aboutsummaryrefslogtreecommitdiffstats
path: root/actioncable/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Permit same-origin connections by defaultMatthew Draper2016-10-112-3/+3
| | | | | | | | | | | | | | | | | WebSocket always defers the decision to the server, because it didn't have to deal with legacy compatibility... but the same-origin policy is still a reasonable default. Origin checks do not protect against a directly connecting attacker -- they can lie about their host, but can also lie about their origin. Origin checks protect against a connection from 3rd-party controlled script in a context where a victim browser's cookies will be passed along. And if an attacker has breached that protection, they've already compromised the HTTP session, so treating the WebSocket connection in the same way seems reasonable. In case this logic proves incorrect (or anyone just wants to be more paranoid), we retain a config option to disable it.
* Merge pull request #26568 from skateman/cable-sameorigin-as-hostMatthew Draper2016-10-112-1/+5
|\ | | | | | | Optionally allow ActionCable requests from the same host as origin
| * Optionally allow ActionCable requests from the same host as originDávid Halász2016-09-212-1/+5
| | | | | | | | | | | | | | When the `allow_same_origin_as_host` is set to `true`, the request forgery protection permits `HTTP_ORIGIN` values starting with the corresponding `proto://` prefix followed by `HTTP_HOST`. This way it is not required to specify the list of allowed URLs.
* | Close the IO from the read loop threadMatthew Draper2016-10-062-1/+1
| | | | | | | | | | | | | | | | IO#close and IO#read across threads don't get along so well: After T1 enters #read and releases the GVL, T2 can call #close on the IO, thereby both closing the fd and freeing the buffer while T1 is using them.
* | Shut down the worker pool - don't kill itMatthew Draper2016-10-031-1/+1
| | | | | | | | | | Different parts of concurrent-ruby's documentation make inconsistent claims about how kill will behave. It doesn't do the thing we want.
* | Move behavior to Server::Base, and flush pubsubJon Moss2016-10-022-3/+6
| |
* | Shutdown pubsub connection before classes are reloadedJon Moss2016-10-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Before this patch, if you were to make a file edit in your Rails application and you tried to load up the page, it would hang indefinitely. The issue is that Active Record is trying to cleanup after itself and clear all active connection, but Action Cable is still holding onto a connection from the pool. To resolve this, we are now shutting down the pubsub adapter before classes are reloaded, to avoid this altogether (connection is being returned to the pool). Credits to @skateman for discovering this bug. :)
* | In-line the configuration points that only existed for Faye supportMatthew Draper2016-10-014-12/+4
| |
* | Remove Faye modeMatthew Draper2016-10-014-105/+3
| | | | | | | | No deprecation, because it was never documented.
* | Merge pull request #26547 from ↵Matthew Draper2016-10-013-18/+28
|\ \ | | | | | | | | | | | | | | | palkan/fix/actioncable-confirmation-race-condition Avoid race condition on subscription confirmation
| * | Add Channel#ensure_confirmation_sent; call #subscribe_to_channel after ↵palkan2016-09-223-27/+24
| | | | | | | | | | | | initializing
| * | [Fix #25381] Avoid race condition on subscription confirmationpalkan2016-09-203-10/+23
| | |
* | | Buffer writes to the cable socketsMatthew Draper2016-09-282-11/+92
| |/ |/| | | | | | | Otherwise, they can sometimes block, leading to reduced system throughput.
* | [ci skip] Fix formatting of documentation of worker_pool method from ↵Prathamesh Sonpatki2016-09-071-1/+1
| | | | | | | | AC::Server::Base
* | [ci skip] Fix formatting in Action Cable Connection::Base module docsPrathamesh Sonpatki2016-09-071-1/+1
| |
* | [ci fix] Fix API documentation for Streams module from Action CablePrathamesh Sonpatki2016-09-061-4/+4
|/
* fixes remaining RuboCop issues [Vipul A M, Xavier Noria]Xavier Noria2016-09-011-1/+1
|
* Prevent invocation of channel action if rejected connectionJon Moss2016-08-191-1/+1
| | | | | | | | | Fixes #23757. Before this commit, even if `reject` was called in the `subscribe` method for an Action Cable channel, all actions on that channel could still be invoked. This calls a `return` if a rejected connection tries to invoke any actions on the channel.
* copy-edits an exception messageXavier Noria2016-08-071-1/+1
| | | | | | | | | | | | | | Inserted spaces in the name of Rails components. Since I was on it, also used PostgreSQL instead of Postgres because albeit Postgres is an accepted alias, PostgreSQL is the official name and the actual name of the adapter. See https://wiki.postgresql.org/wiki/ProjectName with regard to PostgreSQL vs Postgres.
* Add `Style/EmptyLines` in `.rubocop.yml` and remove extra empty linesRyuta Kamizono2016-08-071-1/+0
|
* applies remaining conventions across the projectXavier Noria2016-08-061-3/+3
|
* normalizes indentation and whitespace across the projectXavier Noria2016-08-061-1/+1
|
* applies new string literal convention in actioncable/libXavier Noria2016-08-0628-90/+90
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Give importance to rails command in the comment section.Santosh Wadghule2016-07-131-1/+1
|
* Merge pull request #25624 from tinco/actioncable_write_raceMatthew Draper2016-07-091-2/+7
|\ | | | | | | Fix race condition in websocket stream write
| * fix race condition in websocket stream writeTinco Andringa2016-07-011-0/+4
| |
* | Merge pull request #24988 from mwear/action_cable_broadcast_notificationsMatthew Draper2016-07-041-2/+6
|\ \ | | | | | | Add ActiveSupport::Notifications hook to ActionCable::Server.broadcast
| * | Add ActiveSupport::Notifications hook to Broadcaster#broadcastMatthew Wear2016-05-121-2/+6
| | | | | | | | | | | | | | | This addition of this notification hook will give users better visibility into the messages being sent over the PubSub adapter.
* | | Merge pull request #25030 from mmmpa/pull_requestMatthew Draper2016-07-041-1/+5
|\ \ \ | | | | | | | | ActionCable, sometimes add_channel is not called.
| * | | Add guard to broadcast.mmmpa2016-05-261-1/+5
| | | |
* | | | Merge pull request #25293 from y-yagi/remove_needless_commentsMatthew Draper2016-07-033-5/+0
|\ \ \ \ | | | | | | | | | | remove needless comments
| * | | | remove needless commentsyuuji.yaginuma2016-06-063-5/+0
| | | | | | | | | | | | | | | | | | | | Follow up to #25240.
* | | | | close hijacked i/o socket after use (fixes #25613)Tinco Andringa2016-07-011-0/+1
| |_|_|/ |/| | |
* | | | Periodic timers: delegate async instance_exec to the worker poolJeremy Daer2016-06-292-7/+9
| | | |
* | | | Allow actioncable connections from any port in developmentMichael Dever2016-06-161-1/+1
|/ / /
* | | Properly support reloading for Action Cable channelsMatthew Draper2016-06-024-30/+9
| | |
* | | fix grammarRajat Bansal2016-05-311-1/+1
|/ /
* | Merge pull request #25076 from jeroenvisser101/keep-to-max-lengthSean Griffin2016-05-212-2/+4
|\ \ | | | | | | Change comments to not exceed 80 characters
| * | Change comments to not exceed 80 charactersJeroen Visser2016-05-192-2/+4
| | | | | | | | | | | | Other generated files do keep to this, but action cable doesn't.
* | | Pass over Action Cable docsJon Moss2016-05-212-4/+4
| | | | | | | | | | | | [ci skip]
* | | Merge pull request #24918 from prathamesh-sonpatki/cable-assetsRafael França2016-05-212-1/+20
|\ \ \ | |/ / |/| | Cable: Generate .js or .coffee files while generating channel as per the javascript engine of the application
| * | Cable: Generate .js or .coffee files while generating channel as per the ↵Prathamesh Sonpatki2016-05-172-1/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | javascript engine of the application - Now we will detect what javascript engine user is using and based on that we will generate either `.js` or `.coffee` version of the channel file. - This also needs a change in coffee-rails to override the `js_template` method. Related PR https://github.com/rails/coffee-rails/pull/72. - Currently coffee-rails gem sets `config.app_generators.javascript_engine` to `:coffee` and using this information we override the `js_template` to set the extension as `.coffee` in coffee-rails gem. - Using this approach, we can keep the `channel.js` and `channel.coffee` files in the Rails repository itself. - Additionally the `js_template` method can act as public interface for coffee-rails gem to hook into and change the extension to `.coffee` without maintaining the actual asset files. [Prathamesh Sonpatki, Matthew Draper]
* | | Improve method descriptionRoman Pushkin2016-05-181-0/+1
|/ / | | | | Method description improved to reflect little bit more complicated scenario when names are camel-cased.
* | Merge branch 'master' of github.com:rails/docrailsVijay Dev2016-05-141-2/+2
|\ \ | |/ |/| | | | | Conflicts: guides/source/configuring.md
| * Fix code formatting in docsJay Hayes2016-05-031-2/+2
| |
* | Start Rails 5.1 development :tada:Rafael Mendonça França2016-05-101-2/+2
| |
* | Preparing for 5.0.0.rc1 releaseRafael Mendonça França2016-05-061-1/+1
| |
* | renames ActionCable::Railtie to ActionCable::EngineXavier Noria2016-05-041-1/+1
|/ | | | | | | | This is an engine living in action_cable/engine.rb, convention is to call these things *::Engine. Looking at thi git history looks like the current *::Railtie was just an accident.
* Prep Rails 5 beta 4eileencodes2016-04-271-1/+1
|
* Merge pull request #24669 from tomkadwill/action_pack_typosVipul A M2016-04-221-1/+1
|\ | | | | Actioncable and Actionpack documentation typos [ci skip]
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 07:47:33 +0000