diff options
Diffstat (limited to 'actionpack/lib/action_dispatch')
4 files changed, 43 insertions, 27 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 71dcac9e94..42ab1d1ebb 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -1,7 +1,9 @@ +require "active_support/core_ext/object/blank" + module ActionDispatch class Request - def cookie_jar(config = {}) - env['action_dispatch.cookies'] ||= Cookies::CookieJar.build(self, config) + def cookie_jar + env['action_dispatch.cookies'] ||= Cookies::CookieJar.build(self) end end @@ -51,17 +53,17 @@ module ActionDispatch # only HTTP. Defaults to +false+. class Cookies class CookieJar < Hash #:nodoc: - def self.build(request, config = {}) - new(config).tap do |hash| + def self.build(request) + secret = request.env["action_dispatch.secret_token"] + new(secret).tap do |hash| hash.update(request.cookies) end end - def initialize(config = {}) - @config = config + def initialize(secret=nil) + @secret = secret @set_cookies = {} @delete_cookies = {} - super() end @@ -112,7 +114,7 @@ module ActionDispatch # cookies.permanent.signed[:remember_me] = current_user.id # # => Set-Cookie: discount=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT def permanent - @permanent ||= PermanentCookieJar.new(self, @config) + @permanent ||= PermanentCookieJar.new(self, @secret) end # Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from @@ -120,7 +122,7 @@ module ActionDispatch # cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception will # be raised. # - # This jar requires that you set a suitable secret for the verification on your app's config.cookie_secret. + # This jar requires that you set a suitable secret for the verification on your app's config.secret_token. # # Example: # @@ -129,7 +131,7 @@ module ActionDispatch # # cookies.signed[:discount] # => 45 def signed - @signed ||= SignedCookieJar.new(self, @config) + @signed ||= SignedCookieJar.new(self, @secret) end def write(response) @@ -139,9 +141,8 @@ module ActionDispatch end class PermanentCookieJar < CookieJar #:nodoc: - def initialize(parent_jar, config = {}) - @parent_jar = parent_jar - @config = config + def initialize(parent_jar, secret) + @parent_jar, @secret = parent_jar, secret end def []=(key, options) @@ -156,7 +157,7 @@ module ActionDispatch end def signed - @signed ||= SignedCookieJar.new(self, @config) + @signed ||= SignedCookieJar.new(self, @secret) end def method_missing(method, *arguments, &block) @@ -165,11 +166,10 @@ module ActionDispatch end class SignedCookieJar < CookieJar #:nodoc: - def initialize(parent_jar, config = {}) - raise 'Missing cookie signing secret' if config[:signing_secret].blank? + def initialize(parent_jar, secret) + raise "You must set config.secret_token in your app's config" if secret.blank? @parent_jar = parent_jar - @config = config - @verifier = ActiveSupport::MessageVerifier.new(config[:signing_secret]) + @verifier = ActiveSupport::MessageVerifier.new(secret) end def [](name) diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb index 3331b7c25e..88ba941676 100644 --- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb +++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb @@ -192,7 +192,7 @@ module ActionDispatch if secret.blank? raise ArgumentError, "A secret is required to generate an " + "integrity hash for cookie session data. Use " + - "config.cookie_secret = \"some secret phrase of at " + + "config.secret_token = \"some secret phrase of at " + "least #{SECRET_MIN_LENGTH} characters\"" + "in config/application.rb" end diff --git a/actionpack/lib/action_dispatch/testing/integration.rb b/actionpack/lib/action_dispatch/testing/integration.rb index 8d107d9aa5..64eb6d8de7 100644 --- a/actionpack/lib/action_dispatch/testing/integration.rb +++ b/actionpack/lib/action_dispatch/testing/integration.rb @@ -1,6 +1,6 @@ require 'stringio' require 'uri' -require 'active_support/core_ext/object/singleton_class' +require 'active_support/core_ext/kernel/singleton_class' require 'rack/test' require 'test/unit/assertions' @@ -137,7 +137,10 @@ module ActionDispatch end # The hostname used in the last request. - attr_accessor :host + def host + @host || DEFAULT_HOST + end + attr_writer :host # The remote_addr used in the last request. attr_accessor :remote_addr @@ -148,7 +151,7 @@ module ActionDispatch # A map of the cookies returned by the last response, and which will be # sent with the next request. def cookies - @mock_session.cookie_jar + _mock_session.cookie_jar end # A reference to the controller instance used by the last request. @@ -189,8 +192,8 @@ module ActionDispatch # session.reset! def reset! @https = false - @mock_session = Rack::MockSession.new(@app, DEFAULT_HOST) @controller = @request = @response = nil + @_mock_session = nil @request_count = 0 self.host = DEFAULT_HOST @@ -234,6 +237,9 @@ module ActionDispatch end private + def _mock_session + @_mock_session ||= Rack::MockSession.new(@app, host) + end # Performs the actual request. def process(method, path, parameters = nil, rack_environment = nil) @@ -254,7 +260,7 @@ module ActionDispatch :method => method, :params => parameters, - "SERVER_NAME" => host, + "SERVER_NAME" => host.split(':')[0], "SERVER_PORT" => (https? ? "443" : "80"), "HTTPS" => https? ? "on" : "off", "rack.url_scheme" => https? ? "https" : "http", @@ -266,17 +272,25 @@ module ActionDispatch "HTTP_ACCEPT" => accept } - session = Rack::Test::Session.new(@mock_session) + session = Rack::Test::Session.new(_mock_session) (rack_environment || {}).each do |key, value| env[key] = value end - session.request(path, env) + # NOTE: rack-test v0.5 doesn't build a default uri correctly + # Make sure requested path is always a full uri + uri = URI.parse('/') + uri.scheme ||= env['rack.url_scheme'] + uri.host ||= env['SERVER_NAME'] + uri.port ||= env['SERVER_PORT'].try(:to_i) + uri += path + + session.request(uri.to_s, env) @request_count += 1 @request = ActionDispatch::Request.new(session.last_request.env) - response = @mock_session.last_response + response = _mock_session.last_response @response = ActionDispatch::TestResponse.new(response.status, response.headers, response.body) @html_document = nil diff --git a/actionpack/lib/action_dispatch/testing/test_request.rb b/actionpack/lib/action_dispatch/testing/test_request.rb index 090e03cf44..b3e67f6e36 100644 --- a/actionpack/lib/action_dispatch/testing/test_request.rb +++ b/actionpack/lib/action_dispatch/testing/test_request.rb @@ -1,4 +1,5 @@ require 'active_support/core_ext/object/blank' +require 'active_support/core_ext/hash/reverse_merge' module ActionDispatch class TestRequest < Request @@ -9,6 +10,7 @@ module ActionDispatch end def initialize(env = {}) + env = Rails.application.env_defaults.merge(env) if defined?(Rails.application) super(DEFAULT_ENV.merge(env)) self.host = 'test.host' |