"] == "HEAD"
+ assert("Response body was given for HEAD request, but should be empty") {
+ bytes == 0
+ }
+ else
+ if string_body
+ assert("Content-Length header was #{value}, but should be #{bytes}") {
+ value == bytes.to_s
+ }
+ end
+ end
+ end
+
+ return
+ end
+ }
+ end
+
+ ## === The Body
+ def each
+ @closed = false
+ ## The Body must respond to #each
+ @body.each { |part|
+ ## and must only yield String values.
+ assert("Body yielded non-string value #{part.inspect}") {
+ part.instance_of? String
+ }
+ yield part
+ }
+ ##
+ ## If the Body responds to #close, it will be called after iteration.
+ # XXX howto: assert("Body has not been closed") { @closed }
+
+
+ ##
+ ## If the Body responds to #to_path, it must return a String
+ ## identifying the location of a file whose contents are identical
+ ## to that produced by calling #each.
+
+ if @body.respond_to?(:to_path)
+ assert("The file identified by body.to_path does not exist") {
+ ::File.exist? @body.to_path
+ }
+ end
+
+ ##
+ ## The Body commonly is an Array of Strings, the application
+ ## instance itself, or a File-like object.
+ end
+
+ def close
+ @closed = true
+ @body.close if @body.respond_to?(:close)
+ end
+
+ # :startdoc:
+
+ end
+end
+
+## == Thanks
+## Some parts of this specification are adopted from PEP333: Python
+## Web Server Gateway Interface
+## v1.0 (http://www.python.org/dev/peps/pep-0333/). I'd like to thank
+## everyone involved in that effort.
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/lobster.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/lobster.rb
new file mode 100644
index 0000000000..f63f419a49
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/lobster.rb
@@ -0,0 +1,65 @@
+require 'zlib'
+
+require 'rack/request'
+require 'rack/response'
+
+module Rack
+ # Paste has a Pony, Rack has a Lobster!
+ class Lobster
+ LobsterString = Zlib::Inflate.inflate("eJx9kEEOwyAMBO99xd7MAcytUhPlJyj2
+ P6jy9i4k9EQyGAnBarEXeCBqSkntNXsi/ZCvC48zGQoZKikGrFMZvgS5ZHd+aGWVuWwhVF0
+ t1drVmiR42HcWNz5w3QanT+2gIvTVCiE1lm1Y0eU4JGmIIbaKwextKn8rvW+p5PIwFl8ZWJ
+ I8jyiTlhTcYXkekJAzTyYN6E08A+dk8voBkAVTJQ==".delete("\n ").unpack("m*")[0])
+
+ LambdaLobster = lambda { |env|
+ if env["QUERY_STRING"].include?("flip")
+ lobster = LobsterString.split("\n").
+ map { |line| line.ljust(42).reverse }.
+ join("\n")
+ href = "?"
+ else
+ lobster = LobsterString
+ href = "?flip"
+ end
+
+ content = ["<title>Lobstericious!</title>",
+ "<pre>", lobster, "</pre>",
+ "<a href='#{href}'>flip!</a>"]
+ length = content.inject(0) { |a,e| a+e.size }.to_s
+ [200, {"Content-Type" => "text/html", "Content-Length" => length}, content]
+ }
+
+ def call(env)
+ req = Request.new(env)
+ if req.GET["flip"] == "left"
+ lobster = LobsterString.split("\n").
+ map { |line| line.ljust(42).reverse }.
+ join("\n")
+ href = "?flip=right"
+ elsif req.GET["flip"] == "crash"
+ raise "Lobster crashed"
+ else
+ lobster = LobsterString
+ href = "?flip=left"
+ end
+
+ res = Response.new
+ res.write "<title>Lobstericious!</title>"
+ res.write "<pre>"
+ res.write lobster
+ res.write "</pre>"
+ res.write "<p><a href='#{href}'>flip!</a></p>"
+ res.write "<p><a href='?flip=crash'>crash!</a></p>"
+ res.finish
+ end
+
+ end
+end
+
+if $0 == __FILE__
+ require 'rack'
+ require 'rack/showexceptions'
+ Rack::Handler::WEBrick.run \
+ Rack::ShowExceptions.new(Rack::Lint.new(Rack::Lobster.new)),
+ :Port => 9292
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/lock.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/lock.rb
new file mode 100644
index 0000000000..93238528c4
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/lock.rb
@@ -0,0 +1,16 @@
+module Rack
+ class Lock
+ FLAG = 'rack.multithread'.freeze
+
+ def initialize(app, lock = Mutex.new)
+ @app, @lock = app, lock
+ end
+
+ def call(env)
+ old, env[FLAG] = env[FLAG], false
+ @lock.synchronize { @app.call(env) }
+ ensure
+ env[FLAG] = old
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/methodoverride.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/methodoverride.rb
new file mode 100644
index 0000000000..0eed29f471
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/methodoverride.rb
@@ -0,0 +1,27 @@
+module Rack
+ class MethodOverride
+ HTTP_METHODS = %w(GET HEAD PUT POST DELETE OPTIONS)
+
+ METHOD_OVERRIDE_PARAM_KEY = "_method".freeze
+ HTTP_METHOD_OVERRIDE_HEADER = "HTTP_X_HTTP_METHOD_OVERRIDE".freeze
+
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ if env["REQUEST_METHOD"] == "POST"
+ req = Request.new(env)
+ method = req.POST[METHOD_OVERRIDE_PARAM_KEY] ||
+ env[HTTP_METHOD_OVERRIDE_HEADER]
+ method = method.to_s.upcase
+ if HTTP_METHODS.include?(method)
+ env["rack.methodoverride.original_method"] = env["REQUEST_METHOD"]
+ env["REQUEST_METHOD"] = method
+ end
+ end
+
+ @app.call(env)
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/mime.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/mime.rb
new file mode 100644
index 0000000000..5a6a73a97b
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/mime.rb
@@ -0,0 +1,204 @@
+module Rack
+ module Mime
+ # Returns String with mime type if found, otherwise use +fallback+.
+ # +ext+ should be filename extension in the '.ext' format that
+ # File.extname(file) returns.
+ # +fallback+ may be any object
+ #
+ # Also see the documentation for MIME_TYPES
+ #
+ # Usage:
+ # Rack::Mime.mime_type('.foo')
+ #
+ # This is a shortcut for:
+ # Rack::Mime::MIME_TYPES.fetch('.foo', 'application/octet-stream')
+
+ def mime_type(ext, fallback='application/octet-stream')
+ MIME_TYPES.fetch(ext, fallback)
+ end
+ module_function :mime_type
+
+ # List of most common mime-types, selected various sources
+ # according to their usefulness in a webserving scope for Ruby
+ # users.
+ #
+ # To amend this list with your local mime.types list you can use:
+ #
+ # require 'webrick/httputils'
+ # list = WEBrick::HTTPUtils.load_mime_types('/etc/mime.types')
+ # Rack::Mime::MIME_TYPES.merge!(list)
+ #
+ # To add the list mongrel provides, use:
+ #
+ # require 'mongrel/handlers'
+ # Rack::Mime::MIME_TYPES.merge!(Mongrel::DirHandler::MIME_TYPES)
+
+ MIME_TYPES = {
+ ".3gp" => "video/3gpp",
+ ".a" => "application/octet-stream",
+ ".ai" => "application/postscript",
+ ".aif" => "audio/x-aiff",
+ ".aiff" => "audio/x-aiff",
+ ".asc" => "application/pgp-signature",
+ ".asf" => "video/x-ms-asf",
+ ".asm" => "text/x-asm",
+ ".asx" => "video/x-ms-asf",
+ ".atom" => "application/atom+xml",
+ ".au" => "audio/basic",
+ ".avi" => "video/x-msvideo",
+ ".bat" => "application/x-msdownload",
+ ".bin" => "application/octet-stream",
+ ".bmp" => "image/bmp",
+ ".bz2" => "application/x-bzip2",
+ ".c" => "text/x-c",
+ ".cab" => "application/vnd.ms-cab-compressed",
+ ".cc" => "text/x-c",
+ ".chm" => "application/vnd.ms-htmlhelp",
+ ".class" => "application/octet-stream",
+ ".com" => "application/x-msdownload",
+ ".conf" => "text/plain",
+ ".cpp" => "text/x-c",
+ ".crt" => "application/x-x509-ca-cert",
+ ".css" => "text/css",
+ ".csv" => "text/csv",
+ ".cxx" => "text/x-c",
+ ".deb" => "application/x-debian-package",
+ ".der" => "application/x-x509-ca-cert",
+ ".diff" => "text/x-diff",
+ ".djv" => "image/vnd.djvu",
+ ".djvu" => "image/vnd.djvu",
+ ".dll" => "application/x-msdownload",
+ ".dmg" => "application/octet-stream",
+ ".doc" => "application/msword",
+ ".dot" => "application/msword",
+ ".dtd" => "application/xml-dtd",
+ ".dvi" => "application/x-dvi",
+ ".ear" => "application/java-archive",
+ ".eml" => "message/rfc822",
+ ".eps" => "application/postscript",
+ ".exe" => "application/x-msdownload",
+ ".f" => "text/x-fortran",
+ ".f77" => "text/x-fortran",
+ ".f90" => "text/x-fortran",
+ ".flv" => "video/x-flv",
+ ".for" => "text/x-fortran",
+ ".gem" => "application/octet-stream",
+ ".gemspec" => "text/x-script.ruby",
+ ".gif" => "image/gif",
+ ".gz" => "application/x-gzip",
+ ".h" => "text/x-c",
+ ".hh" => "text/x-c",
+ ".htm" => "text/html",
+ ".html" => "text/html",
+ ".ico" => "image/vnd.microsoft.icon",
+ ".ics" => "text/calendar",
+ ".ifb" => "text/calendar",
+ ".iso" => "application/octet-stream",
+ ".jar" => "application/java-archive",
+ ".java" => "text/x-java-source",
+ ".jnlp" => "application/x-java-jnlp-file",
+ ".jpeg" => "image/jpeg",
+ ".jpg" => "image/jpeg",
+ ".js" => "application/javascript",
+ ".json" => "application/json",
+ ".log" => "text/plain",
+ ".m3u" => "audio/x-mpegurl",
+ ".m4v" => "video/mp4",
+ ".man" => "text/troff",
+ ".mathml" => "application/mathml+xml",
+ ".mbox" => "application/mbox",
+ ".mdoc" => "text/troff",
+ ".me" => "text/troff",
+ ".mid" => "audio/midi",
+ ".midi" => "audio/midi",
+ ".mime" => "message/rfc822",
+ ".mml" => "application/mathml+xml",
+ ".mng" => "video/x-mng",
+ ".mov" => "video/quicktime",
+ ".mp3" => "audio/mpeg",
+ ".mp4" => "video/mp4",
+ ".mp4v" => "video/mp4",
+ ".mpeg" => "video/mpeg",
+ ".mpg" => "video/mpeg",
+ ".ms" => "text/troff",
+ ".msi" => "application/x-msdownload",
+ ".odp" => "application/vnd.oasis.opendocument.presentation",
+ ".ods" => "application/vnd.oasis.opendocument.spreadsheet",
+ ".odt" => "application/vnd.oasis.opendocument.text",
+ ".ogg" => "application/ogg",
+ ".p" => "text/x-pascal",
+ ".pas" => "text/x-pascal",
+ ".pbm" => "image/x-portable-bitmap",
+ ".pdf" => "application/pdf",
+ ".pem" => "application/x-x509-ca-cert",
+ ".pgm" => "image/x-portable-graymap",
+ ".pgp" => "application/pgp-encrypted",
+ ".pkg" => "application/octet-stream",
+ ".pl" => "text/x-script.perl",
+ ".pm" => "text/x-script.perl-module",
+ ".png" => "image/png",
+ ".pnm" => "image/x-portable-anymap",
+ ".ppm" => "image/x-portable-pixmap",
+ ".pps" => "application/vnd.ms-powerpoint",
+ ".ppt" => "application/vnd.ms-powerpoint",
+ ".ps" => "application/postscript",
+ ".psd" => "image/vnd.adobe.photoshop",
+ ".py" => "text/x-script.python",
+ ".qt" => "video/quicktime",
+ ".ra" => "audio/x-pn-realaudio",
+ ".rake" => "text/x-script.ruby",
+ ".ram" => "audio/x-pn-realaudio",
+ ".rar" => "application/x-rar-compressed",
+ ".rb" => "text/x-script.ruby",
+ ".rdf" => "application/rdf+xml",
+ ".roff" => "text/troff",
+ ".rpm" => "application/x-redhat-package-manager",
+ ".rss" => "application/rss+xml",
+ ".rtf" => "application/rtf",
+ ".ru" => "text/x-script.ruby",
+ ".s" => "text/x-asm",
+ ".sgm" => "text/sgml",
+ ".sgml" => "text/sgml",
+ ".sh" => "application/x-sh",
+ ".sig" => "application/pgp-signature",
+ ".snd" => "audio/basic",
+ ".so" => "application/octet-stream",
+ ".svg" => "image/svg+xml",
+ ".svgz" => "image/svg+xml",
+ ".swf" => "application/x-shockwave-flash",
+ ".t" => "text/troff",
+ ".tar" => "application/x-tar",
+ ".tbz" => "application/x-bzip-compressed-tar",
+ ".tcl" => "application/x-tcl",
+ ".tex" => "application/x-tex",
+ ".texi" => "application/x-texinfo",
+ ".texinfo" => "application/x-texinfo",
+ ".text" => "text/plain",
+ ".tif" => "image/tiff",
+ ".tiff" => "image/tiff",
+ ".torrent" => "application/x-bittorrent",
+ ".tr" => "text/troff",
+ ".txt" => "text/plain",
+ ".vcf" => "text/x-vcard",
+ ".vcs" => "text/x-vcalendar",
+ ".vrml" => "model/vrml",
+ ".war" => "application/java-archive",
+ ".wav" => "audio/x-wav",
+ ".wma" => "audio/x-ms-wma",
+ ".wmv" => "video/x-ms-wmv",
+ ".wmx" => "video/x-ms-wmx",
+ ".wrl" => "model/vrml",
+ ".wsdl" => "application/wsdl+xml",
+ ".xbm" => "image/x-xbitmap",
+ ".xhtml" => "application/xhtml+xml",
+ ".xls" => "application/vnd.ms-excel",
+ ".xml" => "application/xml",
+ ".xpm" => "image/x-xpixmap",
+ ".xsl" => "application/xml",
+ ".xslt" => "application/xslt+xml",
+ ".yaml" => "text/yaml",
+ ".yml" => "text/yaml",
+ ".zip" => "application/zip",
+ }
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/mock.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/mock.rb
new file mode 100644
index 0000000000..70852da3db
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/mock.rb
@@ -0,0 +1,160 @@
+require 'uri'
+require 'stringio'
+require 'rack/lint'
+require 'rack/utils'
+require 'rack/response'
+
+module Rack
+ # Rack::MockRequest helps testing your Rack application without
+ # actually using HTTP.
+ #
+ # After performing a request on a URL with get/post/put/delete, it
+ # returns a MockResponse with useful helper methods for effective
+ # testing.
+ #
+ # You can pass a hash with additional configuration to the
+ # get/post/put/delete.
+ # <tt>:input</tt>:: A String or IO-like to be used as rack.input.
+ # <tt>:fatal</tt>:: Raise a FatalWarning if the app writes to rack.errors.
+ # <tt>:lint</tt>:: If true, wrap the application in a Rack::Lint.
+
+ class MockRequest
+ class FatalWarning < RuntimeError
+ end
+
+ class FatalWarner
+ def puts(warning)
+ raise FatalWarning, warning
+ end
+
+ def write(warning)
+ raise FatalWarning, warning
+ end
+
+ def flush
+ end
+
+ def string
+ ""
+ end
+ end
+
+ DEFAULT_ENV = {
+ "rack.version" => [0,1],
+ "rack.input" => StringIO.new,
+ "rack.errors" => StringIO.new,
+ "rack.multithread" => true,
+ "rack.multiprocess" => true,
+ "rack.run_once" => false,
+ }
+
+ def initialize(app)
+ @app = app
+ end
+
+ def get(uri, opts={}) request("GET", uri, opts) end
+ def post(uri, opts={}) request("POST", uri, opts) end
+ def put(uri, opts={}) request("PUT", uri, opts) end
+ def delete(uri, opts={}) request("DELETE", uri, opts) end
+
+ def request(method="GET", uri="", opts={})
+ env = self.class.env_for(uri, opts.merge(:method => method))
+
+ if opts[:lint]
+ app = Rack::Lint.new(@app)
+ else
+ app = @app
+ end
+
+ errors = env["rack.errors"]
+ MockResponse.new(*(app.call(env) + [errors]))
+ end
+
+ # Return the Rack environment used for a request to +uri+.
+ def self.env_for(uri="", opts={})
+ uri = URI(uri)
+ env = DEFAULT_ENV.dup
+
+ env["REQUEST_METHOD"] = opts[:method] || "GET"
+ env["SERVER_NAME"] = uri.host || "example.org"
+ env["SERVER_PORT"] = uri.port ? uri.port.to_s : "80"
+ env["QUERY_STRING"] = uri.query.to_s
+ env["PATH_INFO"] = (!uri.path || uri.path.empty?) ? "/" : uri.path
+ env["rack.url_scheme"] = uri.scheme || "http"
+
+ env["SCRIPT_NAME"] = opts[:script_name] || ""
+
+ if opts[:fatal]
+ env["rack.errors"] = FatalWarner.new
+ else
+ env["rack.errors"] = StringIO.new
+ end
+
+ opts[:input] ||= ""
+ if String === opts[:input]
+ env["rack.input"] = StringIO.new(opts[:input])
+ else
+ env["rack.input"] = opts[:input]
+ end
+
+ env["CONTENT_LENGTH"] ||= env["rack.input"].length.to_s
+
+ opts.each { |field, value|
+ env[field] = value if String === field
+ }
+
+ env
+ end
+ end
+
+ # Rack::MockResponse provides useful helpers for testing your apps.
+ # Usually, you don't create the MockResponse on your own, but use
+ # MockRequest.
+
+ class MockResponse
+ def initialize(status, headers, body, errors=StringIO.new(""))
+ @status = status.to_i
+
+ @original_headers = headers
+ @headers = Rack::Utils::HeaderHash.new
+ headers.each { |field, values|
+ @headers[field] = values
+ @headers[field] = "" if values.empty?
+ }
+
+ @body = ""
+ body.each { |part| @body << part }
+
+ @errors = errors.string
+ end
+
+ # Status
+ attr_reader :status
+
+ # Headers
+ attr_reader :headers, :original_headers
+
+ def [](field)
+ headers[field]
+ end
+
+
+ # Body
+ attr_reader :body
+
+ def =~(other)
+ @body =~ other
+ end
+
+ def match(other)
+ @body.match other
+ end
+
+
+ # Errors
+ attr_accessor :errors
+
+
+ include Response::Helpers
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/recursive.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/recursive.rb
new file mode 100644
index 0000000000..bf8b965925
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/recursive.rb
@@ -0,0 +1,57 @@
+require 'uri'
+
+module Rack
+ # Rack::ForwardRequest gets caught by Rack::Recursive and redirects
+ # the current request to the app at +url+.
+ #
+ # raise ForwardRequest.new("/not-found")
+ #
+
+ class ForwardRequest < Exception
+ attr_reader :url, :env
+
+ def initialize(url, env={})
+ @url = URI(url)
+ @env = env
+
+ @env["PATH_INFO"] = @url.path
+ @env["QUERY_STRING"] = @url.query if @url.query
+ @env["HTTP_HOST"] = @url.host if @url.host
+ @env["HTTP_PORT"] = @url.port if @url.port
+ @env["rack.url_scheme"] = @url.scheme if @url.scheme
+
+ super "forwarding to #{url}"
+ end
+ end
+
+ # Rack::Recursive allows applications called down the chain to
+ # include data from other applications (by using
+ # <tt>rack['rack.recursive.include'][...]</tt> or raise a
+ # ForwardRequest to redirect internally.
+
+ class Recursive
+ def initialize(app)
+ @app = app
+ end
+
+ def call(env)
+ @script_name = env["SCRIPT_NAME"]
+ @app.call(env.merge('rack.recursive.include' => method(:include)))
+ rescue ForwardRequest => req
+ call(env.merge(req.env))
+ end
+
+ def include(env, path)
+ unless path.index(@script_name) == 0 && (path[@script_name.size] == ?/ ||
+ path[@script_name.size].nil?)
+ raise ArgumentError, "can only include below #{@script_name}, not #{path}"
+ end
+
+ env = env.merge("PATH_INFO" => path, "SCRIPT_NAME" => @script_name,
+ "REQUEST_METHOD" => "GET",
+ "CONTENT_LENGTH" => "0", "CONTENT_TYPE" => "",
+ "rack.input" => StringIO.new(""))
+ @app.call(env)
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/reloader.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/reloader.rb
new file mode 100644
index 0000000000..b17d8c0926
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/reloader.rb
@@ -0,0 +1,64 @@
+require 'thread'
+
+module Rack
+ # Rack::Reloader checks on every request, but at most every +secs+
+ # seconds, if a file loaded changed, and reloads it, logging to
+ # rack.errors.
+ #
+ # It is recommended you use ShowExceptions to catch SyntaxErrors etc.
+
+ class Reloader
+ def initialize(app, secs=10)
+ @app = app
+ @secs = secs # reload every @secs seconds max
+ @last = Time.now
+ end
+
+ def call(env)
+ if Time.now > @last + @secs
+ Thread.exclusive {
+ reload!(env['rack.errors'])
+ @last = Time.now
+ }
+ end
+
+ @app.call(env)
+ end
+
+ def reload!(stderr=$stderr)
+ need_reload = $LOADED_FEATURES.find_all { |loaded|
+ begin
+ if loaded =~ /\A[.\/]/ # absolute filename or 1.9
+ abs = loaded
+ else
+ abs = $LOAD_PATH.map { |path| ::File.join(path, loaded) }.
+ find { |file| ::File.exist? file }
+ end
+
+ if abs
+ ::File.mtime(abs) > @last - @secs rescue false
+ else
+ false
+ end
+ end
+ }
+
+ need_reload.each { |l|
+ $LOADED_FEATURES.delete l
+ }
+
+ need_reload.each { |to_load|
+ begin
+ if require to_load
+ stderr.puts "#{self.class}: reloaded `#{to_load}'"
+ end
+ rescue LoadError, SyntaxError => e
+ raise e # Possibly ShowExceptions
+ end
+ }
+
+ stderr.flush
+ need_reload
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/request.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/request.rb
new file mode 100644
index 0000000000..d77fa26575
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/request.rb
@@ -0,0 +1,241 @@
+require 'rack/utils'
+
+module Rack
+ # Rack::Request provides a convenient interface to a Rack
+ # environment. It is stateless, the environment +env+ passed to the
+ # constructor will be directly modified.
+ #
+ # req = Rack::Request.new(env)
+ # req.post?
+ # req.params["data"]
+ #
+ # The environment hash passed will store a reference to the Request object
+ # instantiated so that it will only instantiate if an instance of the Request
+ # object doesn't already exist.
+
+ class Request
+ # The environment of the request.
+ attr_reader :env
+
+ def self.new(env)
+ if self == Rack::Request
+ env["rack.request"] ||= super
+ else
+ super
+ end
+ end
+
+ def initialize(env)
+ @env = env
+ end
+
+ def body; @env["rack.input"] end
+ def scheme; @env["rack.url_scheme"] end
+ def script_name; @env["SCRIPT_NAME"].to_s end
+ def path_info; @env["PATH_INFO"].to_s end
+ def port; @env["SERVER_PORT"].to_i end
+ def request_method; @env["REQUEST_METHOD"] end
+ def query_string; @env["QUERY_STRING"].to_s end
+ def content_length; @env['CONTENT_LENGTH'] end
+ def content_type; @env['CONTENT_TYPE'] end
+
+ # The media type (type/subtype) portion of the CONTENT_TYPE header
+ # without any media type parameters. e.g., when CONTENT_TYPE is
+ # "text/plain;charset=utf-8", the media-type is "text/plain".
+ #
+ # For more information on the use of media types in HTTP, see:
+ # http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7
+ def media_type
+ content_type && content_type.split(/\s*[;,]\s*/, 2)[0].downcase
+ end
+
+ # The media type parameters provided in CONTENT_TYPE as a Hash, or
+ # an empty Hash if no CONTENT_TYPE or media-type parameters were
+ # provided. e.g., when the CONTENT_TYPE is "text/plain;charset=utf-8",
+ # this method responds with the following Hash:
+ # { 'charset' => 'utf-8' }
+ def media_type_params
+ return {} if content_type.nil?
+ content_type.split(/\s*[;,]\s*/)[1..-1].
+ collect { |s| s.split('=', 2) }.
+ inject({}) { |hash,(k,v)| hash[k.downcase] = v ; hash }
+ end
+
+ # The character set of the request body if a "charset" media type
+ # parameter was given, or nil if no "charset" was specified. Note
+ # that, per RFC2616, text/* media types that specify no explicit
+ # charset are to be considered ISO-8859-1.
+ def content_charset
+ media_type_params['charset']
+ end
+
+ def host
+ # Remove port number.
+ (@env["HTTP_HOST"] || @env["SERVER_NAME"]).gsub(/:\d+\z/, '')
+ end
+
+ def script_name=(s); @env["SCRIPT_NAME"] = s.to_s end
+ def path_info=(s); @env["PATH_INFO"] = s.to_s end
+
+ def get?; request_method == "GET" end
+ def post?; request_method == "POST" end
+ def put?; request_method == "PUT" end
+ def delete?; request_method == "DELETE" end
+ def head?; request_method == "HEAD" end
+
+ # The set of form-data media-types. Requests that do not indicate
+ # one of the media types presents in this list will not be eligible
+ # for form-data / param parsing.
+ FORM_DATA_MEDIA_TYPES = [
+ nil,
+ 'application/x-www-form-urlencoded',
+ 'multipart/form-data'
+ ]
+
+ # Determine whether the request body contains form-data by checking
+ # the request media_type against registered form-data media-types:
+ # "application/x-www-form-urlencoded" and "multipart/form-data". The
+ # list of form-data media types can be modified through the
+ # +FORM_DATA_MEDIA_TYPES+ array.
+ def form_data?
+ FORM_DATA_MEDIA_TYPES.include?(media_type)
+ end
+
+ # Returns the data recieved in the query string.
+ def GET
+ if @env["rack.request.query_string"] == query_string
+ @env["rack.request.query_hash"]
+ else
+ @env["rack.request.query_string"] = query_string
+ @env["rack.request.query_hash"] =
+ Utils.parse_nested_query(query_string)
+ end
+ end
+
+ # Returns the data recieved in the request body.
+ #
+ # This method support both application/x-www-form-urlencoded and
+ # multipart/form-data.
+ def POST
+ if @env["rack.request.form_input"].eql? @env["rack.input"]
+ @env["rack.request.form_hash"]
+ elsif form_data?
+ @env["rack.request.form_input"] = @env["rack.input"]
+ unless @env["rack.request.form_hash"] =
+ Utils::Multipart.parse_multipart(env)
+ form_vars = @env["rack.input"].read
+
+ # Fix for Safari Ajax postings that always append \0
+ form_vars.sub!(/\0\z/, '')
+
+ @env["rack.request.form_vars"] = form_vars
+ @env["rack.request.form_hash"] = Utils.parse_nested_query(form_vars)
+
+ begin
+ @env["rack.input"].rewind if @env["rack.input"].respond_to?(:rewind)
+ rescue Errno::ESPIPE
+ # Handles exceptions raised by input streams that cannot be rewound
+ # such as when using plain CGI under Apache
+ end
+ end
+ @env["rack.request.form_hash"]
+ else
+ {}
+ end
+ end
+
+ # The union of GET and POST data.
+ def params
+ self.put? ? self.GET : self.GET.update(self.POST)
+ rescue EOFError => e
+ self.GET
+ end
+
+ # shortcut for request.params[key]
+ def [](key)
+ params[key.to_s]
+ end
+
+ # shortcut for request.params[key] = value
+ def []=(key, value)
+ params[key.to_s] = value
+ end
+
+ # like Hash#values_at
+ def values_at(*keys)
+ keys.map{|key| params[key] }
+ end
+
+ # the referer of the client or '/'
+ def referer
+ @env['HTTP_REFERER'] || '/'
+ end
+ alias referrer referer
+
+
+ def cookies
+ return {} unless @env["HTTP_COOKIE"]
+
+ if @env["rack.request.cookie_string"] == @env["HTTP_COOKIE"]
+ @env["rack.request.cookie_hash"]
+ else
+ @env["rack.request.cookie_string"] = @env["HTTP_COOKIE"]
+ # According to RFC 2109:
+ # If multiple cookies satisfy the criteria above, they are ordered in
+ # the Cookie header such that those with more specific Path attributes
+ # precede those with less specific. Ordering with respect to other
+ # attributes (e.g., Domain) is unspecified.
+ @env["rack.request.cookie_hash"] =
+ Utils.parse_query(@env["rack.request.cookie_string"], ';,').inject({}) {|h,(k,v)|
+ h[k] = Array === v ? v.first : v
+ h
+ }
+ end
+ end
+
+ def xhr?
+ @env["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest"
+ end
+
+ # Tries to return a remake of the original request URL as a string.
+ def url
+ url = scheme + "://"
+ url << host
+
+ if scheme == "https" && port != 443 ||
+ scheme == "http" && port != 80
+ url << ":#{port}"
+ end
+
+ url << fullpath
+
+ url
+ end
+
+ def fullpath
+ path = script_name + path_info
+ path << "?" << query_string unless query_string.empty?
+ path
+ end
+
+ def accept_encoding
+ @env["HTTP_ACCEPT_ENCODING"].to_s.split(/,\s*/).map do |part|
+ m = /^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$/.match(part) # From WEBrick
+
+ if m
+ [m[1], (m[2] || 1.0).to_f]
+ else
+ raise "Invalid value for Accept-Encoding: #{part.inspect}"
+ end
+ end
+ end
+
+ def ip
+ if addr = @env['HTTP_X_FORWARDED_FOR']
+ addr.split(',').last.strip
+ else
+ @env['REMOTE_ADDR']
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/response.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/response.rb
new file mode 100644
index 0000000000..caf60d5b19
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/response.rb
@@ -0,0 +1,179 @@
+require 'rack/request'
+require 'rack/utils'
+
+module Rack
+ # Rack::Response provides a convenient interface to create a Rack
+ # response.
+ #
+ # It allows setting of headers and cookies, and provides useful
+ # defaults (a OK response containing HTML).
+ #
+ # You can use Response#write to iteratively generate your response,
+ # but note that this is buffered by Rack::Response until you call
+ # +finish+. +finish+ however can take a block inside which calls to
+ # +write+ are syncronous with the Rack response.
+ #
+ # Your application's +call+ should end returning Response#finish.
+
+ class Response
+ attr_accessor :length
+
+ def initialize(body=[], status=200, header={}, &block)
+ @status = status
+ @header = Utils::HeaderHash.new({"Content-Type" => "text/html"}.
+ merge(header))
+
+ @writer = lambda { |x| @body << x }
+ @block = nil
+ @length = 0
+
+ @body = []
+
+ if body.respond_to? :to_str
+ write body.to_str
+ elsif body.respond_to?(:each)
+ body.each { |part|
+ write part.to_s
+ }
+ else
+ raise TypeError, "stringable or iterable required"
+ end
+
+ yield self if block_given?
+ end
+
+ attr_reader :header
+ attr_accessor :status, :body
+
+ def [](key)
+ header[key]
+ end
+
+ def []=(key, value)
+ header[key] = value
+ end
+
+ def set_cookie(key, value)
+ case value
+ when Hash
+ domain = "; domain=" + value[:domain] if value[:domain]
+ path = "; path=" + value[:path] if value[:path]
+ # According to RFC 2109, we need dashes here.
+ # N.B.: cgi.rb uses spaces...
+ expires = "; expires=" + value[:expires].clone.gmtime.
+ strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires]
+ secure = "; secure" if value[:secure]
+ httponly = "; HttpOnly" if value[:httponly]
+ value = value[:value]
+ end
+ value = [value] unless Array === value
+ cookie = Utils.escape(key) + "=" +
+ value.map { |v| Utils.escape v }.join("&") +
+ "#{domain}#{path}#{expires}#{secure}#{httponly}"
+
+ case self["Set-Cookie"]
+ when Array
+ self["Set-Cookie"] << cookie
+ when String
+ self["Set-Cookie"] = [self["Set-Cookie"], cookie]
+ when nil
+ self["Set-Cookie"] = cookie
+ end
+ end
+
+ def delete_cookie(key, value={})
+ unless Array === self["Set-Cookie"]
+ self["Set-Cookie"] = [self["Set-Cookie"]].compact
+ end
+
+ self["Set-Cookie"].reject! { |cookie|
+ cookie =~ /\A#{Utils.escape(key)}=/
+ }
+
+ set_cookie(key,
+ {:value => '', :path => nil, :domain => nil,
+ :expires => Time.at(0) }.merge(value))
+ end
+
+
+ def finish(&block)
+ @block = block
+
+ if [204, 304].include?(status.to_i)
+ header.delete "Content-Type"
+ [status.to_i, header.to_hash, []]
+ else
+ [status.to_i, header.to_hash, self]
+ end
+ end
+ alias to_a finish # For *response
+
+ def each(&callback)
+ @body.each(&callback)
+ @writer = callback
+ @block.call(self) if @block
+ end
+
+ # Append to body and update Content-Length.
+ #
+ # NOTE: Do not mix #write and direct #body access!
+ #
+ def write(str)
+ s = str.to_s
+ @length += s.size
+ @writer.call s
+
+ header["Content-Length"] = @length.to_s
+ str
+ end
+
+ def close
+ body.close if body.respond_to?(:close)
+ end
+
+ def empty?
+ @block == nil && @body.empty?
+ end
+
+ alias headers header
+
+ module Helpers
+ def invalid?; @status < 100 || @status >= 600; end
+
+ def informational?; @status >= 100 && @status < 200; end
+ def successful?; @status >= 200 && @status < 300; end
+ def redirection?; @status >= 300 && @status < 400; end
+ def client_error?; @status >= 400 && @status < 500; end
+ def server_error?; @status >= 500 && @status < 600; end
+
+ def ok?; @status == 200; end
+ def forbidden?; @status == 403; end
+ def not_found?; @status == 404; end
+
+ def redirect?; [301, 302, 303, 307].include? @status; end
+ def empty?; [201, 204, 304].include? @status; end
+
+ # Headers
+ attr_reader :headers, :original_headers
+
+ def include?(header)
+ !!headers[header]
+ end
+
+ def content_type
+ headers["Content-Type"]
+ end
+
+ def content_length
+ cl = headers["Content-Length"]
+ cl ? cl.to_i : cl
+ end
+
+ def location
+ headers["Location"]
+ end
+ end
+
+ include Helpers
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/abstract/id.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/abstract/id.rb
new file mode 100644
index 0000000000..218144c17f
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/abstract/id.rb
@@ -0,0 +1,142 @@
+# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
+# bugrep: Andreas Zehnder
+
+require 'time'
+require 'rack/request'
+require 'rack/response'
+
+module Rack
+
+ module Session
+
+ module Abstract
+
+ # ID sets up a basic framework for implementing an id based sessioning
+ # service. Cookies sent to the client for maintaining sessions will only
+ # contain an id reference. Only #get_session and #set_session are
+ # required to be overwritten.
+ #
+ # All parameters are optional.
+ # * :key determines the name of the cookie, by default it is
+ # 'rack.session'
+ # * :path, :domain, :expire_after, :secure, and :httponly set the related
+ # cookie options as by Rack::Response#add_cookie
+ # * :defer will not set a cookie in the response.
+ # * :renew (implementation dependent) will prompt the generation of a new
+ # session id, and migration of data to be referenced at the new id. If
+ # :defer is set, it will be overridden and the cookie will be set.
+ # * :sidbits sets the number of bits in length that a generated session
+ # id will be.
+ #
+ # These options can be set on a per request basis, at the location of
+ # env['rack.session.options']. Additionally the id of the session can be
+ # found within the options hash at the key :id. It is highly not
+ # recommended to change its value.
+ #
+ # Is Rack::Utils::Context compatible.
+
+ class ID
+ DEFAULT_OPTIONS = {
+ :path => '/',
+ :domain => nil,
+ :expire_after => nil,
+ :secure => false,
+ :httponly => true,
+ :defer => false,
+ :renew => false,
+ :sidbits => 128
+ }
+
+ attr_reader :key, :default_options
+ def initialize(app, options={})
+ @app = app
+ @key = options[:key] || "rack.session"
+ @default_options = self.class::DEFAULT_OPTIONS.merge(options)
+ end
+
+ def call(env)
+ context(env)
+ end
+
+ def context(env, app=@app)
+ load_session(env)
+ status, headers, body = app.call(env)
+ commit_session(env, status, headers, body)
+ end
+
+ private
+
+ # Generate a new session id using Ruby #rand. The size of the
+ # session id is controlled by the :sidbits option.
+ # Monkey patch this to use custom methods for session id generation.
+
+ def generate_sid
+ "%0#{@default_options[:sidbits] / 4}x" %
+ rand(2**@default_options[:sidbits] - 1)
+ end
+
+ # Extracts the session id from provided cookies and passes it and the
+ # environment to #get_session. It then sets the resulting session into
+ # 'rack.session', and places options and session metadata into
+ # 'rack.session.options'.
+
+ def load_session(env)
+ request = Rack::Request.new(env)
+ session_id = request.cookies[@key]
+
+ begin
+ session_id, session = get_session(env, session_id)
+ env['rack.session'] = session
+ rescue
+ env['rack.session'] = Hash.new
+ end
+
+ env['rack.session.options'] = @default_options.
+ merge(:id => session_id)
+ end
+
+ # Acquires the session from the environment and the session id from
+ # the session options and passes them to #set_session. If successful
+ # and the :defer option is not true, a cookie will be added to the
+ # response with the session's id.
+
+ def commit_session(env, status, headers, body)
+ session = env['rack.session']
+ options = env['rack.session.options']
+ session_id = options[:id]
+
+ if not session_id = set_session(env, session_id, session, options)
+ env["rack.errors"].puts("Warning! #{self.class.name} failed to save session. Content dropped.")
+ [status, headers, body]
+ elsif options[:defer] and not options[:renew]
+ env["rack.errors"].puts("Defering cookie for #{session_id}") if $VERBOSE
+ [status, headers, body]
+ else
+ cookie = Hash.new
+ cookie[:value] = session_id
+ cookie[:expires] = Time.now + options[:expire_after] unless options[:expire_after].nil?
+ response = Rack::Response.new(body, status, headers)
+ response.set_cookie(@key, cookie.merge(options))
+ response.to_a
+ end
+ end
+
+ # All thread safety and session retrival proceedures should occur here.
+ # Should return [session_id, session].
+ # If nil is provided as the session id, generation of a new valid id
+ # should occur within.
+
+ def get_session(env, sid)
+ raise '#get_session not implemented.'
+ end
+
+ # All thread safety and session storage proceedures should occur here.
+ # Should return true or false dependant on whether or not the session
+ # was saved or not.
+ def set_session(env, sid, session, options)
+ raise '#set_session not implemented.'
+ end
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/cookie.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/cookie.rb
new file mode 100644
index 0000000000..eace9bd0c6
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/cookie.rb
@@ -0,0 +1,91 @@
+require 'openssl'
+require 'rack/request'
+require 'rack/response'
+
+module Rack
+
+ module Session
+
+ # Rack::Session::Cookie provides simple cookie based session management.
+ # The session is a Ruby Hash stored as base64 encoded marshalled data
+ # set to :key (default: rack.session).
+ # When the secret key is set, cookie data is checked for data integrity.
+ #
+ # Example:
+ #
+ # use Rack::Session::Cookie, :key => 'rack.session',
+ # :domain => 'foo.com',
+ # :path => '/',
+ # :expire_after => 2592000,
+ # :secret => 'change_me'
+ #
+ # All parameters are optional.
+
+ class Cookie
+
+ def initialize(app, options={})
+ @app = app
+ @key = options[:key] || "rack.session"
+ @secret = options[:secret]
+ @default_options = {:domain => nil,
+ :path => "/",
+ :expire_after => nil}.merge(options)
+ end
+
+ def call(env)
+ load_session(env)
+ status, headers, body = @app.call(env)
+ commit_session(env, status, headers, body)
+ end
+
+ private
+
+ def load_session(env)
+ request = Rack::Request.new(env)
+ session_data = request.cookies[@key]
+
+ if @secret && session_data
+ session_data, digest = session_data.split("--")
+ session_data = nil unless digest == generate_hmac(session_data)
+ end
+
+ begin
+ session_data = session_data.unpack("m*").first
+ session_data = Marshal.load(session_data)
+ env["rack.session"] = session_data
+ rescue
+ env["rack.session"] = Hash.new
+ end
+
+ env["rack.session.options"] = @default_options.dup
+ end
+
+ def commit_session(env, status, headers, body)
+ session_data = Marshal.dump(env["rack.session"])
+ session_data = [session_data].pack("m*")
+
+ if @secret
+ session_data = "#{session_data}--#{generate_hmac(session_data)}"
+ end
+
+ if session_data.size > (4096 - @key.size)
+ env["rack.errors"].puts("Warning! Rack::Session::Cookie data size exceeds 4K. Content dropped.")
+ [status, headers, body]
+ else
+ options = env["rack.session.options"]
+ cookie = Hash.new
+ cookie[:value] = session_data
+ cookie[:expires] = Time.now + options[:expire_after] unless options[:expire_after].nil?
+ response = Rack::Response.new(body, status, headers)
+ response.set_cookie(@key, cookie.merge(options))
+ response.to_a
+ end
+ end
+
+ def generate_hmac(data)
+ OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, @secret, data)
+ end
+
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/memcache.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/memcache.rb
new file mode 100644
index 0000000000..4a65cbf35d
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/memcache.rb
@@ -0,0 +1,109 @@
+# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
+
+require 'rack/session/abstract/id'
+require 'memcache'
+
+module Rack
+ module Session
+ # Rack::Session::Memcache provides simple cookie based session management.
+ # Session data is stored in memcached. The corresponding session key is
+ # maintained in the cookie.
+ # You may treat Session::Memcache as you would Session::Pool with the
+ # following caveats.
+ #
+ # * Setting :expire_after to 0 would note to the Memcache server to hang
+ # onto the session data until it would drop it according to it's own
+ # specifications. However, the cookie sent to the client would expire
+ # immediately.
+ #
+ # Note that memcache does drop data before it may be listed to expire. For
+ # a full description of behaviour, please see memcache's documentation.
+
+ class Memcache < Abstract::ID
+ attr_reader :mutex, :pool
+ DEFAULT_OPTIONS = Abstract::ID::DEFAULT_OPTIONS.merge \
+ :namespace => 'rack:session',
+ :memcache_server => 'localhost:11211'
+
+ def initialize(app, options={})
+ super
+
+ @mutex = Mutex.new
+ @pool = MemCache.
+ new @default_options[:memcache_server], @default_options
+ raise 'No memcache servers' unless @pool.servers.any?{|s|s.alive?}
+ end
+
+ def generate_sid
+ loop do
+ sid = super
+ break sid unless @pool.get(sid, true)
+ end
+ end
+
+ def get_session(env, sid)
+ session = @pool.get(sid) if sid
+ @mutex.lock if env['rack.multithread']
+ unless sid and session
+ env['rack.errors'].puts("Session '#{sid.inspect}' not found, initializing...") if $VERBOSE and not sid.nil?
+ session = {}
+ sid = generate_sid
+ ret = @pool.add sid, session
+ raise "Session collision on '#{sid.inspect}'" unless /^STORED/ =~ ret
+ end
+ session.instance_variable_set('@old', {}.merge(session))
+ return [sid, session]
+ rescue MemCache::MemCacheError, Errno::ECONNREFUSED # MemCache server cannot be contacted
+ warn "#{self} is unable to find server."
+ warn $!.inspect
+ return [ nil, {} ]
+ ensure
+ @mutex.unlock if env['rack.multithread']
+ end
+
+ def set_session(env, session_id, new_session, options)
+ expiry = options[:expire_after]
+ expiry = expiry.nil? ? 0 : expiry + 1
+
+ @mutex.lock if env['rack.multithread']
+ session = @pool.get(session_id) || {}
+ if options[:renew] or options[:drop]
+ @pool.delete session_id
+ return false if options[:drop]
+ session_id = generate_sid
+ @pool.add session_id, 0 # so we don't worry about cache miss on #set
+ end
+ old_session = new_session.instance_variable_get('@old') || {}
+ session = merge_sessions session_id, old_session, new_session, session
+ @pool.set session_id, session, expiry
+ return session_id
+ rescue MemCache::MemCacheError, Errno::ECONNREFUSED # MemCache server cannot be contacted
+ warn "#{self} is unable to find server."
+ warn $!.inspect
+ return false
+ ensure
+ @mutex.unlock if env['rack.multithread']
+ end
+
+ private
+
+ def merge_sessions sid, old, new, cur=nil
+ cur ||= {}
+ unless Hash === old and Hash === new
+ warn 'Bad old or new sessions provided.'
+ return cur
+ end
+
+ delete = old.keys - new.keys
+ warn "//@#{sid}: delete #{delete*','}" if $VERBOSE and not delete.empty?
+ delete.each{|k| cur.delete k }
+
+ update = new.keys.select{|k| new[k] != old[k] }
+ warn "//@#{sid}: update #{update*','}" if $VERBOSE and not update.empty?
+ update.each{|k| cur[k] = new[k] }
+
+ cur
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/pool.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/pool.rb
new file mode 100644
index 0000000000..f6f87408bb
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/session/pool.rb
@@ -0,0 +1,100 @@
+# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
+# THANKS:
+# apeiros, for session id generation, expiry setup, and threadiness
+# sergio, threadiness and bugreps
+
+require 'rack/session/abstract/id'
+require 'thread'
+
+module Rack
+ module Session
+ # Rack::Session::Pool provides simple cookie based session management.
+ # Session data is stored in a hash held by @pool.
+ # In the context of a multithreaded environment, sessions being
+ # committed to the pool is done in a merging manner.
+ #
+ # The :drop option is available in rack.session.options if you with to
+ # explicitly remove the session from the session cache.
+ #
+ # Example:
+ # myapp = MyRackApp.new
+ # sessioned = Rack::Session::Pool.new(myapp,
+ # :domain => 'foo.com',
+ # :expire_after => 2592000
+ # )
+ # Rack::Handler::WEBrick.run sessioned
+
+ class Pool < Abstract::ID
+ attr_reader :mutex, :pool
+ DEFAULT_OPTIONS = Abstract::ID::DEFAULT_OPTIONS.merge :drop => false
+
+ def initialize(app, options={})
+ super
+ @pool = Hash.new
+ @mutex = Mutex.new
+ end
+
+ def generate_sid
+ loop do
+ sid = super
+ break sid unless @pool.key? sid
+ end
+ end
+
+ def get_session(env, sid)
+ session = @pool[sid] if sid
+ @mutex.lock if env['rack.multithread']
+ unless sid and session
+ env['rack.errors'].puts("Session '#{sid.inspect}' not found, initializing...") if $VERBOSE and not sid.nil?
+ session = {}
+ sid = generate_sid
+ @pool.store sid, session
+ end
+ session.instance_variable_set('@old', {}.merge(session))
+ return [sid, session]
+ ensure
+ @mutex.unlock if env['rack.multithread']
+ end
+
+ def set_session(env, session_id, new_session, options)
+ @mutex.lock if env['rack.multithread']
+ session = @pool[session_id]
+ if options[:renew] or options[:drop]
+ @pool.delete session_id
+ return false if options[:drop]
+ session_id = generate_sid
+ @pool.store session_id, 0
+ end
+ old_session = new_session.instance_variable_get('@old') || {}
+ session = merge_sessions session_id, old_session, new_session, session
+ @pool.store session_id, session
+ return session_id
+ rescue
+ warn "#{new_session.inspect} has been lost."
+ warn $!.inspect
+ ensure
+ @mutex.unlock if env['rack.multithread']
+ end
+
+ private
+
+ def merge_sessions sid, old, new, cur=nil
+ cur ||= {}
+ unless Hash === old and Hash === new
+ warn 'Bad old or new sessions provided.'
+ return cur
+ end
+
+ delete = old.keys - new.keys
+ warn "//@#{sid}: dropping #{delete*','}" if $DEBUG and not delete.empty?
+ delete.each{|k| cur.delete k }
+
+ update = new.keys.select{|k| new[k] != old[k] }
+ warn "//@#{sid}: updating #{update*','}" if $DEBUG and not update.empty?
+ update.each{|k| cur[k] = new[k] }
+
+ cur
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/showexceptions.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/showexceptions.rb
new file mode 100644
index 0000000000..697bc41fdb
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/showexceptions.rb
@@ -0,0 +1,349 @@
+require 'ostruct'
+require 'erb'
+require 'rack/request'
+require 'rack/utils'
+
+module Rack
+ # Rack::ShowExceptions catches all exceptions raised from the app it
+ # wraps. It shows a useful backtrace with the sourcefile and
+ # clickable context, the whole Rack environment and the request
+ # data.
+ #
+ # Be careful when you use this on public-facing sites as it could
+ # reveal information helpful to attackers.
+
+ class ShowExceptions
+ CONTEXT = 7
+
+ def initialize(app)
+ @app = app
+ @template = ERB.new(TEMPLATE)
+ end
+
+ def call(env)
+ @app.call(env)
+ rescue StandardError, LoadError, SyntaxError => e
+ backtrace = pretty(env, e)
+ [500,
+ {"Content-Type" => "text/html",
+ "Content-Length" => backtrace.join.size.to_s},
+ backtrace]
+ end
+
+ def pretty(env, exception)
+ req = Rack::Request.new(env)
+ path = (req.script_name + req.path_info).squeeze("/")
+
+ frames = exception.backtrace.map { |line|
+ frame = OpenStruct.new
+ if line =~ /(.*?):(\d+)(:in `(.*)')?/
+ frame.filename = $1
+ frame.lineno = $2.to_i
+ frame.function = $4
+
+ begin
+ lineno = frame.lineno-1
+ lines = ::File.readlines(frame.filename)
+ frame.pre_context_lineno = [lineno-CONTEXT, 0].max
+ frame.pre_context = lines[frame.pre_context_lineno...lineno]
+ frame.context_line = lines[lineno].chomp
+ frame.post_context_lineno = [lineno+CONTEXT, lines.size].min
+ frame.post_context = lines[lineno+1..frame.post_context_lineno]
+ rescue
+ end
+
+ frame
+ else
+ nil
+ end
+ }.compact
+
+ env["rack.errors"].puts "#{exception.class}: #{exception.message}"
+ env["rack.errors"].puts exception.backtrace.map { |l| "\t" + l }
+ env["rack.errors"].flush
+
+ [@template.result(binding)]
+ end
+
+ def h(obj) # :nodoc:
+ case obj
+ when String
+ Utils.escape_html(obj)
+ else
+ Utils.escape_html(obj.inspect)
+ end
+ end
+
+ # :stopdoc:
+
+# adapted from Django <djangoproject.com>
+# Copyright (c) 2005, the Lawrence Journal-World
+# Used under the modified BSD license:
+# http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5
+TEMPLATE = <<'HTML'
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="en">
+<head>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <meta name="robots" content="NONE,NOARCHIVE" />
+ <title><%=h exception.class %> at <%=h path %></title>
+ <style type="text/css">
+ html * { padding:0; margin:0; }
+ body * { padding:10px 20px; }
+ body * * { padding:0; }
+ body { font:small sans-serif; }
+ body>div { border-bottom:1px solid #ddd; }
+ h1 { font-weight:normal; }
+ h2 { margin-bottom:.8em; }
+ h2 span { font-size:80%; color:#666; font-weight:normal; }
+ h3 { margin:1em 0 .5em 0; }
+ h4 { margin:0 0 .5em 0; font-weight: normal; }
+ table {
+ border:1px solid #ccc; border-collapse: collapse; background:white; }
+ tbody td, tbody th { vertical-align:top; padding:2px 3px; }
+ thead th {
+ padding:1px 6px 1px 3px; background:#fefefe; text-align:left;
+ font-weight:normal; font-size:11px; border:1px solid #ddd; }
+ tbody th { text-align:right; color:#666; padding-right:.5em; }
+ table.vars { margin:5px 0 2px 40px; }
+ table.vars td, table.req td { font-family:monospace; }
+ table td.code { width:100%;}
+ table td.code div { overflow:hidden; }
+ table.source th { color:#666; }
+ table.source td {
+ font-family:monospace; white-space:pre; border-bottom:1px solid #eee; }
+ ul.traceback { list-style-type:none; }
+ ul.traceback li.frame { margin-bottom:1em; }
+ div.context { margin: 10px 0; }
+ div.context ol {
+ padding-left:30px; margin:0 10px; list-style-position: inside; }
+ div.context ol li {
+ font-family:monospace; white-space:pre; color:#666; cursor:pointer; }
+ div.context ol.context-line li { color:black; background-color:#ccc; }
+ div.context ol.context-line li span { float: right; }
+ div.commands { margin-left: 40px; }
+ div.commands a { color:black; text-decoration:none; }
+ #summary { background: #ffc; }
+ #summary h2 { font-weight: normal; color: #666; }
+ #summary ul#quicklinks { list-style-type: none; margin-bottom: 2em; }
+ #summary ul#quicklinks li { float: left; padding: 0 1em; }
+ #summary ul#quicklinks>li+li { border-left: 1px #666 solid; }
+ #explanation { background:#eee; }
+ #template, #template-not-exist { background:#f6f6f6; }
+ #template-not-exist ul { margin: 0 0 0 20px; }
+ #traceback { background:#eee; }
+ #requestinfo { background:#f6f6f6; padding-left:120px; }
+ #summary table { border:none; background:transparent; }
+ #requestinfo h2, #requestinfo h3 { position:relative; margin-left:-100px; }
+ #requestinfo h3 { margin-bottom:-1em; }
+ .error { background: #ffc; }
+ .specific { color:#cc3300; font-weight:bold; }
+ </style>
+ <script type="text/javascript">
+ //<!--
+ function getElementsByClassName(oElm, strTagName, strClassName){
+ // Written by Jonathan Snook, http://www.snook.ca/jon;
+ // Add-ons by Robert Nyman, http://www.robertnyman.com
+ var arrElements = (strTagName == "*" && document.all)? document.all :
+ oElm.getElementsByTagName(strTagName);
+ var arrReturnElements = new Array();
+ strClassName = strClassName.replace(/\-/g, "\\-");
+ var oRegExp = new RegExp("(^|\\s)" + strClassName + "(\\s|$$)");
+ var oElement;
+ for(var i=0; i<arrElements.length; i++){
+ oElement = arrElements[i];
+ if(oRegExp.test(oElement.className)){
+ arrReturnElements.push(oElement);
+ }
+ }
+ return (arrReturnElements)
+ }
+ function hideAll(elems) {
+ for (var e = 0; e < elems.length; e++) {
+ elems[e].style.display = 'none';
+ }
+ }
+ window.onload = function() {
+ hideAll(getElementsByClassName(document, 'table', 'vars'));
+ hideAll(getElementsByClassName(document, 'ol', 'pre-context'));
+ hideAll(getElementsByClassName(document, 'ol', 'post-context'));
+ }
+ function toggle() {
+ for (var i = 0; i < arguments.length; i++) {
+ var e = document.getElementById(arguments[i]);
+ if (e) {
+ e.style.display = e.style.display == 'none' ? 'block' : 'none';
+ }
+ }
+ return false;
+ }
+ function varToggle(link, id) {
+ toggle('v' + id);
+ var s = link.getElementsByTagName('span')[0];
+ var uarr = String.fromCharCode(0x25b6);
+ var darr = String.fromCharCode(0x25bc);
+ s.innerHTML = s.innerHTML == uarr ? darr : uarr;
+ return false;
+ }
+ //-->
+ </script>
+</head>
+<body>
+
+<div id="summary">
+ <h1><%=h exception.class %> at <%=h path %></h1>
+ <h2><%=h exception.message %></h2>
+ <table><tr>
+ <th>Ruby</th>
+ <td><code><%=h frames.first.filename %></code>: in <code><%=h frames.first.function %></code>, line <%=h frames.first.lineno %></td>
+ </tr><tr>
+ <th>Web</th>
+ <td><code><%=h req.request_method %> <%=h(req.host + path)%></code></td>
+ </tr></table>
+
+ <h3>Jump to:</h3>
+ <ul id="quicklinks">
+ <li><a href="#get-info">GET</a></li>
+ <li><a href="#post-info">POST</a></li>
+ <li><a href="#cookie-info">Cookies</a></li>
+ <li><a href="#env-info">ENV</a></li>
+ </ul>
+</div>
+
+<div id="traceback">
+ <h2>Traceback <span>(innermost first)</span></h2>
+ <ul class="traceback">
+<% frames.each { |frame| %>
+ <li class="frame">
+ <code><%=h frame.filename %></code>: in <code><%=h frame.function %></code>
+
+ <% if frame.context_line %>
+ <div class="context" id="c<%=h frame.object_id %>">
+ <% if frame.pre_context %>
+ <ol start="<%=h frame.pre_context_lineno+1 %>" class="pre-context" id="pre<%=h frame.object_id %>">
+ <% frame.pre_context.each { |line| %>
+ <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h line %></li>
+ <% } %>
+ </ol>
+ <% end %>
+
+ <ol start="<%=h frame.lineno %>" class="context-line">
+ <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h frame.context_line %><span>...</span></li></ol>
+
+ <% if frame.post_context %>
+ <ol start='<%=h frame.lineno+1 %>' class="post-context" id="post<%=h frame.object_id %>">
+ <% frame.post_context.each { |line| %>
+ <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h line %></li>
+ <% } %>
+ </ol>
+ <% end %>
+ </div>
+ <% end %>
+ </li>
+<% } %>
+ </ul>
+</div>
+
+<div id="requestinfo">
+ <h2>Request information</h2>
+
+ <h3 id="get-info">GET</h3>
+ <% unless req.GET.empty? %>
+ <table class="req">
+ <thead>
+ <tr>
+ <th>Variable</th>
+ <th>Value</th>
+ </tr>
+ </thead>
+ <tbody>
+ <% req.GET.sort_by { |k, v| k.to_s }.each { |key, val| %>
+ <tr>
+ <td><%=h key %></td>
+ <td class="code"><div><%=h val.inspect %></div></td>
+ </tr>
+ <% } %>
+ </tbody>
+ </table>
+ <% else %>
+ <p>No GET data.</p>
+ <% end %>
+
+ <h3 id="post-info">POST</h3>
+ <% unless req.POST.empty? %>
+ <table class="req">
+ <thead>
+ <tr>
+ <th>Variable</th>
+ <th>Value</th>
+ </tr>
+ </thead>
+ <tbody>
+ <% req.POST.sort_by { |k, v| k.to_s }.each { |key, val| %>
+ <tr>
+ <td><%=h key %></td>
+ <td class="code"><div><%=h val.inspect %></div></td>
+ </tr>
+ <% } %>
+ </tbody>
+ </table>
+ <% else %>
+ <p>No POST data.</p>
+ <% end %>
+
+
+ <h3 id="cookie-info">COOKIES</h3>
+ <% unless req.cookies.empty? %>
+ <table class="req">
+ <thead>
+ <tr>
+ <th>Variable</th>
+ <th>Value</th>
+ </tr>
+ </thead>
+ <tbody>
+ <% req.cookies.each { |key, val| %>
+ <tr>
+ <td><%=h key %></td>
+ <td class="code"><div><%=h val.inspect %></div></td>
+ </tr>
+ <% } %>
+ </tbody>
+ </table>
+ <% else %>
+ <p>No cookie data.</p>
+ <% end %>
+
+ <h3 id="env-info">Rack ENV</h3>
+ <table class="req">
+ <thead>
+ <tr>
+ <th>Variable</th>
+ <th>Value</th>
+ </tr>
+ </thead>
+ <tbody>
+ <% env.sort_by { |k, v| k.to_s }.each { |key, val| %>
+ <tr>
+ <td><%=h key %></td>
+ <td class="code"><div><%=h val %></div></td>
+ </tr>
+ <% } %>
+ </tbody>
+ </table>
+
+</div>
+
+<div id="explanation">
+ <p>
+ You're seeing this error because you use <code>Rack::ShowExceptions</code>.
+ </p>
+</div>
+
+</body>
+</html>
+HTML
+
+ # :startdoc:
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/showstatus.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/showstatus.rb
new file mode 100644
index 0000000000..28258c7c89
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/showstatus.rb
@@ -0,0 +1,106 @@
+require 'erb'
+require 'rack/request'
+require 'rack/utils'
+
+module Rack
+ # Rack::ShowStatus catches all empty responses the app it wraps and
+ # replaces them with a site explaining the error.
+ #
+ # Additional details can be put into <tt>rack.showstatus.detail</tt>
+ # and will be shown as HTML. If such details exist, the error page
+ # is always rendered, even if the reply was not empty.
+
+ class ShowStatus
+ def initialize(app)
+ @app = app
+ @template = ERB.new(TEMPLATE)
+ end
+
+ def call(env)
+ status, headers, body = @app.call(env)
+ headers = Utils::HeaderHash.new(headers)
+ empty = headers['Content-Length'].to_i <= 0
+
+ # client or server error, or explicit message
+ if (status.to_i >= 400 && empty) || env["rack.showstatus.detail"]
+ req = Rack::Request.new(env)
+ message = Rack::Utils::HTTP_STATUS_CODES[status.to_i] || status.to_s
+ detail = env["rack.showstatus.detail"] || message
+ body = @template.result(binding)
+ size = Rack::Utils.bytesize(body)
+ [status, headers.merge("Content-Type" => "text/html", "Content-Length" => size.to_s), [body]]
+ else
+ [status, headers, body]
+ end
+ end
+
+ def h(obj) # :nodoc:
+ case obj
+ when String
+ Utils.escape_html(obj)
+ else
+ Utils.escape_html(obj.inspect)
+ end
+ end
+
+ # :stopdoc:
+
+# adapted from Django <djangoproject.com>
+# Copyright (c) 2005, the Lawrence Journal-World
+# Used under the modified BSD license:
+# http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5
+TEMPLATE = <<'HTML'
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="en">
+<head>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <title><%=h message %> at <%=h req.script_name + req.path_info %></title>
+ <meta name="robots" content="NONE,NOARCHIVE" />
+ <style type="text/css">
+ html * { padding:0; margin:0; }
+ body * { padding:10px 20px; }
+ body * * { padding:0; }
+ body { font:small sans-serif; background:#eee; }
+ body>div { border-bottom:1px solid #ddd; }
+ h1 { font-weight:normal; margin-bottom:.4em; }
+ h1 span { font-size:60%; color:#666; font-weight:normal; }
+ table { border:none; border-collapse: collapse; width:100%; }
+ td, th { vertical-align:top; padding:2px 3px; }
+ th { width:12em; text-align:right; color:#666; padding-right:.5em; }
+ #info { background:#f6f6f6; }
+ #info ol { margin: 0.5em 4em; }
+ #info ol li { font-family: monospace; }
+ #summary { background: #ffc; }
+ #explanation { background:#eee; border-bottom: 0px none; }
+ </style>
+</head>
+<body>
+ <div id="summary">
+ <h1><%=h message %> <span>(<%= status.to_i %>)</span></h1>
+ <table class="meta">
+ <tr>
+ <th>Request Method:</th>
+ <td><%=h req.request_method %></td>
+ </tr>
+ <tr>
+ <th>Request URL:</th>
+ <td><%=h req.url %></td>
+ </tr>
+ </table>
+ </div>
+ <div id="info">
+ <p><%= detail %></p>
+ </div>
+
+ <div id="explanation">
+ <p>
+ You're seeing this error because you use <code>Rack::ShowStatus</code>.
+ </p>
+ </div>
+</body>
+</html>
+HTML
+
+ # :startdoc:
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/static.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/static.rb
new file mode 100644
index 0000000000..168e8f83b2
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/static.rb
@@ -0,0 +1,38 @@
+module Rack
+
+ # The Rack::Static middleware intercepts requests for static files
+ # (javascript files, images, stylesheets, etc) based on the url prefixes
+ # passed in the options, and serves them using a Rack::File object. This
+ # allows a Rack stack to serve both static and dynamic content.
+ #
+ # Examples:
+ # use Rack::Static, :urls => ["/media"]
+ # will serve all requests beginning with /media from the "media" folder
+ # located in the current directory (ie media/*).
+ #
+ # use Rack::Static, :urls => ["/css", "/images"], :root => "public"
+ # will serve all requests beginning with /css or /images from the folder
+ # "public" in the current directory (ie public/css/* and public/images/*)
+
+ class Static
+
+ def initialize(app, options={})
+ @app = app
+ @urls = options[:urls] || ["/favicon.ico"]
+ root = options[:root] || Dir.pwd
+ @file_server = Rack::File.new(root)
+ end
+
+ def call(env)
+ path = env["PATH_INFO"]
+ can_serve = @urls.any? { |url| path.index(url) == 0 }
+
+ if can_serve
+ @file_server.call(env)
+ else
+ @app.call(env)
+ end
+ end
+
+ end
+end
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/urlmap.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/urlmap.rb
new file mode 100644
index 0000000000..0ff32df181
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/urlmap.rb
@@ -0,0 +1,55 @@
+module Rack
+ # Rack::URLMap takes a hash mapping urls or paths to apps, and
+ # dispatches accordingly. Support for HTTP/1.1 host names exists if
+ # the URLs start with <tt>http://</tt> or <tt>https://</tt>.
+ #
+ # URLMap modifies the SCRIPT_NAME and PATH_INFO such that the part
+ # relevant for dispatch is in the SCRIPT_NAME, and the rest in the
+ # PATH_INFO. This should be taken care of when you need to
+ # reconstruct the URL in order to create links.
+ #
+ # URLMap dispatches in such a way that the longest paths are tried
+ # first, since they are most specific.
+
+ class URLMap
+ def initialize(map = {})
+ remap(map)
+ end
+
+ def remap(map)
+ @mapping = map.map { |location, app|
+ if location =~ %r{\Ahttps?://(.*?)(/.*)}
+ host, location = $1, $2
+ else
+ host = nil
+ end
+
+ unless location[0] == ?/
+ raise ArgumentError, "paths need to start with /"
+ end
+ location = location.chomp('/')
+
+ [host, location, app]
+ }.sort_by { |(h, l, a)| [-l.size, h.to_s.size] } # Longest path first
+ end
+
+ def call(env)
+ path = env["PATH_INFO"].to_s.squeeze("/")
+ script_name = env['SCRIPT_NAME']
+ hHost, sName, sPort = env.values_at('HTTP_HOST','SERVER_NAME','SERVER_PORT')
+ @mapping.each { |host, location, app|
+ next unless (hHost == host || sName == host \
+ || (host.nil? && (hHost == sName || hHost == sName+':'+sPort)))
+ next unless location == path[0, location.size]
+ next unless path[location.size] == nil || path[location.size] == ?/
+
+ return app.call(
+ env.merge(
+ 'SCRIPT_NAME' => (script_name + location),
+ 'PATH_INFO' => path[location.size..-1]))
+ }
+ [404, {"Content-Type" => "text/plain"}, ["Not Found: #{path}"]]
+ end
+ end
+end
+
diff --git a/actionpack/lib/action_controller/vendor/rack-1.0/rack/utils.rb b/actionpack/lib/action_controller/vendor/rack-1.0/rack/utils.rb
new file mode 100644
index 0000000000..0a61bce707
--- /dev/null
+++ b/actionpack/lib/action_controller/vendor/rack-1.0/rack/utils.rb
@@ -0,0 +1,392 @@
+require 'set'
+require 'tempfile'
+
+module Rack
+ # Rack::Utils contains a grab-bag of useful methods for writing web
+ # applications adopted from all kinds of Ruby libraries.
+
+ module Utils
+ # Performs URI escaping so that you can construct proper
+ # query strings faster. Use this rather than the cgi.rb
+ # version since it's faster. (Stolen from Camping).
+ def escape(s)
+ s.to_s.gsub(/([^ a-zA-Z0-9_.-]+)/n) {
+ '%'+$1.unpack('H2'*$1.size).join('%').upcase
+ }.tr(' ', '+')
+ end
+ module_function :escape
+
+ # Unescapes a URI escaped string. (Stolen from Camping).
+ def unescape(s)
+ s.tr('+', ' ').gsub(/((?:%[0-9a-fA-F]{2})+)/n){
+ [$1.delete('%')].pack('H*')
+ }
+ end
+ module_function :unescape
+
+ # Stolen from Mongrel, with some small modifications:
+ # Parses a query string by breaking it up at the '&'
+ # and ';' characters. You can also use this to parse
+ # cookies by changing the characters used in the second
+ # parameter (which defaults to '&;').
+ def parse_query(qs, d = '&;')
+ params = {}
+
+ (qs || '').split(/[#{d}] */n).each do |p|
+ k, v = unescape(p).split('=', 2)
+
+ if cur = params[k]
+ if cur.class == Array
+ params[k] << v
+ else
+ params[k] = [cur, v]
+ end
+ else
+ params[k] = v
+ end
+ end
+
+ return params
+ end
+ module_function :parse_query
+
+ def parse_nested_query(qs, d = '&;')
+ params = {}
+
+ (qs || '').split(/[#{d}] */n).each do |p|
+ k, v = unescape(p).split('=', 2)
+ normalize_params(params, k, v)
+ end
+
+ return params
+ end
+ module_function :parse_nested_query
+
+ def normalize_params(params, name, v = nil)
+ name =~ %r([\[\]]*([^\[\]]+)\]*)
+ k = $1 || ''
+ after = $' || ''
+
+ return if k.empty?
+
+ if after == ""
+ params[k] = v
+ elsif after == "[]"
+ params[k] ||= []
+ raise TypeError unless params[k].is_a?(Array)
+ params[k] << v
+ elsif after =~ %r(^\[\]\[([^\[\]]+)\]$) || after =~ %r(^\[\](.+)$)
+ child_key = $1
+ params[k] ||= []
+ raise TypeError unless params[k].is_a?(Array)
+ if params[k].last.is_a?(Hash) && !params[k].last.key?(child_key)
+ normalize_params(params[k].last, child_key, v)
+ else
+ params[k] << normalize_params({}, child_key, v)
+ end
+ else
+ params[k] ||= {}
+ params[k] = normalize_params(params[k], after, v)
+ end
+
+ return params
+ end
+ module_function :normalize_params
+
+ def build_query(params)
+ params.map { |k, v|
+ if v.class == Array
+ build_query(v.map { |x| [k, x] })
+ else
+ escape(k) + "=" + escape(v)
+ end
+ }.join("&")
+ end
+ module_function :build_query
+
+ # Escape ampersands, brackets and quotes to their HTML/XML entities.
+ def escape_html(string)
+ string.to_s.gsub("&", "&amp;").
+ gsub("<", "&lt;").
+ gsub(">", "&gt;").
+ gsub("'", "&#39;").
+ gsub('"', "&quot;")
+ end
+ module_function :escape_html
+
+ def select_best_encoding(available_encodings, accept_encoding)
+ # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
+
+ expanded_accept_encoding =
+ accept_encoding.map { |m, q|
+ if m == "*"
+ (available_encodings - accept_encoding.map { |m2, _| m2 }).map { |m2| [m2, q] }
+ else
+ [[m, q]]
+ end
+ }.inject([]) { |mem, list|
+ mem + list
+ }
+
+ encoding_candidates = expanded_accept_encoding.sort_by { |_, q| -q }.map { |m, _| m }
+
+ unless encoding_candidates.include?("identity")
+ encoding_candidates.push("identity")
+ end
+
+ expanded_accept_encoding.find_all { |m, q|
+ q == 0.0
+ }.each { |m, _|
+ encoding_candidates.delete(m)
+ }
+
+ return (encoding_candidates & available_encodings)[0]
+ end
+ module_function :select_best_encoding
+
+ # Return the bytesize of String; uses String#length under Ruby 1.8 and
+ # String#bytesize under 1.9.
+ if ''.respond_to?(:bytesize)
+ def bytesize(string)
+ string.bytesize
+ end
+ else
+ def bytesize(string)
+ string.size
+ end
+ end
+ module_function :bytesize
+
+ # Context allows the use of a compatible middleware at different points
+ # in a request handling stack. A compatible middleware must define
+ # #context which should take the arguments env and app. The first of which
+ # would be the request environment. The second of which would be the rack
+ # application that the request would be forwarded to.
+ class Context
+ attr_reader :for, :app
+
+ def initialize(app_f, app_r)
+ raise 'running context does not respond to #context' unless app_f.respond_to? :context
+ @for, @app = app_f, app_r
+ end
+
+ def call(env)
+ @for.context(env, @app)
+ end
+
+ def recontext(app)
+ self.class.new(@for, app)
+ end
+
+ def context(env, app=@app)
+ recontext(app).call(env)
+ end
+ end
+
+ # A case-insensitive Hash that preserves the original case of a
+ # header when set.
+ class HeaderHash < Hash
+ def initialize(hash={})
+ @names = {}
+ hash.each { |k, v| self[k] = v }
+ end
+
+ def to_hash
+ inject({}) do |hash, (k,v)|
+ if v.respond_to? :to_ary
+ hash[k] = v.to_ary.join("\n")
+ else
+ hash[k] = v
+ end
+ hash
+ end
+ end
+
+ def [](k)
+ super @names[k.downcase]
+ end
+
+ def []=(k, v)
+ delete k
+ @names[k.downcase] = k
+ super k, v
+ end
+
+ def delete(k)
+ super @names.delete(k.downcase)
+ end
+
+ def include?(k)
+ @names.has_key? k.downcase
+ end
+
+ alias_method :has_key?, :include?
+ alias_method :member?, :include?
+ alias_method :key?, :include?
+
+ def merge!(other)
+ other.each { |k, v| self[k] = v }
+ self
+ end
+
+ def merge(other)
+ hash = dup
+ hash.merge! other
+ end
+ end
+
+ # Every standard HTTP code mapped to the appropriate message.
+ # Stolen from Mongrel.
+ HTTP_STATUS_CODES = {
+ 100 => 'Continue',
+ 101 => 'Switching Protocols',
+ 200 => 'OK',
+ 201 => 'Created',
+ 202 => 'Accepted',
+ 203 => 'Non-Authoritative Information',
+ 204 => 'No Content',
+ 205 => 'Reset Content',
+ 206 => 'Partial Content',
+ 300 => 'Multiple Choices',
+ 301 => 'Moved Permanently',
+ 302 => 'Found',
+ 303 => 'See Other',
+ 304 => 'Not Modified',
+ 305 => 'Use Proxy',
+ 307 => 'Temporary Redirect',
+ 400 => 'Bad Request',
+ 401 => 'Unauthorized',
+ 402 => 'Payment Required',
+ 403 => 'Forbidden',
+ 404 => 'Not Found',
+ 405 => 'Method Not Allowed',
+ 406 => 'Not Acceptable',
+ 407 => 'Proxy Authentication Required',
+ 408 => 'Request Timeout',
+ 409 => 'Conflict',
+ 410 => 'Gone',
+ 411 => 'Length Required',
+ 412 => 'Precondition Failed',
+ 413 => 'Request Entity Too Large',
+ 414 => 'Request-URI Too Large',
+ 415 => 'Unsupported Media Type',
+ 416 => 'Requested Range Not Satisfiable',
+ 417 => 'Expectation Failed',
+ 500 => 'Internal Server Error',
+ 501 => 'Not Implemented',
+ 502 => 'Bad Gateway',
+ 503 => 'Service Unavailable',
+ 504 => 'Gateway Timeout',
+ 505 => 'HTTP Version Not Supported'
+ }
+
+ # Responses with HTTP status codes that should not have an entity body
+ STATUS_WITH_NO_ENTITY_BODY = Set.new((100..199).to_a << 204 << 304)
+
+ # A multipart form data parser, adapted from IOWA.
+ #
+ # Usually, Rack::Request#POST takes care of calling this.
+
+ module Multipart
+ EOL = "\r\n"
+
+ def self.parse_multipart(env)
+ unless env['CONTENT_TYPE'] =~
+ %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|n
+ nil
+ else
+ boundary = "--#{$1}"
+
+ params = {}
+ buf = ""
+ content_length = env['CONTENT_LENGTH'].to_i
+ input = env['rack.input']
+
+ boundary_size = boundary.size + EOL.size
+ bufsize = 16384
+
+ content_length -= boundary_size
+
+ status = input.read(boundary_size)
+ raise EOFError, "bad content body" unless status == boundary + EOL
+
+ rx = /(?:#{EOL})?#{Regexp.quote boundary}(#{EOL}|--)/n
+
+ loop {
+ head = nil
+ body = ''
+ filename = content_type = name = nil
+
+ until head && buf =~ rx
+ if !head && i = buf.index("\r\n\r\n")
+ head = buf.slice!(0, i+2) # First \r\n
+ buf.slice!(0, 2) # Second \r\n
+
+ filename = head[/Content-Disposition:.* filename="?([^\";]*)"?/ni, 1]
+ content_type = head[/Content-Type: (.*)\r\n/ni, 1]
+ name = head[/Content-Disposition:.* name="?([^\";]*)"?/ni, 1]
+
+ if filename
+ body = Tempfile.new("RackMultipart")
+ body.binmode if body.respond_to?(:binmode)
+ end
+
+ next
+ end
+
+ # Save the read body part.
+ if head && (boundary_size+4 < buf.size)
+ body << buf.slice!(0, buf.size - (boundary_size+4))
+ end
+
+ c = input.read(bufsize < content_length ? bufsize : content_length)
+ raise EOFError, "bad content body" if c.nil? || c.empty?
+ buf << c
+ content_length -= c.size
+ end
+
+ # Save the rest.
+ if i = buf.index(rx)
+ body << buf.slice!(0, i)
+ buf.slice!(0, boundary_size+2)
+
+ content_length = -1 if $1 == "--"
+ end
+
+ if filename == ""
+ # filename is blank which means no file has been selected
+ data = nil
+ elsif filename
+ body.rewind
+
+ # Take the basename of the upload's original filename.
+ # This handles the full Windows paths given by Internet Explorer
+ # (and perhaps other broken user agents) without affecting
+ # those which give the lone filename.
+ filename =~ /^(?:.*[:\\\/])?(.*)/m
+ filename = $1
+
+ data = {:filename => filename, :type => content_type,
+ :name => name, :tempfile => body, :head => head}
+ else
+ data = body
+ end
+
+ Utils.normalize_params(params, name, data) unless data.nil?
+
+ break if buf.empty? || content_length == -1
+ }
+
+ begin
+ input.rewind if input.respond_to?(:rewind)
+ rescue Errno::ESPIPE
+ # Handles exceptions raised by input streams that cannot be rewound
+ # such as when using plain CGI under Apache
+ end
+
+ params
+ end
+ end
+ end
+ end
+end
diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb
index a2c14f7ea2..7d47a1566e 100755
--- a/actionpack/lib/action_dispatch/http/request.rb
+++ b/actionpack/lib/action_dispatch/http/request.rb
@@ -31,7 +31,7 @@ module ActionDispatch
# <tt>:get</tt>. If the request \method is not listed in the HTTP_METHODS
# constant above, an UnknownHttpMethod exception is raised.
def request_method
- HTTP_METHOD_LOOKUP[super] || raise(ActionController::UnknownHttpMethod, "#{super}, accepted HTTP methods are #{HTTP_METHODS.to_sentence}")
+ @request_method ||= HTTP_METHOD_LOOKUP[super] || raise(ActionController::UnknownHttpMethod, "#{super}, accepted HTTP methods are #{HTTP_METHODS.to_sentence(:locale => :en)}")
end
# Returns the HTTP request \method used for action processing as a
@@ -431,15 +431,15 @@ EOM
FORM_DATA_MEDIA_TYPES.include?(content_type.to_s)
end
- # Override Rack's GET method to support nested query strings
+ # Override Rack's GET method to support indifferent access
def GET
- @env["action_controller.request.query_parameters"] ||= UrlEncodedPairParser.parse_query_parameters(query_string)
+ @env["action_controller.request.query_parameters"] ||= normalize_parameters(super)
end
alias_method :query_parameters, :GET
- # Override Rack's POST method to support nested query strings
+ # Override Rack's POST method to support indifferent access
def POST
- @env["action_controller.request.request_parameters"] ||= UrlEncodedPairParser.parse_hash_parameters(super)
+ @env["action_controller.request.request_parameters"] ||= normalize_parameters(super)
end
alias_method :request_parameters, :POST
@@ -456,6 +456,7 @@ EOM
end
def reset_session
+ @env['rack.session.options'].delete(:id)
@env['rack.session'] = {}
end
@@ -475,5 +476,28 @@ EOM
def named_host?(host)
!(host.nil? || /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(host))
end
+
+ # Convert nested Hashs to HashWithIndifferentAccess and replace
+ # file upload hashs with UploadedFile objects
+ def normalize_parameters(value)
+ case value
+ when Hash
+ if value.has_key?(:tempfile)
+ upload = value[:tempfile]
+ upload.extend(UploadedFile)
+ upload.original_path = value[:filename]
+ upload.content_type = value[:type]
+ upload
+ else
+ h = {}
+ value.each { |k, v| h[k] = normalize_parameters(v) }
+ h.with_indifferent_access
+ end
+ when Array
+ value.map { |e| normalize_parameters(e) }
+ else
+ value
+ end
+ end
end
end
diff --git a/actionpack/lib/action_dispatch/http/response.rb b/actionpack/lib/action_dispatch/http/response.rb
index e1d8ee3527..ecf40b8103 100644
--- a/actionpack/lib/action_dispatch/http/response.rb
+++ b/actionpack/lib/action_dispatch/http/response.rb
@@ -40,14 +40,28 @@ module ActionDispatch # :nodoc:
delegate :default_charset, :to => 'ActionController::Base'
def initialize
- @status = 200
- @header = DEFAULT_HEADERS.dup
+ super
+ @header = Rack::Utils::HeaderHash.new(DEFAULT_HEADERS)
+ @session, @assigns = [], []
+ end
- @writer = lambda { |x| @body << x }
- @block = nil
+ def body
+ str = ''
+ each { |part| str << part.to_s }
+ str
+ end
- @body = "",
- @session, @assigns = [], []
+ def body=(body)
+ @body =
+ if body.is_a?(String)
+ [body]
+ else
+ body
+ end
+ end
+
+ def body_parts
+ @body
end
def location; headers['Location'] end
@@ -144,7 +158,6 @@ module ActionDispatch # :nodoc:
set_content_length!
convert_content_type!
convert_language!
- convert_expires!
convert_cookies!
end
@@ -153,7 +166,7 @@ module ActionDispatch # :nodoc:
@writer = lambda { |x| callback.call(x) }
@body.call(self, self)
elsif @body.is_a?(String)
- @body.each_line(&callback)
+ callback.call(@body)
else
@body.each(&callback)
end
@@ -163,37 +176,20 @@ module ActionDispatch # :nodoc:
end
def write(str)
- @writer.call str.to_s
+ str = str.to_s
+ @writer.call str
str
end
- # Over Rack::Response#set_cookie to add HttpOnly option
def set_cookie(key, value)
- case value
- when Hash
- domain = "; domain=" + value[:domain] if value[:domain]
- path = "; path=" + value[:path] if value[:path]
- # According to RFC 2109, we need dashes here.
- # N.B.: cgi.rb uses spaces...
- expires = "; expires=" + value[:expires].clone.gmtime.
- strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires]
- secure = "; secure" if value[:secure]
- httponly = "; HttpOnly" if value[:http_only]
- value = value[:value]
- end
- value = [value] unless Array === value
- cookie = ::Rack::Utils.escape(key) + "=" +
- value.map { |v| ::Rack::Utils.escape v }.join("&") +
- "#{domain}#{path}#{expires}#{secure}#{httponly}"
-
- case self["Set-Cookie"]
- when Array
- self["Set-Cookie"] << cookie
- when String
- self["Set-Cookie"] = [self["Set-Cookie"], cookie]
- when nil
- self["Set-Cookie"] = cookie
+ if value.has_key?(:http_only)
+ ActiveSupport::Deprecation.warn(
+ "The :http_only option in ActionController::Response#set_cookie " +
+ "has been renamed. Please use :httponly instead.", caller)
+ value[:httponly] ||= value.delete(:http_only)
end
+
+ super(key, value)
end
private
@@ -205,7 +201,7 @@ module ActionDispatch # :nodoc:
if request && request.etag_matches?(etag)
self.status = '304 Not Modified'
- self.body = ''
+ self.body = []
end
set_conditional_cache_control!
@@ -214,7 +210,11 @@ module ActionDispatch # :nodoc:
def nonempty_ok_response?
ok = !status || status.to_s[0..2] == '200'
- ok && body.is_a?(String) && !body.empty?
+ ok && string_body?
+ end
+
+ def string_body?
+ !body_parts.respond_to?(:call) && body_parts.any? && body_parts.all? { |part| part.is_a?(String) }
end
def set_conditional_cache_control!
@@ -235,8 +235,8 @@ module ActionDispatch # :nodoc:
headers.delete('Content-Length')
elsif length = headers['Content-Length']
headers['Content-Length'] = length.to_s
- elsif !body.respond_to?(:call) && (!status || status.to_s[0..2] != '304')
- headers["Content-Length"] = body.size.to_s
+ elsif string_body? && (!status || status.to_s[0..2] != '304')
+ headers["Content-Length"] = Rack::Utils.bytesize(body).to_s
end
end
@@ -244,10 +244,6 @@ module ActionDispatch # :nodoc:
headers["Content-Language"] = headers.delete("language") if headers["language"]
end
- def convert_expires!
- headers["Expires"] = headers.delete("") if headers["expires"]
- end
-
def convert_cookies!
headers['Set-Cookie'] = Array(headers['Set-Cookie']).compact
end
diff --git a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
index 879d98fbdb..6c039cf62d 100644
--- a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
+++ b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
@@ -17,16 +17,11 @@ module ActionDispatch
@loaded = false
end
- def id
- load! unless @loaded
- @id
- end
-
def session_id
ActiveSupport::Deprecation.warn(
- "ActionController::Session::AbstractStore::SessionHash#session_id" +
- "has been deprecated.Please use #id instead.", caller)
- id
+ "ActionController::Session::AbstractStore::SessionHash#session_id " +
+ "has been deprecated. Please use request.session_options[:id] instead.", caller)
+ @env[ENV_SESSION_OPTIONS_KEY][:id]
end
def [](key)
@@ -47,20 +42,45 @@ module ActionDispatch
def data
ActiveSupport::Deprecation.warn(
- "ActionController::Session::AbstractStore::SessionHash#data" +
- "has been deprecated.Please use #to_hash instead.", caller)
+ "ActionController::Session::AbstractStore::SessionHash#data " +
+ "has been deprecated. Please use #to_hash instead.", caller)
to_hash
end
+ def inspect
+ load! unless @loaded
+ super
+ end
+
private
def loaded?
@loaded
end
def load!
- @id, session = @by.send(:load_session, @env)
- replace(session)
- @loaded = true
+ stale_session_check! do
+ id, session = @by.send(:load_session, @env)
+ (@env[ENV_SESSION_OPTIONS_KEY] ||= {})[:id] = id
+ replace(session)
+ @loaded = true
+ end
+ end
+
+ def stale_session_check!
+ yield
+ rescue ArgumentError => argument_error
+ if argument_error.message =~ %r{undefined class/module ([\w:]*\w)}
+ begin
+ # Note that the regexp does not allow $1 to end with a ':'
+ $1.constantize
+ rescue LoadError, NameError => const_error
+ raise ActionController::SessionRestoreError, "Session contains objects whose class definition isn\\'t available.\nRemember to require the classes for all objects kept in the session.\n(Original exception: \#{const_error.message} [\#{const_error.class}])\n"
+ end
+
+ retry
+ else
+ raise
+ end
end
end
@@ -107,11 +127,7 @@ module ActionDispatch
if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) || options[:expire_after]
session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.send(:loaded?)
- if session_data.is_a?(AbstractStore::SessionHash)
- sid = session_data.id
- else
- sid = generate_sid
- end
+ sid = options[:id] || generate_sid
unless set_session(env, sid, session_data.to_hash)
return response
@@ -128,12 +144,9 @@ module ActionDispatch
cookie << "; HttpOnly" if options[:httponly]
headers = response[1]
- case a = headers[SET_COOKIE]
- when Array
- a << cookie
- when String
- headers[SET_COOKIE] = [a, cookie]
- when nil
+ unless headers[SET_COOKIE].blank?
+ headers[SET_COOKIE] << "\n#{cookie}"
+ else
headers[SET_COOKIE] = cookie
end
end
diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
index ec93f66a88..433c4cc070 100644
--- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
+++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
@@ -88,7 +88,7 @@ module ActionDispatch
def call(env)
env[ENV_SESSION_KEY] = AbstractStore::SessionHash.new(self, env)
- env[ENV_SESSION_OPTIONS_KEY] = @default_options
+ env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup
status, headers, body = @app.call(env)
@@ -108,12 +108,9 @@ module ActionDispatch
end
cookie = build_cookie(@key, cookie.merge(options))
- case headers[HTTP_SET_COOKIE]
- when Array
- headers[HTTP_SET_COOKIE] << cookie
- when String
- headers[HTTP_SET_COOKIE] = [headers[HTTP_SET_COOKIE], cookie]
- when nil
+ unless headers[HTTP_SET_COOKIE].blank?
+ headers[HTTP_SET_COOKIE] << "\n#{cookie}"
+ else
headers[HTTP_SET_COOKIE] = cookie
end
end
@@ -133,7 +130,7 @@ module ActionDispatch
expires = "; expires=" + value[:expires].clone.gmtime.
strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires]
secure = "; secure" if value[:secure]
- httponly = "; httponly" if value[:httponly]
+ httponly = "; HttpOnly" if value[:httponly]
value = value[:value]
end
value = [value] unless Array === value
diff --git a/actionpack/lib/action_dispatch/rack.rb b/actionpack/lib/action_dispatch/rack.rb
index 69df9dac06..89087c124f 100644
--- a/actionpack/lib/action_dispatch/rack.rb
+++ b/actionpack/lib/action_dispatch/rack.rb
@@ -1,3 +1,3 @@
-require 'action_dispatch/rack/lock'
-require 'action_dispatch/rack/multipart'
-require 'action_dispatch/rack/parse_query'
+# require 'action_dispatch/rack/lock'
+# require 'action_dispatch/rack/multipart'
+# require 'action_dispatch/rack/parse_query'
diff --git a/actionpack/lib/action_dispatch/rack/lock.rb b/actionpack/lib/action_dispatch/rack/lock.rb
deleted file mode 100644
index 9bf1889065..0000000000
--- a/actionpack/lib/action_dispatch/rack/lock.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-module Rack
- # Rack::Lock was commited to Rack core
- # http://github.com/rack/rack/commit/7409b0c
- # Remove this when Rack 1.0 is released
- unless defined? Lock
- class Lock
- FLAG = 'rack.multithread'.freeze
-
- def initialize(app, lock = Mutex.new)
- @app, @lock = app, lock
- end
-
- def call(env)
- old, env[FLAG] = env[FLAG], false
- @lock.synchronize { @app.call(env) }
- ensure
- env[FLAG] = old
- end
- end
- end
-end
diff --git a/actionpack/lib/action_dispatch/rack/multipart.rb b/actionpack/lib/action_dispatch/rack/multipart.rb
deleted file mode 100644
index 3b142307e9..0000000000
--- a/actionpack/lib/action_dispatch/rack/multipart.rb
+++ /dev/null
@@ -1,22 +0,0 @@
-module Rack
- module Utils
- module Multipart
- class << self
- def parse_multipart_with_rewind(env)
- result = parse_multipart_without_rewind(env)
-
- begin
- env['rack.input'].rewind if env['rack.input'].respond_to?(:rewind)
- rescue Errno::ESPIPE
- # Handles exceptions raised by input streams that cannot be rewound
- # such as when using plain CGI under Apache
- end
-
- result
- end
-
- alias_method_chain :parse_multipart, :rewind
- end
- end
- end
-end
diff --git a/actionpack/lib/action_dispatch/rack/parse_query.rb b/actionpack/lib/action_dispatch/rack/parse_query.rb
deleted file mode 100644
index 15de720f14..0000000000
--- a/actionpack/lib/action_dispatch/rack/parse_query.rb
+++ /dev/null
@@ -1,18 +0,0 @@
-# Rack does not automatically cleanup Safari 2 AJAX POST body
-# This has not yet been commited to Rack, please +1 this ticket:
-# http://rack.lighthouseapp.com/projects/22435/tickets/19
-
-module Rack
- module Utils
- alias_method :parse_query_without_ajax_body_cleanup, :parse_query
- module_function :parse_query_without_ajax_body_cleanup
-
- def parse_query(qs, d = '&;')
- qs = qs.to_s.dup
- qs.chop! if qs[-1] == 0
- qs.gsub!(/&_=$/, '')
- parse_query_without_ajax_body_cleanup(qs, d)
- end
- module_function :parse_query
- end
-end
diff --git a/actionpack/lib/action_dispatch/utils/middleware_stack.rb b/actionpack/lib/action_dispatch/utils/middleware_stack.rb
index 924e3dbbc2..ee5f28d5cb 100644
--- a/actionpack/lib/action_dispatch/utils/middleware_stack.rb
+++ b/actionpack/lib/action_dispatch/utils/middleware_stack.rb
@@ -27,7 +27,9 @@ module ActionDispatch
end
def klass
- if @klass.is_a?(Class)
+ if @klass.respond_to?(:call)
+ @klass.call
+ elsif @klass.is_a?(Class)
@klass
else
@klass.to_s.constantize
@@ -37,6 +39,8 @@ module ActionDispatch
end
def active?
+ return false unless klass
+
if @conditional.respond_to?(:call)
@conditional.call
else
@@ -63,11 +67,17 @@ module ActionDispatch
def build(app)
if block
- klass.new(app, *args, &block)
+ klass.new(app, *build_args, &block)
else
- klass.new(app, *args)
+ klass.new(app, *build_args)
end
end
+
+ private
+
+ def build_args
+ Array(args).map { |arg| arg.respond_to?(:call) ? arg.call : arg }
+ end
end
def initialize(*args, &block)
diff --git a/actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb b/actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb
deleted file mode 100644
index f2e832a977..0000000000
--- a/actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb
+++ /dev/null
@@ -1,155 +0,0 @@
-module ActionDispatch
- class UrlEncodedPairParser < StringScanner #:nodoc:
- class << self
- def parse_query_parameters(query_string)
- return {} if query_string.blank?
-
- pairs = query_string.split('&').collect do |chunk|
- next if chunk.empty?
- key, value = chunk.split('=', 2)
- next if key.empty?
- value = value.nil? ? nil : CGI.unescape(value)
- [ CGI.unescape(key), value ]
- end.compact
-
- new(pairs).result
- end
-
- def parse_hash_parameters(params)
- parser = new
-
- params = params.dup
- until params.empty?
- for key, value in params
- if key.blank?
- params.delete(key)
- elsif value.is_a?(Array)
- parser.parse(key, get_typed_value(value.shift))
- params.delete(key) if value.empty?
- else
- parser.parse(key, get_typed_value(value))
- params.delete(key)
- end
- end
- end
-
- parser.result
- end
-
- private
- def get_typed_value(value)
- case value
- when String
- value
- when NilClass
- ''
- when Array
- value.map { |v| get_typed_value(v) }
- when Hash
- if value.has_key?(:tempfile) && value[:filename].any?
- upload = value[:tempfile]
- upload.extend(UploadedFile)
- upload.original_path = value[:filename]
- upload.content_type = value[:type]
- upload
- else
- nil
- end
- else
- raise "Unknown form value: #{value.inspect}"
- end
- end
- end
-
- attr_reader :top, :parent, :result
-
- def initialize(pairs = [])
- super('')
- @result = {}
- pairs.each { |key, value| parse(key, value) }
- end
-
- KEY_REGEXP = %r{([^\[\]=&]+)}
- BRACKETED_KEY_REGEXP = %r{\[([^\[\]=&]+)\]}
-
- # Parse the query string
- def parse(key, value)
- self.string = key
- @top, @parent = result, nil
-
- # First scan the bare key
- key = scan(KEY_REGEXP) or return
- key = post_key_check(key)
-
- # Then scan as many nestings as present
- until eos?
- r = scan(BRACKETED_KEY_REGEXP) or return
- key = self[1]
- key = post_key_check(key)
- end
-
- bind(key, value)
- end
-
- private
- # After we see a key, we must look ahead to determine our next action. Cases:
- #
- # [] follows the key. Then the value must be an array.
- # = follows the key. (A value comes next)
- # & or the end of string follows the key. Then the key is a flag.
- # otherwise, a hash follows the key.
- def post_key_check(key)
- if scan(/\[\]/) # a[b][] indicates that b is an array
- container(key, Array)
- nil
- elsif check(/\[[^\]]/) # a[b] indicates that a is a hash
- container(key, Hash)
- nil
- else # End of key? We do nothing.
- key
- end
- end
-
- # Add a container to the stack.
- def container(key, klass)
- type_conflict! klass, top[key] if top.is_a?(Hash) && top.key?(key) && ! top[key].is_a?(klass)
- value = bind(key, klass.new)
- type_conflict! klass, value unless value.is_a?(klass)
- push(value)
- end
-
- # Push a value onto the 'stack', which is actually only the top 2 items.
- def push(value)
- @parent, @top = @top, value
- end
-
- # Bind a key (which may be nil for items in an array) to the provided value.
- def bind(key, value)
- if top.is_a? Array
- if key
- if top[-1].is_a?(Hash) && ! top[-1].key?(key)
- top[-1][key] = value
- else
- top << {key => value}.with_indifferent_access
- end
- push top.last
- return top[key]
- else
- top << value
- return value
- end
- elsif top.is_a? Hash
- key = CGI.unescape(key)
- parent << (@top = {}) if top.key?(key) && parent.is_a?(Array)
- top[key] ||= value
- return top[key]
- else
- raise ArgumentError, "Don't know what to do: top is #{top.inspect}"
- end
- end
-
- def type_conflict!(klass, value)
- raise TypeError, "Conflicting types for parameter containers. Expected an instance of #{klass} but found an instance of #{value.class}. This can be caused by colliding Array and Hash parameters like qs[]=value&qs[key]=value. (The parameters received were #{value.inspect}.)"
- end
- end
-end
diff --git a/actionpack/lib/action_pack/version.rb b/actionpack/lib/action_pack/version.rb
index f20e44a7d5..e0aa2a5f2f 100644
--- a/actionpack/lib/action_pack/version.rb
+++ b/actionpack/lib/action_pack/version.rb
@@ -2,7 +2,7 @@ module ActionPack #:nodoc:
module VERSION #:nodoc:
MAJOR = 2
MINOR = 3
- TINY = 0
+ TINY = 2
STRING = [MAJOR, MINOR, TINY].join('.')
end
diff --git a/actionpack/lib/action_view/base.rb b/actionpack/lib/action_view/base.rb
index ada9052073..efed19a21d 100644
--- a/actionpack/lib/action_view/base.rb
+++ b/actionpack/lib/action_view/base.rb
@@ -182,6 +182,15 @@ module ActionView #:nodoc:
# that alert()s the caught exception (and then re-raises it).
cattr_accessor :debug_rjs
+ # Specify whether templates should be cached. Otherwise the file we be read everytime it is accessed.
+ # Automatically reloading templates are not thread safe and should only be used in development mode.
+ @@cache_template_loading = nil
+ cattr_accessor :cache_template_loading
+
+ def self.cache_template_loading?
+ ActionController::Base.allow_concurrency || (cache_template_loading.nil? ? !ActiveSupport::Dependencies.load? : cache_template_loading)
+ end
+
attr_internal :request
delegate :controller_path, :to => :controller, :allow_nil => true
@@ -217,10 +226,12 @@ module ActionView #:nodoc:
@formats = formats || [:html]
@assigns = assigns_for_first_render
@assigns_added = nil
- @_render_stack = []
@controller = controller
@helpers = ProxyModule.new(self)
self.view_paths = view_paths
+
+ @_first_render = nil
+ @_current_render = nil
end
attr_reader :view_paths
@@ -232,7 +243,25 @@ module ActionView #:nodoc:
# Access the current template being rendered.
# Returns a ActionView::Template object.
def template
- @_render_stack.last
+ @_current_render
+ end
+
+ def template=(template) #:nodoc:
+ @_first_render ||= template
+ @_current_render = template
+ end
+
+ def with_template(current_template)
+ last_template, self.template = template, current_template
+ yield
+ ensure
+ self.template = last_template
+ end
+
+ def punctuate_body!(part)
+ flush_output_buffer
+ response.body_parts << part
+ nil
end
private
diff --git a/actionpack/lib/action_view/helpers/active_record_helper.rb b/actionpack/lib/action_view/helpers/active_record_helper.rb
index 8b56d241ae..7c0dfdab10 100644
--- a/actionpack/lib/action_view/helpers/active_record_helper.rb
+++ b/actionpack/lib/action_view/helpers/active_record_helper.rb
@@ -121,7 +121,7 @@ module ActionView
if (obj = (object.respond_to?(:errors) ? object : instance_variable_get("@#{object}"))) &&
(errors = obj.errors.on(method))
content_tag("div",
- "#{options[:prepend_text]}#{errors.is_a?(Array) ? errors.first : errors}#{options[:append_text]}",
+ "#{options[:prepend_text]}#{ERB::Util.html_escape(errors.is_a?(Array) ? errors.first : errors)}#{options[:append_text]}",
:class => options[:css_class]
)
else
@@ -194,11 +194,11 @@ module ActionView
options[:header_message]
else
object_name = options[:object_name].to_s.gsub('_', ' ')
- object_name = I18n.t(object_name, :default => object_name, :scope => [:activerecord, :models], :count => 1)
+ object_name = I18n.t(options[:object_name].to_s, :default => object_name, :scope => [:activerecord, :models], :count => 1)
locale.t :header, :count => count, :model => object_name
end
message = options.include?(:message) ? options[:message] : locale.t(:body)
- error_messages = objects.sum {|object| object.errors.full_messages.map {|msg| content_tag(:li, msg) } }.join
+ error_messages = objects.sum {|object| object.errors.full_messages.map {|msg| content_tag(:li, ERB::Util.html_escape(msg)) } }.join
contents = ''
contents << content_tag(options[:header_tag] || :h2, header_message) unless header_message.blank?
diff --git a/actionpack/lib/action_view/helpers/asset_tag_helper.rb b/actionpack/lib/action_view/helpers/asset_tag_helper.rb
index f6abea38ed..a32beb6100 100644
--- a/actionpack/lib/action_view/helpers/asset_tag_helper.rb
+++ b/actionpack/lib/action_view/helpers/asset_tag_helper.rb
@@ -516,7 +516,8 @@ module ActionView
def compute_public_path(source, dir, ext = nil, include_host = true)
has_request = @controller.respond_to?(:request)
- if ext && (File.extname(source).blank? || File.exist?(File.join(ASSETS_DIR, dir, "#{source}.#{ext}")))
+ source_ext = File.extname(source)[1..-1]
+ if ext && (source_ext.blank? || (ext != source_ext && File.exist?(File.join(ASSETS_DIR, dir, "#{source}.#{ext}"))))
source += ".#{ext}"
end
diff --git a/actionpack/lib/action_view/helpers/atom_feed_helper.rb b/actionpack/lib/action_view/helpers/atom_feed_helper.rb
index cd25684940..dc4497581c 100644
--- a/actionpack/lib/action_view/helpers/atom_feed_helper.rb
+++ b/actionpack/lib/action_view/helpers/atom_feed_helper.rb
@@ -30,7 +30,7 @@ module ActionView
# app/views/posts/index.atom.builder:
# atom_feed do |feed|
# feed.title("My great blog!")
- # feed.updated((@posts.first.created_at))
+ # feed.updated(@posts.first.created_at)
#
# for post in @posts
# feed.entry(post) do |entry|
diff --git a/actionpack/lib/action_view/helpers/capture_helper.rb b/actionpack/lib/action_view/helpers/capture_helper.rb
index e86ca27f31..9e39536653 100644
--- a/actionpack/lib/action_view/helpers/capture_helper.rb
+++ b/actionpack/lib/action_view/helpers/capture_helper.rb
@@ -131,6 +131,14 @@ module ActionView
ensure
self.output_buffer = old_buffer
end
+
+ # Add the output buffer to the response body and start a new one.
+ def flush_output_buffer #:nodoc:
+ if output_buffer && output_buffer != ''
+ response.body_parts << output_buffer
+ self.output_buffer = ''
+ end
+ end
end
end
end
diff --git a/actionpack/lib/action_view/helpers/date_helper.rb b/actionpack/lib/action_view/helpers/date_helper.rb
index b4c1adbe76..c74909a360 100644
--- a/actionpack/lib/action_view/helpers/date_helper.rb
+++ b/actionpack/lib/action_view/helpers/date_helper.rb
@@ -876,8 +876,8 @@ module ActionView
input_name_from_type(type).gsub(/([\[\(])|(\]\[)/, '_').gsub(/[\]\)]/, '')
end
- # Given an ordering of datetime components, create the selection html
- # and join them with their appropriate seperators
+ # Given an ordering of datetime components, create the selection HTML
+ # and join them with their appropriate separators.
def build_selects_from_types(order)
select = ''
order.reverse.each do |type|
@@ -931,7 +931,7 @@ module ActionView
end
def default_datetime(options)
- return if options[:include_blank]
+ return if options[:include_blank] || options[:prompt]
case options[:default]
when nil
diff --git a/actionpack/lib/action_view/helpers/form_helper.rb b/actionpack/lib/action_view/helpers/form_helper.rb
index a85751c657..a59829b23f 100644
--- a/actionpack/lib/action_view/helpers/form_helper.rb
+++ b/actionpack/lib/action_view/helpers/form_helper.rb
@@ -5,17 +5,24 @@ require 'action_view/helpers/form_tag_helper'
module ActionView
module Helpers
- # Form helpers are designed to make working with models much easier compared to using just standard HTML
- # elements by providing a set of methods for creating forms based on your models. This helper generates the HTML
- # for forms, providing a method for each sort of input (e.g., text, password, select, and so on). When the form
- # is submitted (i.e., when the user hits the submit button or <tt>form.submit</tt> is called via JavaScript), the form inputs will be bundled into the <tt>params</tt> object and passed back to the controller.
+ # Form helpers are designed to make working with models much easier
+ # compared to using just standard HTML elements by providing a set of
+ # methods for creating forms based on your models. This helper generates
+ # the HTML for forms, providing a method for each sort of input
+ # (e.g., text, password, select, and so on). When the form is submitted
+ # (i.e., when the user hits the submit button or <tt>form.submit</tt> is
+ # called via JavaScript), the form inputs will be bundled into the
+ # <tt>params</tt> object and passed back to the controller.
#
- # There are two types of form helpers: those that specifically work with model attributes and those that don't.
- # This helper deals with those that work with model attributes; to see an example of form helpers that don't work
- # with model attributes, check the ActionView::Helpers::FormTagHelper documentation.
+ # There are two types of form helpers: those that specifically work with
+ # model attributes and those that don't. This helper deals with those that
+ # work with model attributes; to see an example of form helpers that don't
+ # work with model attributes, check the ActionView::Helpers::FormTagHelper
+ # documentation.
#
- # The core method of this helper, form_for, gives you the ability to create a form for a model instance;
- # for example, let's say that you have a model <tt>Person</tt> and want to create a new instance of it:
+ # The core method of this helper, form_for, gives you the ability to create
+ # a form for a model instance; for example, let's say that you have a model
+ # <tt>Person</tt> and want to create a new instance of it:
#
# # Note: a @person variable will have been created in the controller.
# # For example: @person = Person.new
@@ -40,17 +47,22 @@ module ActionView
# <%= submit_tag 'Create' %>
# <% end %>
#
- # This example will render the <tt>people/_form</tt> partial, setting a local variable called <tt>form</tt> which references the yielded FormBuilder.
- #
- # The <tt>params</tt> object created when this form is submitted would look like:
+ # This example will render the <tt>people/_form</tt> partial, setting a
+ # local variable called <tt>form</tt> which references the yielded
+ # FormBuilder. The <tt>params</tt> object created when this form is
+ # submitted would look like:
#
# {"action"=>"create", "controller"=>"persons", "person"=>{"first_name"=>"William", "last_name"=>"Smith"}}
#
- # The params hash has a nested <tt>person</tt> value, which can therefore be accessed with <tt>params[:person]</tt> in the controller.
- # If were editing/updating an instance (e.g., <tt>Person.find(1)</tt> rather than <tt>Person.new</tt> in the controller), the objects
- # attribute values are filled into the form (e.g., the <tt>person_first_name</tt> field would have that person's first name in it).
+ # The params hash has a nested <tt>person</tt> value, which can therefore
+ # be accessed with <tt>params[:person]</tt> in the controller. If were
+ # editing/updating an instance (e.g., <tt>Person.find(1)</tt> rather than
+ # <tt>Person.new</tt> in the controller), the objects attribute values are
+ # filled into the form (e.g., the <tt>person_first_name</tt> field would
+ # have that person's first name in it).
#
- # If the object name contains square brackets the id for the object will be inserted. For example:
+ # If the object name contains square brackets the id for the object will be
+ # inserted. For example:
#
# <%= text_field "person[]", "name" %>
#
@@ -58,8 +70,10 @@ module ActionView
#
# <input type="text" id="person_<%= @person.id %>_name" name="person[<%= @person.id %>][name]" value="<%= @person.name %>" />
#
- # If the helper is being used to generate a repetitive sequence of similar form elements, for example in a partial
- # used by <tt>render_collection_of_partials</tt>, the <tt>index</tt> option may come in handy. Example:
+ # If the helper is being used to generate a repetitive sequence of similar
+ # form elements, for example in a partial used by
+ # <tt>render_collection_of_partials</tt>, the <tt>index</tt> option may
+ # come in handy. Example:
#
# <%= text_field "person", "name", "index" => 1 %>
#
@@ -67,14 +81,17 @@ module ActionView
#
# <input type="text" id="person_1_name" name="person[1][name]" value="<%= @person.name %>" />
#
- # An <tt>index</tt> option may also be passed to <tt>form_for</tt> and <tt>fields_for</tt>. This automatically applies
- # the <tt>index</tt> to all the nested fields.
+ # An <tt>index</tt> option may also be passed to <tt>form_for</tt> and
+ # <tt>fields_for</tt>. This automatically applies the <tt>index</tt> to
+ # all the nested fields.
#
- # There are also methods for helping to build form tags in link:classes/ActionView/Helpers/FormOptionsHelper.html,
- # link:classes/ActionView/Helpers/DateHelper.html, and link:classes/ActionView/Helpers/ActiveRecordHelper.html
+ # There are also methods for helping to build form tags in
+ # link:classes/ActionView/Helpers/FormOptionsHelper.html,
+ # link:classes/ActionView/Helpers/DateHelper.html, and
+ # link:classes/ActionView/Helpers/ActiveRecordHelper.html
module FormHelper
- # Creates a form and a scope around a specific model object that is used as
- # a base for questioning about values for the fields.
+ # Creates a form and a scope around a specific model object that is used
+ # as a base for questioning about values for the fields.
#
# Rails provides succinct resource-oriented form generation with +form_for+
# like this:
@@ -86,13 +103,15 @@ module ActionView
# <%= f.text_field :author %><br />
# <% end %>
#
- # There, +form_for+ is able to generate the rest of RESTful form parameters
- # based on introspection on the record, but to understand what it does we
- # need to dig first into the alternative generic usage it is based upon.
+ # There, +form_for+ is able to generate the rest of RESTful form
+ # parameters based on introspection on the record, but to understand what
+ # it does we need to dig first into the alternative generic usage it is
+ # based upon.
#
# === Generic form_for
#
- # The generic way to call +form_for+ yields a form builder around a model:
+ # The generic way to call +form_for+ yields a form builder around a
+ # model:
#
# <% form_for :person, :url => { :action => "update" } do |f| %>
# <%= f.error_messages %>
@@ -103,8 +122,8 @@ module ActionView
# <% end %>
#
# There, the first argument is a symbol or string with the name of the
- # object the form is about, and also the name of the instance variable the
- # object is stored in.
+ # object the form is about, and also the name of the instance variable
+ # the object is stored in.
#
# The form builder acts as a regular form helper that somehow carries the
# model. Thus, the idea is that
@@ -137,17 +156,18 @@ module ActionView
# In any of its variants, the rightmost argument to +form_for+ is an
# optional hash of options:
#
- # * <tt>:url</tt> - The URL the form is submitted to. It takes the same fields
- # you pass to +url_for+ or +link_to+. In particular you may pass here a
- # named route directly as well. Defaults to the current action.
+ # * <tt>:url</tt> - The URL the form is submitted to. It takes the same
+ # fields you pass to +url_for+ or +link_to+. In particular you may pass
+ # here a named route directly as well. Defaults to the current action.
# * <tt>:html</tt> - Optional HTML attributes for the form tag.
#
- # Worth noting is that the +form_for+ tag is called in a ERb evaluation block,
- # not an ERb output block. So that's <tt><% %></tt>, not <tt><%= %></tt>.
+ # Worth noting is that the +form_for+ tag is called in a ERb evaluation
+ # block, not an ERb output block. So that's <tt><% %></tt>, not
+ # <tt><%= %></tt>.
#
# Also note that +form_for+ doesn't create an exclusive scope. It's still
- # possible to use both the stand-alone FormHelper methods and methods from
- # FormTagHelper. For example:
+ # possible to use both the stand-alone FormHelper methods and methods
+ # from FormTagHelper. For example:
#
# <% form_for :person, @person, :url => { :action => "update" } do |f| %>
# First name: <%= f.text_field :first_name %>
@@ -156,16 +176,16 @@ module ActionView
# Admin? : <%= check_box_tag "person[admin]", @person.company.admin? %>
# <% end %>
#
- # This also works for the methods in FormOptionHelper and DateHelper that are
- # designed to work with an object as base, like FormOptionHelper#collection_select
- # and DateHelper#datetime_select.
+ # This also works for the methods in FormOptionHelper and DateHelper that
+ # are designed to work with an object as base, like
+ # FormOptionHelper#collection_select and DateHelper#datetime_select.
#
# === Resource-oriented style
#
- # As we said above, in addition to manually configuring the +form_for+ call,
- # you can rely on automated resource identification, which will use the conventions
- # and named routes of that approach. This is the preferred way to use +form_for+
- # nowadays.
+ # As we said above, in addition to manually configuring the +form_for+
+ # call, you can rely on automated resource identification, which will use
+ # the conventions and named routes of that approach. This is the
+ # preferred way to use +form_for+ nowadays.
#
# For example, if <tt>@post</tt> is an existing record you want to edit
#
@@ -205,8 +225,10 @@ module ActionView
#
# === Customized form builders
#
- # You can also build forms using a customized FormBuilder class. Subclass FormBuilder and override or define some more helpers,
- # then use your custom builder. For example, let's say you made a helper to automatically add labels to form inputs.
+ # You can also build forms using a customized FormBuilder class. Subclass
+ # FormBuilder and override or define some more helpers, then use your
+ # custom builder. For example, let's say you made a helper to
+ # automatically add labels to form inputs.
#
# <% form_for :person, @person, :url => { :action => "update" }, :builder => LabellingFormBuilder do |f| %>
# <%= f.text_field :first_name %>
@@ -219,16 +241,23 @@ module ActionView
#
# <%= render :partial => f %>
#
- # The rendered template is <tt>people/_labelling_form</tt> and the local variable referencing the form builder is called <tt>labelling_form</tt>.
+ # The rendered template is <tt>people/_labelling_form</tt> and the local
+ # variable referencing the form builder is called
+ # <tt>labelling_form</tt>.
+ #
+ # The custom FormBuilder class is automatically merged with the options
+ # of a nested fields_for call, unless it's explicitely set.
#
- # In many cases you will want to wrap the above in another helper, so you could do something like the following:
+ # In many cases you will want to wrap the above in another helper, so you
+ # could do something like the following:
#
# def labelled_form_for(record_or_name_or_array, *args, &proc)
# options = args.extract_options!
# form_for(record_or_name_or_array, *(args << options.merge(:builder => LabellingFormBuilder)), &proc)
# end
#
- # If you don't need to attach a form to a model instance, then check out FormTagHelper#form_tag.
+ # If you don't need to attach a form to a model instance, then check out
+ # FormTagHelper#form_tag.
def form_for(record_or_name_or_array, *args, &proc)
raise ArgumentError, "Missing block" unless block_given?
@@ -269,10 +298,12 @@ module ActionView
options[:url] ||= polymorphic_path(object_or_array)
end
- # Creates a scope around a specific model object like form_for, but doesn't create the form tags themselves. This makes
- # fields_for suitable for specifying additional model objects in the same form:
+ # Creates a scope around a specific model object like form_for, but
+ # doesn't create the form tags themselves. This makes fields_for suitable
+ # for specifying additional model objects in the same form.
+ #
+ # === Generic Examples
#
- # ==== Examples
# <% form_for @person, :url => { :action => "update" } do |person_form| %>
# First name: <%= person_form.text_field :first_name %>
# Last name : <%= person_form.text_field :last_name %>
@@ -282,20 +313,166 @@ module ActionView
# <% end %>
# <% end %>
#
- # ...or if you have an object that needs to be represented as a different parameter, like a Client that acts as a Person:
+ # ...or if you have an object that needs to be represented as a different
+ # parameter, like a Client that acts as a Person:
#
# <% fields_for :person, @client do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
- # ...or if you don't have an object, just a name of the parameter
+ # ...or if you don't have an object, just a name of the parameter:
#
# <% fields_for :person do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
- # Note: This also works for the methods in FormOptionHelper and DateHelper that are designed to work with an object as base,
- # like FormOptionHelper#collection_select and DateHelper#datetime_select.
+ # Note: This also works for the methods in FormOptionHelper and
+ # DateHelper that are designed to work with an object as base, like
+ # FormOptionHelper#collection_select and DateHelper#datetime_select.
+ #
+ # === Nested Attributes Examples
+ #
+ # When the object belonging to the current scope has a nested attribute
+ # writer for a certain attribute, fields_for will yield a new scope
+ # for that attribute. This allows you to create forms that set or change
+ # the attributes of a parent object and its associations in one go.
+ #
+ # Nested attribute writers are normal setter methods named after an
+ # association. The most common way of defining these writers is either
+ # with +accepts_nested_attributes_for+ in a model definition or by
+ # defining a method with the proper name. For example: the attribute
+ # writer for the association <tt>:address</tt> is called
+ # <tt>address_attributes=</tt>.
+ #
+ # Whether a one-to-one or one-to-many style form builder will be yielded
+ # depends on whether the normal reader method returns a _single_ object
+ # or an _array_ of objects.
+ #
+ # ==== One-to-one
+ #
+ # Consider a Person class which returns a _single_ Address from the
+ # <tt>address</tt> reader method and responds to the
+ # <tt>address_attributes=</tt> writer method:
+ #
+ # class Person
+ # def address
+ # @address
+ # end
+ #
+ # def address_attributes=(attributes)
+ # # Process the attributes hash
+ # end
+ # end
+ #
+ # This model can now be used with a nested fields_for, like so:
+ #
+ # <% form_for @person, :url => { :action => "update" } do |person_form| %>
+ # ...
+ # <% person_form.fields_for :address do |address_fields| %>
+ # Street : <%= address_fields.text_field :street %>
+ # Zip code: <%= address_fields.text_field :zip_code %>
+ # <% end %>
+ # <% end %>
+ #
+ # When address is already an association on a Person you can use
+ # +accepts_nested_attributes_for+ to define the writer method for you:
+ #
+ # class Person < ActiveRecord::Base
+ # has_one :address
+ # accepts_nested_attributes_for :address
+ # end
+ #
+ # If you want to destroy the associated model through the form, you have
+ # to enable it first using the <tt>:allow_destroy</tt> option for
+ # +accepts_nested_attributes_for+:
+ #
+ # class Person < ActiveRecord::Base
+ # has_one :address
+ # accepts_nested_attributes_for :address, :allow_destroy => true
+ # end
+ #
+ # Now, when you use a form element with the <tt>_delete</tt> parameter,
+ # with a value that evaluates to +true+, you will destroy the associated
+ # model (eg. 1, '1', true, or 'true'):
+ #
+ # <% form_for @person, :url => { :action => "update" } do |person_form| %>
+ # ...
+ # <% person_form.fields_for :address do |address_fields| %>
+ # ...
+ # Delete: <%= address_fields.check_box :_delete %>
+ # <% end %>
+ # <% end %>
+ #
+ # ==== One-to-many
+ #
+ # Consider a Person class which returns an _array_ of Project instances
+ # from the <tt>projects</tt> reader method and responds to the
+ # <tt>projects_attributes=</tt> writer method:
+ #
+ # class Person
+ # def projects
+ # [@project1, @project2]
+ # end
+ #
+ # def projects_attributes=(attributes)
+ # # Process the attributes hash
+ # end
+ # end
+ #
+ # This model can now be used with a nested fields_for. The block given to
+ # the nested fields_for call will be repeated for each instance in the
+ # collection:
+ #
+ # <% form_for @person, :url => { :action => "update" } do |person_form| %>
+ # ...
+ # <% person_form.fields_for :projects do |project_fields| %>
+ # <% if project_fields.object.active? %>
+ # Name: <%= project_fields.text_field :name %>
+ # <% end %>
+ # <% end %>
+ # <% end %>
+ #
+ # It's also possible to specify the instance to be used:
+ #
+ # <% form_for @person, :url => { :action => "update" } do |person_form| %>
+ # ...
+ # <% @person.projects.each do |project| %>
+ # <% if project.active? %>
+ # <% person_form.fields_for :projects, project do |project_fields| %>
+ # Name: <%= project_fields.text_field :name %>
+ # <% end %>
+ # <% end %>
+ # <% end %>
+ # <% end %>
+ #
+ # When projects is already an association on Person you can use
+ # +accepts_nested_attributes_for+ to define the writer method for you:
+ #
+ # class Person < ActiveRecord::Base
+ # has_many :projects
+ # accepts_nested_attributes_for :projects
+ # end
+ #
+ # If you want to destroy any of the associated models through the
+ # form, you have to enable it first using the <tt>:allow_destroy</tt>
+ # option for +accepts_nested_attributes_for+:
+ #
+ # class Person < ActiveRecord::Base
+ # has_many :projects
+ # accepts_nested_attributes_for :projects, :allow_destroy => true
+ # end
+ #
+ # This will allow you to specify which models to destroy in the
+ # attributes hash by adding a form element for the <tt>_delete</tt>
+ # parameter with a value that evaluates to +true+
+ # (eg. 1, '1', true, or 'true'):
+ #
+ # <% form_for @person, :url => { :action => "update" } do |person_form| %>
+ # ...
+ # <% person_form.fields_for :projects do |project_fields| %>
+ # Delete: <%= project_fields.check_box :_delete %>
+ # <% end %>
+ # <% end %>
def fields_for(record_or_name_or_array, *args, &block)
raise ArgumentError, "Missing block" unless block_given?
options = args.extract_options!
@@ -451,7 +628,7 @@ module ActionView
#
# The HTML specification says unchecked check boxes are not successful, and
# thus web browsers do not send them. Unfortunately this introduces a gotcha:
- # if an Invoice model has a +paid+ flag, and in the form that edits a paid
+ # if an +Invoice+ model has a +paid+ flag, and in the form that edits a paid
# invoice the user unchecks its check box, no +paid+ parameter is sent. So,
# any mass-assignment idiom like
#
@@ -459,12 +636,15 @@ module ActionView
#
# wouldn't update the flag.
#
- # To prevent this the helper generates a hidden field with the same name as
- # the checkbox after the very check box. So, the client either sends only the
- # hidden field (representing the check box is unchecked), or both fields.
- # Since the HTML specification says key/value pairs have to be sent in the
- # same order they appear in the form and Rails parameters extraction always
- # gets the first occurrence of any given key, that works in ordinary forms.
+ # To prevent this the helper generates an auxiliary hidden field before
+ # the very check box. The hidden field has the same name and its
+ # attributes mimick an unchecked check box.
+ #
+ # This way, the client either sends only the hidden field (representing
+ # the check box is unchecked), or both fields. Since the HTML specification
+ # says key/value pairs have to be sent in the same order they appear in the
+ # form, and parameters extraction gets the last occurrence of any repeated
+ # key in the query string, that works for ordinary forms.
#
# Unfortunately that workaround does not work when the check box goes
# within an array-like parameter, as in
@@ -475,22 +655,26 @@ module ActionView
# <% end %>
#
# because parameter name repetition is precisely what Rails seeks to distinguish
- # the elements of the array.
+ # the elements of the array. For each item with a checked check box you
+ # get an extra ghost item with only that attribute, assigned to "0".
+ #
+ # In that case it is preferable to either use +check_box_tag+ or to use
+ # hashes instead of arrays.
#
# ==== Examples
# # Let's say that @post.validated? is 1:
# check_box("post", "validated")
- # # => <input type="checkbox" id="post_validated" name="post[validated]" value="1" />
- # # <input name="post[validated]" type="hidden" value="0" />
+ # # => <input name="post[validated]" type="hidden" value="0" />
+ # # <input type="checkbox" id="post_validated" name="post[validated]" value="1" />
#
# # Let's say that @puppy.gooddog is "no":
# check_box("puppy", "gooddog", {}, "yes", "no")
- # # => <input type="checkbox" id="puppy_gooddog" name="puppy[gooddog]" value="yes" />
- # # <input name="puppy[gooddog]" type="hidden" value="no" />
+ # # => <input name="puppy[gooddog]" type="hidden" value="no" />
+ # # <input type="checkbox" id="puppy_gooddog" name="puppy[gooddog]" value="yes" />
#
# check_box("eula", "accepted", { :class => 'eula_check' }, "yes", "no")
- # # => <input type="checkbox" class="eula_check" id="eula_accepted" name="eula[accepted]" value="yes" />
- # # <input name="eula[accepted]" type="hidden" value="no" />
+ # # => <input name="eula[accepted]" type="hidden" value="no" />
+ # # <input type="checkbox" class="eula_check" id="eula_accepted" name="eula[accepted]" value="yes" />
#
def check_box(object_name, method, options = {}, checked_value = "1", unchecked_value = "0")
InstanceTag.new(object_name, method, self, options.delete(:object)).to_check_box_tag(options, checked_value, unchecked_value)
@@ -498,8 +682,10 @@ module ActionView
# Returns a radio button tag for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). If the current value of +method+ is +tag_value+ the
- # radio button will be checked. Additional options on the input tag can be passed as a
- # hash with +options+.
+ # radio button will be checked.
+ #
+ # To force the radio button to be checked pass <tt>:checked => true</tt> in the
+ # +options+ hash. You may pass HTML options there as well.
#
# ==== Examples
# # Let's say that @post.category returns "rails":
@@ -605,7 +791,9 @@ module ActionView
end
options["checked"] = "checked" if checked
add_default_name_and_id(options)
- tag("input", options) << tag("input", "name" => options["name"], "type" => "hidden", "value" => options['disabled'] && checked ? checked_value : unchecked_value)
+ hidden = tag("input", "name" => options["name"], "type" => "hidden", "value" => options['disabled'] && checked ? checked_value : unchecked_value)
+ checkbox = tag("input", options)
+ hidden + checkbox
end
def to_boolean_select_tag(options = {})
@@ -758,9 +946,18 @@ module ActionView
index = ""
end
+ if options[:builder]
+ args << {} unless args.last.is_a?(Hash)
+ args.last[:builder] ||= options[:builder]
+ end
+
case record_or_name_or_array
when String, Symbol
- name = "#{object_name}#{index}[#{record_or_name_or_array}]"
+ if nested_attributes_association?(record_or_name_or_array)
+ return fields_for_with_nested_attributes(record_or_name_or_array, args, block)
+ else
+ name = "#{object_name}#{index}[#{record_or_name_or_array}]"
+ end
when Array
object = record_or_name_or_array.last
name = "#{object_name}#{index}[#{ActionController::RecordIdentifier.singular_class_name(object)}]"
@@ -802,6 +999,43 @@ module ActionView
def objectify_options(options)
@default_options.merge(options.merge(:object => @object))
end
+
+ def nested_attributes_association?(association_name)
+ @object.respond_to?("#{association_name}_attributes=")
+ end
+
+ def fields_for_with_nested_attributes(association_name, args, block)
+ name = "#{object_name}[#{association_name}_attributes]"
+ association = @object.send(association_name)
+ explicit_object = args.first if args.first.respond_to?(:new_record?)
+
+ if association.is_a?(Array)
+ children = explicit_object ? [explicit_object] : association
+ explicit_child_index = args.last[:child_index] if args.last.is_a?(Hash)
+
+ children.map do |child|
+ fields_for_nested_model("#{name}[#{explicit_child_index || nested_child_index}]", child, args, block)
+ end.join
+ else
+ fields_for_nested_model(name, explicit_object || association, args, block)
+ end
+ end
+
+ def fields_for_nested_model(name, object, args, block)
+ if object.new_record?
+ @template.fields_for(name, object, *args, &block)
+ else
+ @template.fields_for(name, object, *args) do |builder|
+ @template.concat builder.hidden_field(:id)
+ block.call(builder)
+ end
+ end
+ end
+
+ def nested_child_index
+ @nested_child_index ||= -1
+ @nested_child_index += 1
+ end
end
end
@@ -809,4 +1043,4 @@ module ActionView
cattr_accessor :default_form_builder
self.default_form_builder = ::ActionView::Helpers::FormBuilder
end
-end
+end \ No newline at end of file
diff --git a/actionpack/lib/action_view/helpers/form_options_helper.rb b/actionpack/lib/action_view/helpers/form_options_helper.rb
index 54c82cbd1d..6b385ef77d 100644
--- a/actionpack/lib/action_view/helpers/form_options_helper.rb
+++ b/actionpack/lib/action_view/helpers/form_options_helper.rb
@@ -6,9 +6,7 @@ module ActionView
module Helpers
# Provides a number of methods for turning different kinds of containers into a set of option tags.
# == Options
- # The <tt>collection_select</tt>, <tt>country_select</tt>, <tt>select</tt>,
- # and <tt>time_zone_select</tt> methods take an <tt>options</tt> parameter,
- # a hash.
+ # The <tt>collection_select</tt>, <tt>select</tt> and <tt>time_zone_select</tt> methods take an <tt>options</tt> parameter, a hash:
#
# * <tt>:include_blank</tt> - set to true or a prompt string if the first option element of the select element is a blank. Useful if there is not a default value required for the select element.
#
@@ -28,7 +26,7 @@ module ActionView
#
# Example with @post.person_id => 2:
#
- # select("post", "person_id", Person.find(:all).collect {|p| [ p.name, p.id ] }, {:include_blank => 'None'})
+ # select("post", "person_id", Person.all.collect {|p| [ p.name, p.id ] }, {:include_blank => 'None'})
#
# could become:
#
@@ -43,7 +41,7 @@ module ActionView
#
# Example:
#
- # select("post", "person_id", Person.find(:all).collect {|p| [ p.name, p.id ] }, {:prompt => 'Select Person'})
+ # select("post", "person_id", Person.all.collect {|p| [ p.name, p.id ] }, {:prompt => 'Select Person'})
#
# could become:
#
@@ -68,6 +66,36 @@ module ActionView
# <option value="rock">rock</option>
# <option value="country">country</option>
# </select>
+ #
+ # * <tt>:disabled</tt> - can be a single value or an array of values that will be disabled options in the final output.
+ #
+ # Example:
+ #
+ # select("post", "category", Post::CATEGORIES, {:disabled => 'restricted'})
+ #
+ # could become:
+ #
+ # <select name="post[category]">
+ # <option></option>
+ # <option>joke</option>
+ # <option>poem</option>
+ # <option disabled="disabled">restricted</option>
+ # </select>
+ #
+ # When used with the <tt>collection_select</tt> helper, <tt>:disabled</tt> can also be a Proc that identifies those options that should be disabled.
+ #
+ # Example:
+ #
+ # collection_select(:post, :category_id, Category.all, :id, :name, {:disabled => lambda{|category| category.archived? }})
+ #
+ # If the categories "2008 stuff" and "Christmas" return true when the method <tt>archived?</tt> is called, this would return:
+ # <select name="post[category_id]">
+ # <option value="1" disabled="disabled">2008 stuff</option>
+ # <option value="2" disabled="disabled">Christmas</option>
+ # <option value="3">Jokes</option>
+ # <option value="4">Poems</option>
+ # </select>
+ #
module FormOptionsHelper
include ERB::Util
@@ -76,7 +104,7 @@ module ActionView
# See options_for_select for the required format of the choices parameter.
#
# Example with @post.person_id => 1:
- # select("post", "person_id", Person.find(:all).collect {|p| [ p.name, p.id ] }, { :include_blank => true })
+ # select("post", "person_id", Person.all.collect {|p| [ p.name, p.id ] }, { :include_blank => true })
#
# could become:
#
@@ -94,7 +122,8 @@ module ActionView
# In addition, this allows a single partial to be used to generate form inputs for both edit and create forms.
#
# By default, <tt>post.person_id</tt> is the selected option. Specify <tt>:selected => value</tt> to use a different selection
- # or <tt>:selected => nil</tt> to leave all options unselected.
+ # or <tt>:selected => nil</tt> to leave all options unselected. Similarly, you can specify values to be disabled in the option
+ # tags by specifying the <tt>:disabled</tt> option. This can either be a single value or an array of values to be disabled.
def select(object, method, choices, options = {}, html_options = {})
InstanceTag.new(object, method, self, options.delete(:object)).to_select_tag(choices, options, html_options)
end
@@ -120,7 +149,7 @@ module ActionView
# end
#
# Sample usage (selecting the associated Author for an instance of Post, <tt>@post</tt>):
- # collection_select(:post, :author_id, Author.find(:all), :id, :name_with_initial, {:prompt => true})
+ # collection_select(:post, :author_id, Author.all, :id, :name_with_initial, {:prompt => true})
#
# If <tt>@post.author_id</tt> is already <tt>1</tt>, this would return:
# <select name="post[author_id]">
@@ -186,14 +215,29 @@ module ActionView
# options_for_select([ "VISA", "MasterCard", "Discover" ], ["VISA", "Discover"])
# <option selected="selected">VISA</option>\n<option>MasterCard</option>\n<option selected="selected">Discover</option>
#
+ # If you wish to specify disabled option tags, set +selected+ to be a hash, with <tt>:disabled</tt> being either a value
+ # or array of values to be disabled. In this case, you can use <tt>:selected</tt> to specify selected option tags.
+ #
+ # Examples:
+ # options_for_select(["Free", "Basic", "Advanced", "Super Platinum"], :disabled => "Super Platinum")
+ # <option value="Free">Free</option>\n<option value="Basic">Basic</option>\n<option value="Advanced">Advanced</option>\n<option value="Super Platinum" disabled="disabled">Super Platinum</option>
+ #
+ # options_for_select(["Free", "Basic", "Advanced", "Super Platinum"], :disabled => ["Advanced", "Super Platinum"])
+ # <option value="Free">Free</option>\n<option value="Basic">Basic</option>\n<option value="Advanced" disabled="disabled">Advanced</option>\n<option value="Super Platinum" disabled="disabled">Super Platinum</option>
+ #
+ # options_for_select(["Free", "Basic", "Advanced", "Super Platinum"], :selected => "Free", :disabled => "Super Platinum")
+ # <option value="Free" selected="selected">Free</option>\n<option value="Basic">Basic</option>\n<option value="Advanced">Advanced</option>\n<option value="Super Platinum" disabled="disabled">Super Platinum</option>
+ #
# NOTE: Only the option tags are returned, you have to wrap this call in a regular HTML select tag.
def options_for_select(container, selected = nil)
container = container.to_a if Hash === container
+ selected, disabled = extract_selected_and_disabled(selected)
options_for_select = container.inject([]) do |options, element|
text, value = option_text_and_value(element)
selected_attribute = ' selected="selected"' if option_value_selected?(value, selected)
- options << %(<option value="#{html_escape(value.to_s)}"#{selected_attribute}>#{html_escape(text.to_s)}</option>)
+ disabled_attribute = ' disabled="disabled"' if disabled && option_value_selected?(value, disabled)
+ options << %(<option value="#{html_escape(value.to_s)}"#{selected_attribute}#{disabled_attribute}>#{html_escape(text.to_s)}</option>)
end
options_for_select.join("\n")
@@ -209,8 +253,15 @@ module ActionView
# This is more often than not used inside a #select_tag like this example:
# select_tag 'person', options_from_collection_for_select(@people, 'id', 'name')
#
- # If +selected+ is specified, the element returning a match on +value_method+ will get the selected option tag.
- # Be sure to specify the same class as the +value_method+ when specifying a selected option.
+ # If +selected+ is specified as a value or array of values, the element(s) returning a match on +value_method+
+ # will be selected option tag(s).
+ #
+ # If +selected+ is specified as a Proc, those members of the collection that return true for the anonymous
+ # function are the selected values.
+ #
+ # +selected+ can also be a hash, specifying both <tt>:selected</tt> and/or <tt>:disabled</tt> values as required.
+ #
+ # Be sure to specify the same class as the +value_method+ when specifying selected or disabled options.
# Failure to do this will produce undesired results. Example:
# options_from_collection_for_select(@people, 'id', 'name', '1')
# Will not select a person with the id of 1 because 1 (an Integer) is not the same as '1' (a string)
@@ -220,7 +271,12 @@ module ActionView
options = collection.map do |element|
[element.send(text_method), element.send(value_method)]
end
- options_for_select(options, selected)
+ selected, disabled = extract_selected_and_disabled(selected)
+ select_deselect = {}
+ select_deselect[:selected] = extract_values_from_collection(collection, value_method, selected)
+ select_deselect[:disabled] = extract_values_from_collection(collection, value_method, disabled)
+
+ options_for_select(options, select_deselect)
end
# Returns a string of <tt><option></tt> tags, like <tt>options_from_collection_for_select</tt>, but
@@ -238,7 +294,8 @@ module ActionView
# +collection+, returns a value to be used as the contents of its <tt><option></tt> tag.
# * +selected_key+ - A value equal to the +value+ attribute for one of the <tt><option></tt> tags,
# which will have the +selected+ attribute set. Corresponds to the return value of one of the calls
- # to +option_key_method+. If +nil+, no selection is made.
+ # to +option_key_method+. If +nil+, no selection is made. Can also be a hash if disabled values are
+ # to be specified.
#
# Example object structure for use with this method:
# class Continent < ActiveRecord::Base
@@ -388,6 +445,24 @@ module ActionView
value == selected
end
end
+
+ def extract_selected_and_disabled(selected)
+ if selected.is_a?(Hash)
+ [selected[:selected], selected[:disabled]]
+ else
+ [selected, nil]
+ end
+ end
+
+ def extract_values_from_collection(collection, value_method, selected)
+ if selected.is_a?(Proc)
+ collection.map do |element|
+ element.send(value_method) if selected.call(element)
+ end.compact
+ else
+ selected
+ end
+ end
end
class InstanceTag #:nodoc:
@@ -398,16 +473,18 @@ module ActionView
add_default_name_and_id(html_options)
value = value(object)
selected_value = options.has_key?(:selected) ? options[:selected] : value
- content_tag("select", add_options(options_for_select(choices, selected_value), options, selected_value), html_options)
+ disabled_value = options.has_key?(:disabled) ? options[:disabled] : nil
+ content_tag("select", add_options(options_for_select(choices, :selected => selected_value, :disabled => disabled_value), options, selected_value), html_options)
end
def to_collection_select_tag(collection, value_method, text_method, options, html_options)
html_options = html_options.stringify_keys
add_default_name_and_id(html_options)
value = value(object)
+ disabled_value = options.has_key?(:disabled) ? options[:disabled] : nil
selected_value = options.has_key?(:selected) ? options[:selected] : value
content_tag(
- "select", add_options(options_from_collection_for_select(collection, value_method, text_method, selected_value), options, value), html_options
+ "select", add_options(options_from_collection_for_select(collection, value_method, text_method, :selected => selected_value, :disabled => disabled_value), options, value), html_options
)
end
diff --git a/actionpack/lib/action_view/helpers/form_tag_helper.rb b/actionpack/lib/action_view/helpers/form_tag_helper.rb
index 4646bc118b..6d39a53adc 100644
--- a/actionpack/lib/action_view/helpers/form_tag_helper.rb
+++ b/actionpack/lib/action_view/helpers/form_tag_helper.rb
@@ -360,8 +360,8 @@ module ActionView
end
if confirm = options.delete("confirm")
- options["onclick"] ||= ''
- options["onclick"] << "return #{confirm_javascript_function(confirm)};"
+ options["onclick"] ||= 'return true;'
+ options["onclick"] = "if (!#{confirm_javascript_function(confirm)}) return false; #{options['onclick']}"
end
tag :input, { "type" => "submit", "name" => "commit", "value" => value }.update(options.stringify_keys)
diff --git a/actionpack/lib/action_view/helpers/number_helper.rb b/actionpack/lib/action_view/helpers/number_helper.rb
index e622f97b9e..dea958deaf 100644
--- a/actionpack/lib/action_view/helpers/number_helper.rb
+++ b/actionpack/lib/action_view/helpers/number_helper.rb
@@ -15,6 +15,7 @@ module ActionView
# * <tt>:country_code</tt> - Sets the country code for the phone number.
#
# ==== Examples
+ # number_to_phone(5551234) # => 555-1234
# number_to_phone(1235551234) # => 123-555-1234
# number_to_phone(1235551234, :area_code => true) # => (123) 555-1234
# number_to_phone(1235551234, :delimiter => " ") # => 123 555 1234
@@ -37,7 +38,8 @@ module ActionView
str << if area_code
number.gsub!(/([0-9]{1,3})([0-9]{3})([0-9]{4}$)/,"(\\1) \\2#{delimiter}\\3")
else
- number.gsub!(/([0-9]{1,3})([0-9]{3})([0-9]{4})$/,"\\1#{delimiter}\\2#{delimiter}\\3")
+ number.gsub!(/([0-9]{0,3})([0-9]{3})([0-9]{4})$/,"\\1#{delimiter}\\2#{delimiter}\\3")
+ number.starts_with?('-') ? number.slice!(1..-1) : number
end
str << " x #{extension}" unless extension.blank?
str
@@ -138,7 +140,7 @@ module ActionView
# number_with_delimiter(12345678) # => 12,345,678
# number_with_delimiter(12345678.05) # => 12,345,678.05
# number_with_delimiter(12345678, :delimiter => ".") # => 12.345.678
- # number_with_delimiter(12345678, :seperator => ",") # => 12,345,678
+ # number_with_delimiter(12345678, :separator => ",") # => 12,345,678
# number_with_delimiter(98765432.98, :delimiter => " ", :separator => ",")
# # => 98 765 432,98
#
diff --git a/actionpack/lib/action_view/helpers/prototype_helper.rb b/actionpack/lib/action_view/helpers/prototype_helper.rb
index 99676a9c27..6bad11e354 100644
--- a/actionpack/lib/action_view/helpers/prototype_helper.rb
+++ b/actionpack/lib/action_view/helpers/prototype_helper.rb
@@ -107,7 +107,7 @@ module ActionView
# on the page in an Ajax response.
module PrototypeHelper
unless const_defined? :CALLBACKS
- CALLBACKS = Set.new([ :uninitialized, :loading, :loaded,
+ CALLBACKS = Set.new([ :create, :uninitialized, :loading, :loaded,
:interactive, :complete, :failure, :success ] +
(100..599).to_a)
AJAX_OPTIONS = Set.new([ :before, :after, :condition, :url,
diff --git a/actionpack/lib/action_view/helpers/text_helper.rb b/actionpack/lib/action_view/helpers/text_helper.rb
index b1eb6891fa..573b99b96e 100644
--- a/actionpack/lib/action_view/helpers/text_helper.rb
+++ b/actionpack/lib/action_view/helpers/text_helper.rb
@@ -107,7 +107,7 @@ module ActionView
text
else
match = Array(phrases).map { |p| Regexp.escape(p) }.join('|')
- text.gsub(/(#{match})(?!(?:[^<]*?)?(?:["'])[^<>]*>)/i, options[:highlighter])
+ text.gsub(/(#{match})(?!(?:[^<]*?)(?:["'])[^<>]*>)/i, options[:highlighter])
end
end
@@ -324,7 +324,7 @@ module ActionView
# Turns all URLs and e-mail addresses into clickable links. The <tt>:link</tt> option
# will limit what should be linked. You can add HTML attributes to the links using
- # <tt>:href_options</tt>. Possible values for <tt>:link</tt> are <tt>:all</tt> (default),
+ # <tt>:html</tt>. Possible values for <tt>:link</tt> are <tt>:all</tt> (default),
# <tt>:email_addresses</tt>, and <tt>:urls</tt>. If a block is given, each URL and
# e-mail address is yielded and the result is used as the link text.
#
@@ -341,7 +341,7 @@ module ActionView
# # => "Visit http://www.loudthinking.com/ or e-mail <a href=\"mailto:david@loudthinking.com\">david@loudthinking.com</a>"
#
# post_body = "Welcome to my new blog at http://www.myblog.com/. Please e-mail me at me@email.com."
- # auto_link(post_body, :href_options => { :target => '_blank' }) do |text|
+ # auto_link(post_body, :html => { :target => '_blank' }) do |text|
# truncate(text, 15)
# end
# # => "Welcome to my new blog at <a href=\"http://www.myblog.com/\" target=\"_blank\">http://www.m...</a>.
@@ -359,7 +359,7 @@ module ActionView
# auto_link(post_body, :all, :target => "_blank") # => Once upon\na time
# # => "Welcome to my new blog at <a href=\"http://www.myblog.com/\" target=\"_blank\">http://www.myblog.com</a>.
# Please e-mail me at <a href=\"mailto:me@email.com\">me@email.com</a>."
- def auto_link(text, *args, &block)#link = :all, href_options = {}, &block)
+ def auto_link(text, *args, &block)#link = :all, html = {}, &block)
return '' if text.blank?
options = args.size == 2 ? {} : args.extract_options! # this is necessary because the old auto_link API has a Hash as its last parameter
@@ -536,8 +536,9 @@ module ActionView
text.gsub(AUTO_LINK_RE) do
href = $&
punctuation = ''
- # detect already linked URLs
- if $` =~ /<a\s[^>]*href="$/
+ left, right = $`, $'
+ # detect already linked URLs and URLs in the middle of a tag
+ if left =~ /<[^>]+$/ && right =~ /^[^>]*>/
# do not change string; URL is alreay linked
href
else
diff --git a/actionpack/lib/action_view/helpers/translation_helper.rb b/actionpack/lib/action_view/helpers/translation_helper.rb
index dc41ef5305..4aed10f640 100644
--- a/actionpack/lib/action_view/helpers/translation_helper.rb
+++ b/actionpack/lib/action_view/helpers/translation_helper.rb
@@ -3,19 +3,37 @@ require 'action_view/helpers/tag_helper'
module ActionView
module Helpers
module TranslationHelper
+ # Delegates to I18n#translate but also performs two additional functions. First, it'll catch MissingTranslationData exceptions
+ # and turn them into inline spans that contains the missing key, such that you can see in a view what is missing where.
+ #
+ # Second, it'll scope the key by the current partial if the key starts with a period. So if you call translate(".foo") from the
+ # people/index.html.erb template, you'll actually be calling I18n.translate("people.index.foo"). This makes it less repetitive
+ # to translate many keys within the same partials and gives you a simple framework for scoping them consistently. If you don't
+ # prepend the key with a period, nothing is converted.
def translate(key, options = {})
options[:raise] = true
- I18n.translate(key, options)
+ I18n.translate(scope_key_by_partial(key), options)
rescue I18n::MissingTranslationData => e
keys = I18n.send(:normalize_translation_keys, e.locale, e.key, e.options[:scope])
content_tag('span', keys.join(', '), :class => 'translation_missing')
end
alias :t :translate
+ # Delegates to I18n.localize with no additional functionality.
def localize(*args)
I18n.localize *args
end
alias :l :localize
+
+
+ private
+ def scope_key_by_partial(key)
+ if key.to_s.first == "."
+ template.path_without_format_and_extension.gsub(%r{/_?}, ".") + key.to_s
+ else
+ key
+ end
+ end
end
end
end \ No newline at end of file
diff --git a/actionpack/lib/action_view/helpers/url_helper.rb b/actionpack/lib/action_view/helpers/url_helper.rb
index 2e0eb8766b..36e0a78e93 100644
--- a/actionpack/lib/action_view/helpers/url_helper.rb
+++ b/actionpack/lib/action_view/helpers/url_helper.rb
@@ -507,7 +507,30 @@ module ActionView
# current_page?(:controller => 'shop', :action => 'checkout')
# # => true
#
- # current_page?(:controller => 'shop', :action => 'checkout', :order => 'asc)
+ # current_page?(:controller => 'shop', :action => 'checkout', :order => 'asc')
+ # # => false
+ #
+ # current_page?(:action => 'checkout')
+ # # => true
+ #
+ # current_page?(:controller => 'library', :action => 'checkout')
+ # # => false
+ #
+ # Let's say we're in the <tt>/shop/checkout?order=desc&page=1</tt> action.
+ #
+ # current_page?(:action => 'process')
+ # # => false
+ #
+ # current_page?(:controller => 'shop', :action => 'checkout')
+ # # => true
+ #
+ # current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc', :page=>'1')
+ # # => true
+ #
+ # current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc', :page=>'2')
+ # # => false
+ #
+ # current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc')
# # => false
#
# current_page?(:action => 'checkout')
@@ -516,7 +539,7 @@ module ActionView
# current_page?(:controller => 'library', :action => 'checkout')
# # => false
def current_page?(options)
- url_string = CGI.escapeHTML(url_for(options))
+ url_string = CGI.unescapeHTML(url_for(options))
request = @controller.request
# We ignore any extra parameters in the request_uri if the
# submitted url doesn't have any either. This lets the function
diff --git a/actionpack/lib/action_view/paths.rb b/actionpack/lib/action_view/paths.rb
index 6c6d2ff979..b6bb9942ee 100644
--- a/actionpack/lib/action_view/paths.rb
+++ b/actionpack/lib/action_view/paths.rb
@@ -2,7 +2,11 @@ module ActionView #:nodoc:
class PathSet < Array #:nodoc:
def self.type_cast(obj)
if obj.is_a?(String)
- Template::EagerPath.new(obj)
+ if !Object.const_defined?(:Rails) || Rails.configuration.cache_classes
+ Template::EagerPath.new(obj)
+ else
+ Template::Path.new(obj)
+ end
else
obj
end
@@ -56,7 +60,7 @@ module ActionView #:nodoc:
false
end
- def find_template(original_template_path, format = nil)
+ def find_template(original_template_path, format = nil, html_fallback = true)
return original_template_path if original_template_path.respond_to?(:render)
template_path = original_template_path.sub(/^\//, '')
@@ -64,12 +68,16 @@ module ActionView #:nodoc:
if template = load_path.find_by_parts(template_path, format)
return template
# Try to find html version if the format is javascript
- elsif format == :js && template = load_path["#{template_path}.html"]
+ elsif format == :js && html_fallback && template = load_path["#{template_path}.#{I18n.locale}.html"]
+ return template
+ elsif format == :js && html_fallback && template = load_path["#{template_path}.html"]
return template
end
end
- Template.new(original_template_path, self)
+ return Template.new(original_template_path, original_template_path.to_s =~ /\A\// ? "" : ".") if File.file?(original_template_path)
+
+ raise MissingTemplate.new(self, original_template_path, format)
end
end
end
diff --git a/actionpack/lib/action_view/render/rendering.rb b/actionpack/lib/action_view/render/rendering.rb
index 2d8bdab100..a9b2acecd5 100644
--- a/actionpack/lib/action_view/render/rendering.rb
+++ b/actionpack/lib/action_view/render/rendering.rb
@@ -62,22 +62,19 @@ module ActionView
end
def _render_template(template, local_assigns = {})
- @_render_stack.push(template)
+ with_template(template) do
+ _evaluate_assigns_and_ivars
+ _set_controller_content_type(template.mime_type) if template.respond_to?(:mime_type)
- _evaluate_assigns_and_ivars
- _set_controller_content_type(template.mime_type) if template.respond_to?(:mime_type)
-
- result = template.render(self, local_assigns) do |*names|
- if !instance_variable_defined?(:"@content_for_#{names.first}") &&
- instance_variable_defined?(:@_proc_for_layout) && (proc = @_proc_for_layout)
- capture(*names, &proc)
- elsif instance_variable_defined?(ivar = :"@content_for_#{names.first || :layout}")
- instance_variable_get(ivar)
- end
+ template.render(self, local_assigns) do |*names|
+ if !instance_variable_defined?(:"@content_for_#{names.first}") &&
+ instance_variable_defined?(:@_proc_for_layout) && (proc = @_proc_for_layout)
+ capture(*names, &proc)
+ elsif instance_variable_defined?(ivar = :"@content_for_#{names.first || :layout}")
+ instance_variable_get(ivar)
+ end
+ end
end
-
- @_render_stack.pop
- result
rescue Exception => e
raise e if template.is_a?(InlineTemplate) || !template.filename
if TemplateError === e
diff --git a/actionpack/lib/action_view/template/renderable.rb b/actionpack/lib/action_view/template/renderable.rb
index fde37544f3..0e8e0c4a38 100644
--- a/actionpack/lib/action_view/template/renderable.rb
+++ b/actionpack/lib/action_view/template/renderable.rb
@@ -1,3 +1,5 @@
+# encoding: utf-8
+
module ActionView
# NOTE: The template that this mixin is being included into is frozen
# so you cannot set or modify any instance variables
diff --git a/actionpack/lib/action_view/template/template.rb b/actionpack/lib/action_view/template/template.rb
index 73e319b489..a61c46020f 100644
--- a/actionpack/lib/action_view/template/template.rb
+++ b/actionpack/lib/action_view/template/template.rb
@@ -50,7 +50,7 @@ module ActionView #:nodoc:
def find_by_parts(name, extensions = nil, prefix = nil, partial = nil)
path = prefix ? "#{prefix}/" : ""
- name = name.split("/")
+ name = name.to_s.split("/")
name[-1] = "_#{name[-1]}" if partial
path << name.join("/")
@@ -111,7 +111,7 @@ module ActionView #:nodoc:
@@exempt_from_layout.merge(regexps)
end
- attr_accessor :filename, :load_path, :base_path
+ attr_accessor :template_path, :filename, :load_path, :base_path
attr_accessor :locale, :name, :format, :extension
delegate :to_s, :to => :path
@@ -127,13 +127,20 @@ module ActionView #:nodoc:
def accessible_paths
paths = []
- paths << path
- paths << path_without_extension
- if multipart?
- formats = format.split(".")
- paths << "#{path_without_format_and_extension}.#{formats.first}"
- paths << "#{path_without_format_and_extension}.#{formats.second}"
+
+ if valid_extension?(extension)
+ paths << path
+ paths << path_without_extension
+ if multipart?
+ formats = format.split(".")
+ paths << "#{path_without_format_and_extension}.#{formats.first}"
+ paths << "#{path_without_format_and_extension}.#{formats.second}"
+ end
+ else
+ # template without explicit template handler should only be reachable through its exact path
+ paths << template_path
end
+
paths
end
@@ -151,7 +158,7 @@ module ActionView #:nodoc:
end
def mime_type
- Mime::Type.lookup_by_extension(format) if format
+ Mime::Type.lookup_by_extension(format) if format && defined?(::Mime)
end
memoize :mime_type
@@ -230,7 +237,7 @@ module ActionView #:nodoc:
# Returns file split into an array
# [base_path, name, locale, format, extension]
def split(file)
- if m = file.match(/^(.*\/)?([^\.]+)\.(.*)$/)
+ if m = file.to_s.match(/^(.*\/)?([^\.]+)\.(.*)$/)
base_path = m[1]
name = m[2]
extensions = m[3]
@@ -242,24 +249,24 @@ module ActionView #:nodoc:
format = nil
extension = nil
- if m = extensions.match(/^(\w+)?\.?(\w+)?\.?(\w+)?\.?/)
- if valid_locale?(m[1]) && m[2] && valid_extension?(m[3]) # All three
- locale = m[1]
- format = m[2]
- extension = m[3]
- elsif m[1] && m[2] && valid_extension?(m[3]) # Multipart formats
- format = "#{m[1]}.#{m[2]}"
- extension = m[3]
- elsif valid_locale?(m[1]) && valid_extension?(m[2]) # locale and extension
- locale = m[1]
- extension = m[2]
- elsif valid_extension?(m[2]) # format and extension
+ if m = extensions.split(".")
+ if valid_locale?(m[0]) && m[1] && valid_extension?(m[2]) # All three
+ locale = m[0]
format = m[1]
extension = m[2]
- elsif valid_extension?(m[1]) # Just extension
+ elsif m[0] && m[1] && valid_extension?(m[2]) # Multipart formats
+ format = "#{m[0]}.#{m[1]}"
+ extension = m[2]
+ elsif valid_locale?(m[0]) && valid_extension?(m[1]) # locale and extension
+ locale = m[0]
+ extension = m[1]
+ elsif valid_extension?(m[1]) # format and extension
+ format = m[0]
extension = m[1]
+ elsif valid_extension?(m[0]) # Just extension
+ extension = m[0]
else # No extension
- format = m[1]
+ format = m[0]
end
end