aboutsummaryrefslogtreecommitdiffstats
path: root/actioncable/lib/action_cable
Commit message (Collapse)AuthorAgeFilesLines
* [ci skip] Prefer cookies.encrypted over signed (#30129)Claudio B2017-08-071-1/+1
| | | | | | | | | | | | | | | | In some examples and guides we are recommending to use code like: ```ruby verified_user = User.find_by(id: cookies.signed[:user_id]) ``` My suggestion is to use instead: ```ruby verified_user = User.find_by(id: cookies.encrypted[:user_id]) ``` which invites users to prefer the "newer" encrypted cookies over the "legacy" signed cookies.
* Use frozen string literal in actioncable/Kir Shatrov2017-07-2340-1/+79
|
* Make actioncable ready for frozen stringsKir Shatrov2017-07-231-1/+5
|
* [Fix #28751] Hash stream long stream identifiers when using Postgres adapterpalkan2017-07-061-3/+8
|
* [Action Cable] require => require_relativeAkira Matsuda2017-07-012-2/+2
|
* Allows for other common redis options to be in cable.yml, by defaultMarc Ignacio2017-06-221-1/+3
| | | | | | | | | | | | | | | | | | - Adds RedisAdapterTest::AlternateConfiguration to account for a relatively common alternative setup, as it’s used as the first example in the [Redis rubygem](https://github.com/redis/redis-rb#getting-started) - Supplies original RedisAdapterTest with more complete redis:// url format by adding a ‘userinfo’ (blank user), so that it resembles the alternate configuration - Supplies original EventedRedisAdapterTest with more complete redis:// url as well - Adds before_script to start redis-server with password as a daemon and with explicit defaults copied from the default redis.conf (Instead of using Travis' default init/upstart scripts for `redis` service)
* nodoc AC::Connection::WebSocketT.J. Schuck2017-06-161-1/+1
| | | | | Users should never publicly be interacting with an instance of this. The instance that comes along with an `AC::Connection::Base` instance (the only thing a user should be working with) is [itself intended to be private](https://github.com/tjschuck/rails/blob/master/actioncable/lib/action_cable/connection/base.rb#L137-L140). [ci skip]
* Use mattr_accessor default: option throughout the projectGenadi Samokovarov2017-06-033-4/+4
|
* Add option for class_attribute default (#29270)David Heinemeier Hansson2017-05-292-4/+2
| | | | | | | | | | | | * Allow a default value to be declared for class_attribute * Convert to using class_attribute default rather than explicit setter * Removed instance_accessor option by mistake * False is a valid default value * Documentation
* identifiers is already defined via Connection::Identification moduleAkira Matsuda2017-05-211-1/+1
|
* Log any errors originating from the socketedwardmp2017-04-161-1/+2
|
* Document AC::Connection::Authorization#reject_unauthorized_connectionT.J. Schuck2017-03-221-5/+5
| | | | | | | This method is repeatedly used throughout the docs (in the [AC::Connection docs](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L28), the [AC README](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/README.md#a-full-stack-example), the [AC Guides](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/guides/source/action_cable_overview.md#connection-setup)), but not actually documented itself and seemingly not supported for public use based on its current `private` status. This actually makes the method public and documents it. The actual behavior that’s documented here is implemented [here](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L213-L219), via [this rescuing of the UnauthorizedError](https://github.com/rails/rails/blob/3dd1de8ba4d5862b01e7f5dd3878b21fd98b443b/actioncable/lib/action_cable/connection/base.rb#L172). The method is [already tested here](https://github.com/rails/rails/blob/25473baf409185638073fe2f016f4b9dda284e50/actioncable/test/connection/authorization_test.rb#L17-L29).
* Start Rails 5.2 developmentMatthew Draper2017-03-221-2/+2
|
* Preparing for 5.1.0.beta1 releaseRafael Mendonça França2017-02-231-1/+1
|
* Deprecate the EventedRedis subscription adapterMatthew Draper2017-02-231-0/+6
| | | | | Unlike Faye support, it seems a bit too documented to remove without warning. So, here's a warning.
* Move some ActionCable logs to debug levelMartijn Storck2017-02-062-2/+2
|
* Add channel_prefix support to ActionCable redis/evented_redis adapters.Chad Ingram2017-01-174-0/+31
|
* Fix missing bracket.Eugene2017-01-141-1/+1
| | | Fix missing left bracket in exception message.
* Reduce string objects by using \ instead of + or << for concatenating stringsAkira Matsuda2017-01-121-2/+2
| | | | (I personally prefer writing one string in one line no matter how long it is, though)
* `self.` is not needed when calling its own instance methodAkira Matsuda2017-01-051-1/+1
| | | | Actually, private methods cannot be called with `self.`, so it's not just redundant, it's a bad habit in Ruby
* Privatize unneededly protected methods in Action CableAkira Matsuda2016-12-243-23/+22
|
* Describe what we are protectingAkira Matsuda2016-12-234-0/+8
|
* ActionCable::Connection::Base doc code sample syntax errorMSP-Greg2016-12-061-4/+1
|
* Prevent race condition when launching EventMachine reactorMatthew Draper2016-11-301-2/+2
| | | | | | | reactor_running? will be true just after the thread enters EventMachine.run; reactor_thread only gets set after the internal initialize_event_machine method has been called, the C extension is set up, and it is entering its run loop.
* use correct value in example [ci skip]yuuji.yaginuma2016-11-141-1/+1
| | | | | Need to specify `reload` from turbolinks 5. Ref: 7225f0bb9fd1d71a7a37b53815c90178cc7319bd
* Add more rubocop rules about whitespacesRafael Mendonça França2016-10-294-4/+4
|
* Permit same-origin connections by defaultMatthew Draper2016-10-112-3/+3
| | | | | | | | | | | | | | | | | WebSocket always defers the decision to the server, because it didn't have to deal with legacy compatibility... but the same-origin policy is still a reasonable default. Origin checks do not protect against a directly connecting attacker -- they can lie about their host, but can also lie about their origin. Origin checks protect against a connection from 3rd-party controlled script in a context where a victim browser's cookies will be passed along. And if an attacker has breached that protection, they've already compromised the HTTP session, so treating the WebSocket connection in the same way seems reasonable. In case this logic proves incorrect (or anyone just wants to be more paranoid), we retain a config option to disable it.
* Merge pull request #26568 from skateman/cable-sameorigin-as-hostMatthew Draper2016-10-112-1/+5
|\ | | | | | | Optionally allow ActionCable requests from the same host as origin
| * Optionally allow ActionCable requests from the same host as originDávid Halász2016-09-212-1/+5
| | | | | | | | | | | | | | When the `allow_same_origin_as_host` is set to `true`, the request forgery protection permits `HTTP_ORIGIN` values starting with the corresponding `proto://` prefix followed by `HTTP_HOST`. This way it is not required to specify the list of allowed URLs.
* | Close the IO from the read loop threadMatthew Draper2016-10-062-1/+1
| | | | | | | | | | | | | | | | IO#close and IO#read across threads don't get along so well: After T1 enters #read and releases the GVL, T2 can call #close on the IO, thereby both closing the fd and freeing the buffer while T1 is using them.
* | Shut down the worker pool - don't kill itMatthew Draper2016-10-031-1/+1
| | | | | | | | | | Different parts of concurrent-ruby's documentation make inconsistent claims about how kill will behave. It doesn't do the thing we want.
* | Move behavior to Server::Base, and flush pubsubJon Moss2016-10-022-3/+6
| |
* | Shutdown pubsub connection before classes are reloadedJon Moss2016-10-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Before this patch, if you were to make a file edit in your Rails application and you tried to load up the page, it would hang indefinitely. The issue is that Active Record is trying to cleanup after itself and clear all active connection, but Action Cable is still holding onto a connection from the pool. To resolve this, we are now shutting down the pubsub adapter before classes are reloaded, to avoid this altogether (connection is being returned to the pool). Credits to @skateman for discovering this bug. :)
* | In-line the configuration points that only existed for Faye supportMatthew Draper2016-10-014-12/+4
| |
* | Remove Faye modeMatthew Draper2016-10-014-105/+3
| | | | | | | | No deprecation, because it was never documented.
* | Merge pull request #26547 from ↵Matthew Draper2016-10-013-18/+28
|\ \ | | | | | | | | | | | | | | | palkan/fix/actioncable-confirmation-race-condition Avoid race condition on subscription confirmation
| * | Add Channel#ensure_confirmation_sent; call #subscribe_to_channel after ↵palkan2016-09-223-27/+24
| | | | | | | | | | | | initializing
| * | [Fix #25381] Avoid race condition on subscription confirmationpalkan2016-09-203-10/+23
| | |
* | | Buffer writes to the cable socketsMatthew Draper2016-09-282-11/+92
| |/ |/| | | | | | | Otherwise, they can sometimes block, leading to reduced system throughput.
* | [ci skip] Fix formatting of documentation of worker_pool method from ↵Prathamesh Sonpatki2016-09-071-1/+1
| | | | | | | | AC::Server::Base
* | [ci skip] Fix formatting in Action Cable Connection::Base module docsPrathamesh Sonpatki2016-09-071-1/+1
| |
* | [ci fix] Fix API documentation for Streams module from Action CablePrathamesh Sonpatki2016-09-061-4/+4
|/
* fixes remaining RuboCop issues [Vipul A M, Xavier Noria]Xavier Noria2016-09-011-1/+1
|
* Prevent invocation of channel action if rejected connectionJon Moss2016-08-191-1/+1
| | | | | | | | | Fixes #23757. Before this commit, even if `reject` was called in the `subscribe` method for an Action Cable channel, all actions on that channel could still be invoked. This calls a `return` if a rejected connection tries to invoke any actions on the channel.
* copy-edits an exception messageXavier Noria2016-08-071-1/+1
| | | | | | | | | | | | | | Inserted spaces in the name of Rails components. Since I was on it, also used PostgreSQL instead of Postgres because albeit Postgres is an accepted alias, PostgreSQL is the official name and the actual name of the adapter. See https://wiki.postgresql.org/wiki/ProjectName with regard to PostgreSQL vs Postgres.
* Add `Style/EmptyLines` in `.rubocop.yml` and remove extra empty linesRyuta Kamizono2016-08-071-1/+0
|
* applies remaining conventions across the projectXavier Noria2016-08-061-3/+3
|
* normalizes indentation and whitespace across the projectXavier Noria2016-08-061-1/+1
|
* applies new string literal convention in actioncable/libXavier Noria2016-08-0626-76/+76
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Merge pull request #25624 from tinco/actioncable_write_raceMatthew Draper2016-07-091-2/+7
|\ | | | | | | Fix race condition in websocket stream write