aboutsummaryrefslogtreecommitdiffstats
path: root/actioncable/lib/action_cable/connection
Commit message (Collapse)AuthorAgeFilesLines
* url -> URL where apt except inside actionpack/Sharang Dashputre2019-04-011-1/+1
|
* Add ActionCable channel/connection load hooksVladimir Dementyev2019-01-291-0/+2
|
* Fix attribute typo in ActionCable connection test requestSergey Ponomarev2019-01-231-2/+0
|
* Add Action Cable Testing guidesVladimir Dementyev2019-01-141-1/+1
|
* Update Action Cable connection testing.Kasper Timm Hansen2019-01-141-44/+39
| | | | | | | | | | | | | | | * Don't reimplement assert_raises Also test what happens in case there's no explicit rejection. * Avoid OpenStruct. Remove space beneath private. * Simplify verification methods for code under test. * Match documentation with other Rails docs. Also remove mention of the custom path argument for now. Unsure how useful that really is.
* feature: add ActionCable::Connection::TestCaseVladimir Dementyev2019-01-021-0/+241
|
* Stop trying to reconnect on unauthorized cable connectionsMick Staugaard2018-12-051-3/+8
|
* Update authorization.rbEsquith Allen2018-10-301-1/+1
|
* Better compatibility with SPEC.Samuel Williams2018-07-041-2/+4
| | | | | | If `env` is duped or otherwise not the same as the original `env` that was generated at the top of rack middleware, it is impossible for the server hijack proc to update the right `env` instance. Therefore, capturing the return value is more reliable. This is the recommendation of the rack SPEC.
* Class methods in the `class_methods` blocks are wrongly appeared in the docRyuta Kamizono2018-04-041-1/+1
| | | | | | | It is wrongly appeared as instance public methods in the doc. http://api.rubyonrails.org/v5.1.6/classes/ActionCable/Channel/Callbacks.html http://api.rubyonrails.org/v5.1.6/classes/ActiveRecord/Timestamp.html
* Rails 6 requires Ruby 2.3+Jeremy Daer2018-02-174-16/+4
|
* Enable autocorrect for `Lint/EndAlignment` copKoichi ITO2018-01-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ### Summary This PR changes .rubocop.yml. Regarding the code using `if ... else ... end`, I think the coding style that Rails expects is as follows. ```ruby var = if cond a else b end ``` However, the current .rubocop.yml setting does not offense for the following code. ```ruby var = if cond a else b end ``` I think that the above code expects offense to be warned. Moreover, the layout by autocorrect is unnatural. ```ruby var = if cond a else b end ``` This PR adds a setting to .rubocop.yml to make an offense warning and autocorrect as expected by the coding style. And this change also fixes `case ... when ... end` together. Also this PR itself is an example that arranges the layout using `rubocop -a`. ### Other Information Autocorrect of `Lint/EndAlignment` cop is `false` by default. https://github.com/bbatsov/rubocop/blob/v0.51.0/config/default.yml#L1443 This PR changes this value to `true`. Also this PR has changed it together as it is necessary to enable `Layout/ElseAlignment` cop to make this behavior.
* Enable `Style/RedundantReturn` rubocop rule, and fixed a couple moreRyuta Kamizono2017-11-011-1/+1
| | | | Follow up of #31004.
* ActionCable: use find method when unsubscribingRichard Machielse2017-09-261-1/+1
| | | | | | | | | | If a frontend for some reason tries to unsubscribe from a non existing subscription, the following error is logged: Could not execute command from ({"command"=>"unsubscribe", "identifier"=>"{\"channel\":\"SomeChannel\"}"}) [NoMethodError - undefined method `unsubscribe_from_channel' for nil:NilClass] Instead, it will now properly log: Could not execute command from ({"command"=>"unsubscribe", "identifier"=>"{\"channel\":\"SomeChannel\"}"}) [RuntimeError - Unable to find subscription with identifier: {"channel":"SomeChannel"}]
* [ci skip] Prefer cookies.encrypted over signed (#30129)Claudio B2017-08-071-1/+1
| | | | | | | | | | | | | | | | In some examples and guides we are recommending to use code like: ```ruby verified_user = User.find_by(id: cookies.signed[:user_id]) ``` My suggestion is to use instead: ```ruby verified_user = User.find_by(id: cookies.encrypted[:user_id]) ``` which invites users to prefer the "newer" encrypted cookies over the "legacy" signed cookies.
* Use frozen string literal in actioncable/Kir Shatrov2017-07-2311-0/+22
|
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-0211-11/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Enforce frozen string in RubocopKir Shatrov2017-07-0111-0/+11
|
* nodoc AC::Connection::WebSocketT.J. Schuck2017-06-161-1/+1
| | | | | Users should never publicly be interacting with an instance of this. The instance that comes along with an `AC::Connection::Base` instance (the only thing a user should be working with) is [itself intended to be private](https://github.com/tjschuck/rails/blob/master/actioncable/lib/action_cable/connection/base.rb#L137-L140). [ci skip]
* Add option for class_attribute default (#29270)David Heinemeier Hansson2017-05-291-2/+1
| | | | | | | | | | | | * Allow a default value to be declared for class_attribute * Convert to using class_attribute default rather than explicit setter * Removed instance_accessor option by mistake * False is a valid default value * Documentation
* Log any errors originating from the socketedwardmp2017-04-161-1/+2
|
* Document AC::Connection::Authorization#reject_unauthorized_connectionT.J. Schuck2017-03-221-5/+5
| | | | | | | This method is repeatedly used throughout the docs (in the [AC::Connection docs](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L28), the [AC README](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/README.md#a-full-stack-example), the [AC Guides](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/guides/source/action_cable_overview.md#connection-setup)), but not actually documented itself and seemingly not supported for public use based on its current `private` status. This actually makes the method public and documents it. The actual behavior that’s documented here is implemented [here](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L213-L219), via [this rescuing of the UnauthorizedError](https://github.com/rails/rails/blob/3dd1de8ba4d5862b01e7f5dd3878b21fd98b443b/actioncable/lib/action_cable/connection/base.rb#L172). The method is [already tested here](https://github.com/rails/rails/blob/25473baf409185638073fe2f016f4b9dda284e50/actioncable/test/connection/authorization_test.rb#L17-L29).
* Fix missing bracket.Eugene2017-01-141-1/+1
| | | Fix missing left bracket in exception message.
* Reduce string objects by using \ instead of + or << for concatenating stringsAkira Matsuda2017-01-121-2/+2
| | | | (I personally prefer writing one string in one line no matter how long it is, though)
* Privatize unneededly protected methods in Action CableAkira Matsuda2016-12-242-9/+9
|
* Describe what we are protectingAkira Matsuda2016-12-234-0/+8
|
* ActionCable::Connection::Base doc code sample syntax errorMSP-Greg2016-12-061-4/+1
|
* Permit same-origin connections by defaultMatthew Draper2016-10-111-2/+2
| | | | | | | | | | | | | | | | | WebSocket always defers the decision to the server, because it didn't have to deal with legacy compatibility... but the same-origin policy is still a reasonable default. Origin checks do not protect against a directly connecting attacker -- they can lie about their host, but can also lie about their origin. Origin checks protect against a connection from 3rd-party controlled script in a context where a victim browser's cookies will be passed along. And if an attacker has breached that protection, they've already compromised the HTTP session, so treating the WebSocket connection in the same way seems reasonable. In case this logic proves incorrect (or anyone just wants to be more paranoid), we retain a config option to disable it.
* Merge pull request #26568 from skateman/cable-sameorigin-as-hostMatthew Draper2016-10-111-0/+3
|\ | | | | | | Optionally allow ActionCable requests from the same host as origin
| * Optionally allow ActionCable requests from the same host as originDávid Halász2016-09-211-0/+3
| | | | | | | | | | | | | | When the `allow_same_origin_as_host` is set to `true`, the request forgery protection permits `HTTP_ORIGIN` values starting with the corresponding `proto://` prefix followed by `HTTP_HOST`. This way it is not required to specify the list of allowed URLs.
* | Close the IO from the read loop threadMatthew Draper2016-10-062-1/+1
| | | | | | | | | | | | | | | | IO#close and IO#read across threads don't get along so well: After T1 enters #read and releases the GVL, T2 can call #close on the IO, thereby both closing the fd and freeing the buffer while T1 is using them.
* | In-line the configuration points that only existed for Faye supportMatthew Draper2016-10-012-3/+3
| |
* | Remove Faye modeMatthew Draper2016-10-012-92/+0
| | | | | | | | No deprecation, because it was never documented.
* | Merge pull request #26547 from ↵Matthew Draper2016-10-011-1/+5
|\ \ | | | | | | | | | | | | | | | palkan/fix/actioncable-confirmation-race-condition Avoid race condition on subscription confirmation
| * | Add Channel#ensure_confirmation_sent; call #subscribe_to_channel after ↵palkan2016-09-221-2/+4
| | | | | | | | | | | | initializing
| * | [Fix #25381] Avoid race condition on subscription confirmationpalkan2016-09-201-1/+3
| | |
* | | Buffer writes to the cable socketsMatthew Draper2016-09-282-11/+92
| |/ |/| | | | | | | Otherwise, they can sometimes block, leading to reduced system throughput.
* | [ci skip] Fix formatting in Action Cable Connection::Base module docsPrathamesh Sonpatki2016-09-071-1/+1
|/
* fixes remaining RuboCop issues [Vipul A M, Xavier Noria]Xavier Noria2016-09-011-1/+1
|
* applies remaining conventions across the projectXavier Noria2016-08-061-3/+3
|
* normalizes indentation and whitespace across the projectXavier Noria2016-08-061-1/+1
|
* applies new string literal convention in actioncable/libXavier Noria2016-08-0610-41/+41
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Merge pull request #25624 from tinco/actioncable_write_raceMatthew Draper2016-07-091-2/+7
|\ | | | | | | Fix race condition in websocket stream write
| * fix race condition in websocket stream writeTinco Andringa2016-07-011-0/+4
| |
* | close hijacked i/o socket after use (fixes #25613)Tinco Andringa2016-07-011-0/+1
|/
* Properly support reloading for Action Cable channelsMatthew Draper2016-06-021-3/+3
|
* Pass over Action Cable docsJon Moss2016-05-211-1/+1
| | | | [ci skip]
* Fix typos in ActionCable Channel [ci skip]Tom Kadwill2016-04-181-1/+1
|
* Merge pull request #24224 from danielrhodes/actioncable-websocket-protocolsJeremy Daer2016-04-054-7/+21
|\ | | | | | | ActionCable protocol negotiation
| * Added protocol negotiationDaniel Rhodes2016-04-054-7/+21
| | | | | | | | | | | | | | | | | | This is primarily for backwards compatibility for when or if the protocol is changed in future versions. If the server fails to respond with an acceptable protocol, the client disconnects and disables the monitor.