diff options
-rw-r--r-- | actionpack/CHANGELOG.md | 7 | ||||
-rw-r--r-- | actionpack/lib/action_controller/metal/exceptions.rb | 8 | ||||
-rw-r--r-- | actionpack/lib/action_dispatch/http/request.rb | 6 | ||||
-rw-r--r-- | actionpack/test/dispatch/request_test.rb | 14 | ||||
-rw-r--r-- | activesupport/lib/active_support/values/time_zone.rb | 6 | ||||
-rw-r--r-- | guides/source/active_model_basics.md | 14 | ||||
-rw-r--r-- | guides/source/engines.md | 2 | ||||
-rw-r--r-- | railties/lib/rails/generators/rails/plugin/plugin_generator.rb | 4 |
8 files changed, 35 insertions, 26 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index b9b771b930..58af62ee76 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,10 @@ +* Show helpful message in `BadRequest` exceptions due to invalid path + parameter encodings. + + Fixes #21923. + + *Agis Anastasopoulos* + * Deprecate `config.static_cache_control` in favor of `config.public_file_server.headers` diff --git a/actionpack/lib/action_controller/metal/exceptions.rb b/actionpack/lib/action_controller/metal/exceptions.rb index 18e003741d..5260dc0336 100644 --- a/actionpack/lib/action_controller/metal/exceptions.rb +++ b/actionpack/lib/action_controller/metal/exceptions.rb @@ -5,12 +5,10 @@ module ActionController class BadRequest < ActionControllerError #:nodoc: attr_reader :original_exception - def initialize(type = nil, e = nil) - return super() unless type && e - - super("Invalid #{type} parameters: #{e.message}") + def initialize(msg = nil, e = nil) + super(msg) @original_exception = e - set_backtrace e.backtrace + set_backtrace e.backtrace if e end end diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb index bf20a33d36..c6ab4dbc9a 100644 --- a/actionpack/lib/action_dispatch/http/request.rb +++ b/actionpack/lib/action_dispatch/http/request.rb @@ -65,7 +65,7 @@ module ActionDispatch path_parameters.each do |key, value| next unless value.respond_to?(:valid_encoding?) unless value.valid_encoding? - raise ActionController::BadRequest, "Invalid parameter: #{key} => #{value}" + raise ActionController::BadRequest, "Invalid parameter encoding: #{key} => #{value.inspect}" end end end @@ -341,7 +341,7 @@ module ActionDispatch set_header k, Request::Utils.normalize_encode_params(super || {}) end rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e - raise ActionController::BadRequest.new(:query, e) + raise ActionController::BadRequest.new("Invalid query parameters: #{e.message}", e) end alias :query_parameters :GET @@ -357,7 +357,7 @@ module ActionDispatch self.request_parameters = Request::Utils.normalize_encode_params(super || {}) raise rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e - raise ActionController::BadRequest.new(:request, e) + raise ActionController::BadRequest.new("Invalid request parameters: #{e.message}", e) end alias :request_parameters :POST diff --git a/actionpack/test/dispatch/request_test.rb b/actionpack/test/dispatch/request_test.rb index af2ed24f43..dfedc8ae25 100644 --- a/actionpack/test/dispatch/request_test.rb +++ b/actionpack/test/dispatch/request_test.rb @@ -961,6 +961,20 @@ class RequestParameters < BaseRequestTest end end + test "path parameters with invalid UTF8 encoding" do + request = stub_request( + "action_dispatch.request.path_parameters" => { foo: "\xBE" } + ) + + err = assert_raises(ActionController::BadRequest) do + request.check_path_parameters! + end + + assert_match "Invalid parameter encoding", err.message + assert_match "foo", err.message + assert_match "\\xBE", err.message + end + test "parameters not accessible after rack parse error of invalid UTF8 character" do request = stub_request("QUERY_STRING" => "foo%81E=1") diff --git a/activesupport/lib/active_support/values/time_zone.rb b/activesupport/lib/active_support/values/time_zone.rb index 681f659100..9f4bb6762d 100644 --- a/activesupport/lib/active_support/values/time_zone.rb +++ b/activesupport/lib/active_support/values/time_zone.rb @@ -26,12 +26,6 @@ module ActiveSupport # Time.zone # => #<ActiveSupport::TimeZone:0x514834...> # Time.zone.name # => "Eastern Time (US & Canada)" # Time.zone.now # => Sun, 18 May 2008 14:30:44 EDT -04:00 - # - # The version of TZInfo bundled with Active Support only includes the - # definitions necessary to support the zones defined by the TimeZone class. - # If you need to use zones that aren't defined by TimeZone, you'll need to - # install the TZInfo gem (if a recent version of the gem is installed locally, - # this will be used instead of the bundled version.) class TimeZone # Keys are Rails TimeZone names, values are TZInfo identifiers. MAPPING = { diff --git a/guides/source/active_model_basics.md b/guides/source/active_model_basics.md index 2bdbd792a8..fe2501bd87 100644 --- a/guides/source/active_model_basics.md +++ b/guides/source/active_model_basics.md @@ -197,7 +197,7 @@ person.last_name_change # => nil ### Validations -`ActiveModel::Validations` module adds the ability to validate class objects +The `ActiveModel::Validations` module adds the ability to validate class objects like in Active Record. ```ruby @@ -292,7 +292,7 @@ objects. ### Serialization -`ActiveModel::Serialization` provides a basic serialization for your object. +`ActiveModel::Serialization` provides basic serialization for your object. You need to declare an attributes hash which contains the attributes you want to serialize. Attributes must be strings, not symbols. @@ -339,7 +339,7 @@ class Person end ``` -With the `as_json` you have a hash representing the model. +With the `as_json` method you have a hash representing the model. ```ruby person = Person.new @@ -408,7 +408,7 @@ Person.human_attribute_name('name') # => "Nome" ### Lint Tests -`ActiveModel::Lint::Tests` allow you to test whether an object is compliant with +`ActiveModel::Lint::Tests` allows you to test whether an object is compliant with the Active Model API. * app/models/person.rb @@ -461,14 +461,14 @@ an accessor named `password` with certain validations on it. #### Requirements -`ActiveModel::SecurePassword` depends on the [`bcrypt`](https://github.com/codahale/bcrypt-ruby 'BCrypt'), +`ActiveModel::SecurePassword` depends on [`bcrypt`](https://github.com/codahale/bcrypt-ruby 'BCrypt'), so include this gem in your Gemfile to use `ActiveModel::SecurePassword` correctly. In order to make this work, the model must have an accessor named `password_digest`. The `has_secure_password` will add the following validations on the `password` accessor: 1. Password should be present. 2. Password should be equal to its confirmation. -3. This maximum length of a password is 72 (required by `bcrypt` on which ActiveModel::SecurePassword depends) +3. The maximum length of a password is 72 (required by `bcrypt` on which ActiveModel::SecurePassword depends) #### Examples @@ -489,7 +489,7 @@ person.password = 'aditya' person.password_confirmation = 'nomatch' person.valid? # => false -# When the length of password, exceeds 72. +# When the length of password exceeds 72. person.password = person.password_confirmation = 'a' * 100 person.valid? # => false diff --git a/guides/source/engines.md b/guides/source/engines.md index 71844b7990..f961b799f1 100644 --- a/guides/source/engines.md +++ b/guides/source/engines.md @@ -670,7 +670,7 @@ pre-defined path which may be customizable. The engine contains migrations for the `blorgh_articles` and `blorgh_comments` table which need to be created in the application's database so that the engine's models can query them correctly. To copy these migrations into the -application use this command: +application run the following command from the `test/dummy` directory of your Rails engine: ```bash $ rake blorgh:install:migrations diff --git a/railties/lib/rails/generators/rails/plugin/plugin_generator.rb b/railties/lib/rails/generators/rails/plugin/plugin_generator.rb index 81bc902bde..c65b8b84be 100644 --- a/railties/lib/rails/generators/rails/plugin/plugin_generator.rb +++ b/railties/lib/rails/generators/rails/plugin/plugin_generator.rb @@ -237,10 +237,6 @@ task default: :test build(:javascripts) unless api? end - def create_images_directory - build(:images) unless api? - end - def create_bin_files build(:bin) end |