diff options
| author | Lewis Marshall <lewis.marshall@econsultancy.com> | 2013-04-22 14:09:41 +0100 |
|---|---|---|
| committer | Lewis Marshall <lewis.marshall@econsultancy.com> | 2013-04-22 14:31:10 +0100 |
| commit | ec462b4de7904e0e55a312940e88b9e825bf955c (patch) | |
| tree | c04eacf5afa5a62c3bbb287f216b07c422b47943 /actionpack | |
| parent | 07acf7b13d98eb8e3dc6628952ca908a020bbdce (diff) | |
| download | rails-ec462b4de7904e0e55a312940e88b9e825bf955c.tar.gz rails-ec462b4de7904e0e55a312940e88b9e825bf955c.tar.bz2 rails-ec462b4de7904e0e55a312940e88b9e825bf955c.zip | |
Return a 405 response for unknown HTTP methods
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/CHANGELOG.md | 5 | ||||
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/exception_wrapper.rb | 1 | ||||
| -rw-r--r-- | actionpack/test/dispatch/debug_exceptions_test.rb | 6 | ||||
| -rw-r--r-- | actionpack/test/dispatch/show_exceptions_test.rb | 6 |
4 files changed, 18 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index cbf5b66003..a545b067b3 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,5 +1,10 @@ ## Rails 4.0.0 (unreleased) ## +* Return a 405 Method Not Allowed response when a request contains an unknown + HTTP method. + + *Lewis Marshall* + * Add support for extracting the port from the `:host` option passed to `url_for`. *Andrew White* diff --git a/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb b/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb index 7489ce8028..0a19381c89 100644 --- a/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb +++ b/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb @@ -9,6 +9,7 @@ module ActionDispatch 'ActionController::RoutingError' => :not_found, 'AbstractController::ActionNotFound' => :not_found, 'ActionController::MethodNotAllowed' => :method_not_allowed, + 'ActionController::UnknownHttpMethod' => :method_not_allowed, 'ActionController::NotImplemented' => :not_implemented, 'ActionController::UnknownFormat' => :not_acceptable, 'ActionController::InvalidAuthenticityToken' => :unprocessable_entity, diff --git a/actionpack/test/dispatch/debug_exceptions_test.rb b/actionpack/test/dispatch/debug_exceptions_test.rb index 6035f0361e..ff0baccd76 100644 --- a/actionpack/test/dispatch/debug_exceptions_test.rb +++ b/actionpack/test/dispatch/debug_exceptions_test.rb @@ -29,6 +29,8 @@ class DebugExceptionsTest < ActionDispatch::IntegrationTest raise RuntimeError when "/method_not_allowed" raise ActionController::MethodNotAllowed + when "/unknown_http_method" + raise ActionController::UnknownHttpMethod when "/not_implemented" raise ActionController::NotImplemented when "/unprocessable_entity" @@ -113,6 +115,10 @@ class DebugExceptionsTest < ActionDispatch::IntegrationTest assert_response 405 assert_match(/ActionController::MethodNotAllowed/, body) + get "/unknown_http_method", {}, {'action_dispatch.show_exceptions' => true} + assert_response 405 + assert_match(/ActionController::UnknownHttpMethod/, body) + get "/bad_request", {}, {'action_dispatch.show_exceptions' => true} assert_response 400 assert_match(/ActionController::BadRequest/, body) diff --git a/actionpack/test/dispatch/show_exceptions_test.rb b/actionpack/test/dispatch/show_exceptions_test.rb index 45f8fc11b3..98bbcd954b 100644 --- a/actionpack/test/dispatch/show_exceptions_test.rb +++ b/actionpack/test/dispatch/show_exceptions_test.rb @@ -10,6 +10,8 @@ class ShowExceptionsTest < ActionDispatch::IntegrationTest raise AbstractController::ActionNotFound when "/method_not_allowed" raise ActionController::MethodNotAllowed + when "/unknown_http_method" + raise ActionController::UnknownHttpMethod when "/not_found_original_exception" raise ActionView::Template::Error.new('template', AbstractController::ActionNotFound.new) else @@ -41,6 +43,10 @@ class ShowExceptionsTest < ActionDispatch::IntegrationTest get "/method_not_allowed", {}, {'action_dispatch.show_exceptions' => true} assert_response 405 assert_equal "", body + + get "/unknown_http_method", {}, {'action_dispatch.show_exceptions' => true} + assert_response 405 + assert_equal "", body end test "localize rescue error page" do |