diff options
-rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
-rw-r--r-- | actionpack/lib/action_controller/cgi_process.rb | 7 | ||||
-rw-r--r-- | actionpack/lib/action_view/helpers/asset_tag_helper.rb | 26 | ||||
-rw-r--r-- | actionpack/lib/action_view/template_handlers/erb.rb | 9 | ||||
-rw-r--r-- | actionpack/test/template/asset_tag_helper_test.rb | 41 |
5 files changed, 78 insertions, 7 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index c2af2c8c11..1fd3bfee7f 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* The asset_host block takes the controller request as an optional second argument. Example: use a single asset host for SSL requests. #10549 [Cheah Chu Yeow, Peter B, Tom Taylor] + * Support render :text => nil. #6684 [tjennings, PotatoSalad, Cheah Chu Yeow] * assert_response failures include the exception message. #10688 [Seth Rasmussen] diff --git a/actionpack/lib/action_controller/cgi_process.rb b/actionpack/lib/action_controller/cgi_process.rb index 6a802aa8fa..b529db8af4 100644 --- a/actionpack/lib/action_controller/cgi_process.rb +++ b/actionpack/lib/action_controller/cgi_process.rb @@ -3,7 +3,7 @@ require 'action_controller/session/cookie_store' module ActionController #:nodoc: class Base - # Process a request extracted from an CGI object and return a response. Pass false as <tt>session_options</tt> to disable + # Process a request extracted from a CGI object and return a response. Pass false as <tt>session_options</tt> to disable # sessions (large performance increase if sessions are not needed). The <tt>session_options</tt> are the same as for CGI::Session: # # * <tt>:database_manager</tt> - standard options are CGI::Session::FileStore, CGI::Session::MemoryStore, and CGI::Session::PStore @@ -17,7 +17,7 @@ module ActionController #:nodoc: # an ArgumentError is raised. # * <tt>:session_expires</tt> - the time the current session expires, as a +Time+ object. If not set, the session will continue # indefinitely. - # * <tt>:session_domain</tt> - the hostname domain for which this session is valid. If not set, defaults to the hostname of the + # * <tt>:session_domain</tt> - the hostname domain for which this session is valid. If not set, defaults to the hostname of the # server. # * <tt>:session_secure</tt> - if +true+, this session will only work over HTTPS. # * <tt>:session_path</tt> - the path for which this session applies. Defaults to the directory of the CGI script. @@ -34,7 +34,8 @@ module ActionController #:nodoc: class CgiRequest < AbstractRequest #:nodoc: attr_accessor :cgi, :session_options - class SessionFixationAttempt < StandardError; end #:nodoc: + class SessionFixationAttempt < StandardError #:nodoc: + end DEFAULT_SESSION_OPTIONS = { :database_manager => CGI::Session::CookieStore, # store data in cookie diff --git a/actionpack/lib/action_view/helpers/asset_tag_helper.rb b/actionpack/lib/action_view/helpers/asset_tag_helper.rb index ba474a8ffe..fd01fd60bc 100644 --- a/actionpack/lib/action_view/helpers/asset_tag_helper.rb +++ b/actionpack/lib/action_view/helpers/asset_tag_helper.rb @@ -50,8 +50,10 @@ module ActionView # stylesheet_include_tag("application") # => <link href="http://assets1.example.com/stylesheets/application.css" media="screen" rel="stylesheet" type="text/css" /> # - # The proc takes a single <tt>source</tt> parameter which is the path of the source asset. This can be used to - # generate a particular asset host depending on the asset path. + # The proc takes a <tt>source</tt> parameter (which is the path of the source asset) and an optional + # <tt>request</tt> parameter (which is an entire instance of an <tt>ActionController::AbstractRequest</tt> + # subclass). This can be used to generate a particular asset host depending on the asset path and the particular + # request. # # ActionController::Base.asset_host = Proc.new { |source| # if source.starts_with?('/images') @@ -65,6 +67,19 @@ module ActionView # stylesheet_include_tag("application") # => <link href="http://assets.example.com/stylesheets/application.css" media="screen" rel="stylesheet" type="text/css" /> # + # The optional <tt>request</tt> parameter to the proc is useful in particular for serving assets from an + # SSL-protected page. The example proc below disables asset hosting for HTTPS connections, while still sending + # assets for plain HTTP requests from asset hosts. This is useful for avoiding mixed media warnings when serving + # non-HTTP assets from HTTPS web pages when you don't have an SSL certificate for each of the asset hosts. + # + # ActionController::Base.asset_host = Proc.new { |source, request| + # if request.ssl? + # "#{request.protocol}#{request.host_with_port}" + # else + # "#{request.protocol}assets.example.com" + # end + # } + # # === Using asset timestamps # # By default, Rails will append all asset paths with that asset's timestamp. This allows you to set a cache-expiration date for the @@ -461,7 +476,12 @@ module ActionView def compute_asset_host(source) if host = ActionController::Base.asset_host if host.is_a?(Proc) - host.call(source) + case host.arity + when 2: + host.call(source, @controller.request) + else + host.call(source) + end else host % (source.hash % 4) end diff --git a/actionpack/lib/action_view/template_handlers/erb.rb b/actionpack/lib/action_view/template_handlers/erb.rb index 022fc362e7..87cb09952c 100644 --- a/actionpack/lib/action_view/template_handlers/erb.rb +++ b/actionpack/lib/action_view/template_handlers/erb.rb @@ -4,6 +4,15 @@ class ERB module Util HTML_ESCAPE = { '&' => '&', '"' => '"', '>' => '>', '<' => '<' } + # A utility method for escaping HTML tag characters. + # This method is also aliased as <tt>h</tt>. + # + # In your ERb templates, use this method to escape any unsafe content. For example: + # <%=h @person.name %> + # + # ==== Example: + # puts html_escape("is a > 0 & a < 10?") + # # => is a > 0 & a < 10? def html_escape(s) s.to_s.gsub(/[&"><]/) { |special| HTML_ESCAPE[special] } end diff --git a/actionpack/test/template/asset_tag_helper_test.rb b/actionpack/test/template/asset_tag_helper_test.rb index 0d84816765..37392b9f67 100644 --- a/actionpack/test/template/asset_tag_helper_test.rb +++ b/actionpack/test/template/asset_tag_helper_test.rb @@ -34,6 +34,8 @@ class AssetTagHelperTest < Test::Unit::TestCase @request = Class.new do def relative_url_root() "" end def protocol() 'http://' end + def ssl?() false end + def host_with_port() 'localhost' end end.new @controller.request = @request @@ -248,7 +250,7 @@ class AssetTagHelperTest < Test::Unit::TestCase end def test_caching_javascript_include_tag_when_caching_on_with_proc_asset_host - ENV["RAILS_ASSET_ID"] = "" + ENV['RAILS_ASSET_ID'] = '' ActionController::Base.asset_host = Proc.new { |source| "http://a#{source.length}.example.com" } ActionController::Base.perform_caching = true @@ -264,6 +266,43 @@ class AssetTagHelperTest < Test::Unit::TestCase FileUtils.rm_f(File.join(ActionView::Helpers::AssetTagHelper::JAVASCRIPTS_DIR, 'scripts.js')) end + def test_caching_javascript_include_tag_when_caching_on_with_2_argument_proc_asset_host + ENV['RAILS_ASSET_ID'] = '' + ActionController::Base.asset_host = Proc.new { |source, request| + if request.ssl? + "#{request.protocol}#{request.host_with_port}" + else + "#{request.protocol}assets#{source.length}.example.com" + end + } + ActionController::Base.perform_caching = true + + assert_equal '/javascripts/vanilla.js'.length, 23 + assert_dom_equal( + %(<script src="http://assets23.example.com/javascripts/vanilla.js" type="text/javascript"></script>), + javascript_include_tag(:all, :cache => 'vanilla') + ) + + assert File.exist?(File.join(ActionView::Helpers::AssetTagHelper::JAVASCRIPTS_DIR, 'vanilla.js')) + + class << @controller.request + def protocol() 'https://' end + def ssl?() true end + end + + assert_equal '/javascripts/secure.js'.length, 22 + assert_dom_equal( + %(<script src="https://localhost/javascripts/secure.js" type="text/javascript"></script>), + javascript_include_tag(:all, :cache => 'secure') + ) + + assert File.exist?(File.join(ActionView::Helpers::AssetTagHelper::JAVASCRIPTS_DIR, 'secure.js')) + + ensure + FileUtils.rm_f(File.join(ActionView::Helpers::AssetTagHelper::JAVASCRIPTS_DIR, 'vanilla.js')) + FileUtils.rm_f(File.join(ActionView::Helpers::AssetTagHelper::JAVASCRIPTS_DIR, 'secure.js')) + end + def test_caching_javascript_include_tag_when_caching_on_and_using_subdirectory ENV["RAILS_ASSET_ID"] = "" ActionController::Base.asset_host = 'http://a%d.example.com' |