diff options
| author | Pratik Naik <pratiknaik@gmail.com> | 2009-10-10 17:15:11 +0100 |
|---|---|---|
| committer | Pratik Naik <pratiknaik@gmail.com> | 2009-10-10 17:15:11 +0100 |
| commit | 66ee2654ff243f03595a402fa15e1eea1b5b45be (patch) | |
| tree | 3f1055e03082f0c767719e8cba5155e4207779e0 /activesupport | |
| parent | dd2779e1b83b4d867d47dd286ec0c919f5df12a9 (diff) | |
| parent | b9ce8216fa849a47ad0b0f99fa510e226a23c12e (diff) | |
| download | rails-66ee2654ff243f03595a402fa15e1eea1b5b45be.tar.gz rails-66ee2654ff243f03595a402fa15e1eea1b5b45be.tar.bz2 rails-66ee2654ff243f03595a402fa15e1eea1b5b45be.zip | |
Merge commit 'mainstream/master'
Diffstat (limited to 'activesupport')
10 files changed, 176 insertions, 8 deletions
diff --git a/activesupport/lib/active_support/cache.rb b/activesupport/lib/active_support/cache.rb index 25f9555388..a415686020 100644 --- a/activesupport/lib/active_support/cache.rb +++ b/activesupport/lib/active_support/cache.rb @@ -115,6 +115,13 @@ module ActiveSupport self end + def mute + previous_silence, @silence = defined?(@silence) && @silence, true + yield + ensure + @silence = previous_silence + end + # Fetches data from the cache, using the given key. If there is data in # the cache with the given key, then that data is returned. # diff --git a/activesupport/lib/active_support/cache/memory_store.rb b/activesupport/lib/active_support/cache/memory_store.rb index 66ce1bc93a..e6085d97ec 100644 --- a/activesupport/lib/active_support/cache/memory_store.rb +++ b/activesupport/lib/active_support/cache/memory_store.rb @@ -1,3 +1,5 @@ +require 'active_support/core_ext/object/duplicable' + module ActiveSupport module Cache # A cache store implementation which stores everything into memory in the diff --git a/activesupport/lib/active_support/cache/strategy/local_cache.rb b/activesupport/lib/active_support/cache/strategy/local_cache.rb index 3b5fccc737..5f6fe22416 100644 --- a/activesupport/lib/active_support/cache/strategy/local_cache.rb +++ b/activesupport/lib/active_support/cache/strategy/local_cache.rb @@ -44,7 +44,7 @@ module ActiveSupport nil elsif value.nil? value = super - local_cache.write(key, value || NULL) if local_cache + local_cache.mute { local_cache.write(key, value || NULL) } if local_cache value.duplicable? ? value.dup : value else # forcing the value to be immutable @@ -54,12 +54,12 @@ module ActiveSupport def write(key, value, options = nil) value = value.to_s if respond_to?(:raw?) && raw?(options) - local_cache.write(key, value || NULL) if local_cache + local_cache.mute { local_cache.write(key, value || NULL) } if local_cache super end def delete(key, options = nil) - local_cache.write(key, NULL) if local_cache + local_cache.mute { local_cache.write(key, NULL) } if local_cache super end @@ -76,7 +76,7 @@ module ActiveSupport def increment(key, amount = 1) if value = super - local_cache.write(key, value.to_s) if local_cache + local_cache.mute { local_cache.write(key, value.to_s) } if local_cache value else nil @@ -85,7 +85,7 @@ module ActiveSupport def decrement(key, amount = 1) if value = super - local_cache.write(key, value.to_s) if local_cache + local_cache.mute { local_cache.write(key, value.to_s) } if local_cache value else nil diff --git a/activesupport/lib/active_support/core_ext/string.rb b/activesupport/lib/active_support/core_ext/string.rb index d06a5a32fb..6c52f12712 100644 --- a/activesupport/lib/active_support/core_ext/string.rb +++ b/activesupport/lib/active_support/core_ext/string.rb @@ -7,4 +7,5 @@ require 'active_support/core_ext/string/access' require 'active_support/core_ext/string/iterators' require 'active_support/core_ext/string/xchar' require 'active_support/core_ext/string/behavior' -require 'active_support/core_ext/string/interpolation'
\ No newline at end of file +require 'active_support/core_ext/string/interpolation' +require 'active_support/core_ext/string/output_safety'
\ No newline at end of file diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb new file mode 100644 index 0000000000..2cca4763f4 --- /dev/null +++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb @@ -0,0 +1,43 @@ +class String + def html_safe? + defined?(@_rails_html_safe) && @_rails_html_safe + end + + def html_safe! + @_rails_html_safe = true + self + end + + def html_safe + dup.html_safe! + end + + alias original_plus + + def +(other) + result = original_plus(other) + if html_safe? && also_html_safe?(other) + result.html_safe! + else + result + end + end + + alias original_concat << + def <<(other) + result = original_concat(other) + unless html_safe? && also_html_safe?(other) + @_rails_html_safe = false + end + result + end + + def concat(other) + self << other + end + + private + def also_html_safe?(other) + other.respond_to?(:html_safe?) && other.html_safe? + end + +end
\ No newline at end of file diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb index 74e080a23d..282346b1a6 100644 --- a/activesupport/lib/active_support/message_verifier.rb +++ b/activesupport/lib/active_support/message_verifier.rb @@ -26,8 +26,10 @@ module ActiveSupport end def verify(signed_message) + raise InvalidSignature if signed_message.blank? + data, digest = signed_message.split("--") - if secure_compare(digest, generate_digest(data)) + if data.present? && digest.present? && secure_compare(digest, generate_digest(data)) Marshal.load(ActiveSupport::Base64.decode64(data)) else raise InvalidSignature diff --git a/activesupport/lib/active_support/testing/isolation.rb b/activesupport/lib/active_support/testing/isolation.rb index cdd6d5f49b..bec303f6ab 100644 --- a/activesupport/lib/active_support/testing/isolation.rb +++ b/activesupport/lib/active_support/testing/isolation.rb @@ -1,3 +1,5 @@ +require 'active_support/core_ext/load_error' + module ActiveSupport module Testing class ProxyTestResult @@ -107,4 +109,4 @@ if ENV['ISOLATION_TEST'] super && test.method_name == ENV['ISOLATION_TEST'] end end -end
\ No newline at end of file +end diff --git a/activesupport/test/caching_test.rb b/activesupport/test/caching_test.rb index 7667f11343..892aa97ad7 100644 --- a/activesupport/test/caching_test.rb +++ b/activesupport/test/caching_test.rb @@ -342,3 +342,22 @@ uses_memcached 'memcached backed store' do include CacheStoreBehavior end end + +class CacheStoreLoggerTest < ActiveSupport::TestCase + def setup + @cache = ActiveSupport::Cache.lookup_store(:memory_store) + + @buffer = StringIO.new + @cache.logger = Logger.new(@buffer) + end + + def test_logging + @cache.fetch('foo') { 'bar' } + assert @buffer.string.present? + end + + def test_mute_logging + @cache.mute { @cache.fetch('foo') { 'bar' } } + assert @buffer.string.blank? + end +end diff --git a/activesupport/test/core_ext/string_ext_test.rb b/activesupport/test/core_ext/string_ext_test.rb index db9073e298..584a41b631 100644 --- a/activesupport/test/core_ext/string_ext_test.rb +++ b/activesupport/test/core_ext/string_ext_test.rb @@ -356,3 +356,89 @@ class StringBytesizeTest < Test::Unit::TestCase assert_equal 3, 'foo'.bytesize end end + +class OutputSafetyTest < ActiveSupport::TestCase + def setup + @string = "hello" + end + + test "A string is unsafe by default" do + assert !@string.html_safe? + end + + test "A string can be marked safe" do + @string.html_safe! + assert @string.html_safe? + end + + test "Marking a string safe returns the string" do + assert_equal @string, @string.html_safe! + end + + test "Adding a safe string to another safe string returns a safe string" do + @other_string = "other".html_safe! + @string.html_safe! + @combination = @other_string + @string + + assert_equal "otherhello", @combination + assert @combination.html_safe? + end + + test "Adding an unsafe string to a safe string returns an unsafe string" do + @other_string = "other".html_safe! + @combination = @other_string + @string + @other_combination = @string + @other_string + + assert_equal "otherhello", @combination + assert_equal "helloother", @other_combination + + assert !@combination.html_safe? + assert !@other_combination.html_safe? + end + + test "Concatting safe onto unsafe yields unsafe" do + @other_string = "other" + @string.html_safe! + + @other_string.concat(@string) + assert !@other_string.html_safe? + end + + test "Concatting unsafe onto safe yields unsafe" do + @other_string = "other".html_safe! + + @other_string.concat(@string) + assert !@other_string.html_safe? + end + + test "Concatting safe onto safe yields safe" do + @other_string = "other".html_safe! + @string.html_safe! + + @other_string.concat(@string) + assert @other_string.html_safe? + end + + test "Concatting safe onto unsafe with << yields unsafe" do + @other_string = "other" + @string.html_safe! + + @other_string << @string + assert !@other_string.html_safe? + end + + test "Concatting unsafe onto safe with << yields unsafe" do + @other_string = "other".html_safe! + + @other_string << @string + assert !@other_string.html_safe? + end + + test "Concatting safe onto safe with << yields safe" do + @other_string = "other".html_safe! + @string.html_safe! + + @other_string << @string + assert @other_string.html_safe? + end +end diff --git a/activesupport/test/message_verifier_test.rb b/activesupport/test/message_verifier_test.rb index 4f8837ba4e..ef300e4e26 100644 --- a/activesupport/test/message_verifier_test.rb +++ b/activesupport/test/message_verifier_test.rb @@ -18,10 +18,16 @@ class MessageVerifierTest < Test::Unit::TestCase assert_equal @data, @verifier.verify(message) end + def test_missing_signature_raises + assert_not_verified(nil) + assert_not_verified("") + end + def test_tampered_data_raises data, hash = @verifier.generate(@data).split("--") assert_not_verified("#{data.reverse}--#{hash}") assert_not_verified("#{data}--#{hash.reverse}") + assert_not_verified("purejunk") end def assert_not_verified(message) |