| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Adds RedisAdapterTest::AlternateConfiguration to account
for a relatively common alternative setup, as it’s used
as the first example in the
[Redis rubygem](https://github.com/redis/redis-rb#getting-started)
- Supplies original RedisAdapterTest with more complete
redis:// url format by adding a ‘userinfo’ (blank user),
so that it resembles the alternate configuration
- Supplies original EventedRedisAdapterTest with more complete
redis:// url as well
- Adds before_script to start redis-server with password as a daemon
and with explicit defaults copied from the default redis.conf
(Instead of using Travis' default init/upstart scripts for `redis` service)
|
| |
| |
| |
| |
| | |
Users should never publicly be interacting with an instance of this. The instance that comes along with an `AC::Connection::Base` instance (the only thing a user should be working with) is [itself intended to be private](https://github.com/tjschuck/rails/blob/master/actioncable/lib/action_cable/connection/base.rb#L137-L140).
[ci skip]
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Allow a default value to be declared for class_attribute
* Convert to using class_attribute default rather than explicit setter
* Removed instance_accessor option by mistake
* False is a valid default value
* Documentation
|
| | |
|
|/ |
|
|
|
|
|
|
|
| |
This method is repeatedly used throughout the docs (in the [AC::Connection docs](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L28), the [AC README](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/README.md#a-full-stack-example), the [AC Guides](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/guides/source/action_cable_overview.md#connection-setup)), but not actually documented itself and seemingly not supported for public use based on its current `private` status.
This actually makes the method public and documents it. The actual behavior that’s documented here is implemented [here](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L213-L219), via [this rescuing of the UnauthorizedError](https://github.com/rails/rails/blob/3dd1de8ba4d5862b01e7f5dd3878b21fd98b443b/actioncable/lib/action_cable/connection/base.rb#L172).
The method is [already tested here](https://github.com/rails/rails/blob/25473baf409185638073fe2f016f4b9dda284e50/actioncable/test/connection/authorization_test.rb#L17-L29).
|
| |
|
| |
|
|
|
|
|
| |
Unlike Faye support, it seems a bit too documented to remove without
warning. So, here's a warning.
|
| |
|
| |
|
|
|
| |
Fix missing left bracket in exception message.
|
|
|
|
| |
(I personally prefer writing one string in one line no matter how long it is, though)
|
|
|
|
| |
Actually, private methods cannot be called with `self.`, so it's not just redundant, it's a bad habit in Ruby
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
reactor_running? will be true just after the thread enters
EventMachine.run; reactor_thread only gets set after the internal
initialize_event_machine method has been called, the C extension is set
up, and it is entering its run loop.
|
|
|
|
|
| |
Need to specify `reload` from turbolinks 5.
Ref: 7225f0bb9fd1d71a7a37b53815c90178cc7319bd
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WebSocket always defers the decision to the server, because it didn't
have to deal with legacy compatibility... but the same-origin policy is
still a reasonable default.
Origin checks do not protect against a directly connecting attacker --
they can lie about their host, but can also lie about their origin.
Origin checks protect against a connection from 3rd-party controlled
script in a context where a victim browser's cookies will be passed
along. And if an attacker has breached that protection, they've already
compromised the HTTP session, so treating the WebSocket connection in
the same way seems reasonable.
In case this logic proves incorrect (or anyone just wants to be more
paranoid), we retain a config option to disable it.
|
|\
| |
| |
| | |
Optionally allow ActionCable requests from the same host as origin
|
| |
| |
| |
| |
| |
| |
| | |
When the `allow_same_origin_as_host` is set to `true`, the request
forgery protection permits `HTTP_ORIGIN` values starting with the
corresponding `proto://` prefix followed by `HTTP_HOST`. This way
it is not required to specify the list of allowed URLs.
|
| |
| |
| |
| |
| |
| |
| |
| | |
IO#close and IO#read across threads don't get along so well:
After T1 enters #read and releases the GVL, T2 can call #close on the
IO, thereby both closing the fd and freeing the buffer while T1 is using
them.
|
| |
| |
| |
| |
| | |
Different parts of concurrent-ruby's documentation make inconsistent
claims about how kill will behave. It doesn't do the thing we want.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before this patch, if you were to make a file edit in your Rails
application and you tried to load up the page, it would hang
indefinitely. The issue is that Active Record is trying to cleanup after
itself and clear all active connection, but Action Cable is still
holding onto a connection from the pool. To resolve this, we are now
shutting down the pubsub adapter before classes are reloaded, to avoid
this altogether (connection is being returned to the pool).
Credits to @skateman for discovering this bug. :)
|
| | |
|
| |
| |
| |
| | |
No deprecation, because it was never documented.
|
|\ \
| | |
| | |
| | |
| | |
| | | |
palkan/fix/actioncable-confirmation-race-condition
Avoid race condition on subscription confirmation
|
| | |
| | |
| | |
| | | |
initializing
|
| | | |
|
| |/
|/|
| |
| |
| | |
Otherwise, they can sometimes block, leading to reduced system
throughput.
|
| |
| |
| |
| | |
AC::Server::Base
|
| | |
|
|/ |
|
| |
|
|
|
|
|
|
|
|
|
| |
Fixes #23757.
Before this commit, even if `reject` was called in the `subscribe`
method for an Action Cable channel, all actions on that channel could
still be invoked. This calls a `return` if a rejected connection tries
to invoke any actions on the channel.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Inserted spaces in the name of Rails components.
Since I was on it, also used PostgreSQL instead of Postgres
because albeit Postgres is an accepted alias, PostgreSQL is
the official name and the actual name of the adapter.
See
https://wiki.postgresql.org/wiki/ProjectName
with regard to PostgreSQL vs Postgres.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|\
| |
| |
| | |
Fix race condition in websocket stream write
|
| | |
|
|\ \
| | |
| | | |
Add ActiveSupport::Notifications hook to ActionCable::Server.broadcast
|
| | |
| | |
| | |
| | |
| | | |
This addition of this notification hook will give users better visibility
into the messages being sent over the PubSub adapter.
|