aboutsummaryrefslogtreecommitdiffstats
path: root/actioncable/test
Commit message (Collapse)AuthorAgeFilesLines
* Permit same-origin connections by defaultMatthew Draper2016-10-111-1/+2
| | | | | | | | | | | | | | | | | WebSocket always defers the decision to the server, because it didn't have to deal with legacy compatibility... but the same-origin policy is still a reasonable default. Origin checks do not protect against a directly connecting attacker -- they can lie about their host, but can also lie about their origin. Origin checks protect against a connection from 3rd-party controlled script in a context where a victim browser's cookies will be passed along. And if an attacker has breached that protection, they've already compromised the HTTP session, so treating the WebSocket connection in the same way seems reasonable. In case this logic proves incorrect (or anyone just wants to be more paranoid), we retain a config option to disable it.
* Merge pull request #26568 from skateman/cable-sameorigin-as-hostMatthew Draper2016-10-111-0/+8
|\ | | | | | | Optionally allow ActionCable requests from the same host as origin
| * Optionally allow ActionCable requests from the same host as originDávid Halász2016-09-211-0/+8
| | | | | | | | | | | | | | When the `allow_same_origin_as_host` is set to `true`, the request forgery protection permits `HTTP_ORIGIN` values starting with the corresponding `proto://` prefix followed by `HTTP_HOST`. This way it is not required to specify the list of allowed URLs.
* | Wait for the socket to be closed asynchronouslyMatthew Draper2016-10-061-2/+10
| |
* | Use a branch of websocket-client-simple, to work around read/close raceMatthew Draper2016-10-061-7/+0
| |
* | Don't shut down adapters that haven't been setMatthew Draper2016-10-041-1/+1
| | | | | | | | We hit when we skip the PostgreSQL adapter.
* | Add tests for Server::Base#restartJon Moss2016-10-021-0/+33
| |
* | Use websocket-client-simple instead of Faye as a websockets clientMatthew Draper2016-10-021-57/+81
| | | | | | | | | | | | Mostly, this is just to avoid EventMachine. But there's also an argument to be made that we're better off using a different protocol library for our test suite than the one we use to implement the server.
* | Shut down EventMachine before re-enabling warningsMatthew Draper2016-10-022-0/+9
| |
* | In-line the configuration points that only existed for Faye supportMatthew Draper2016-10-011-1/+0
| |
* | Remove Faye modeMatthew Draper2016-10-016-63/+4
| | | | | | | | No deprecation, because it was never documented.
* | Merge pull request #26547 from ↵Matthew Draper2016-10-015-6/+47
|\ \ | | | | | | | | | | | | | | | palkan/fix/actioncable-confirmation-race-condition Avoid race condition on subscription confirmation
| * | Add Channel#ensure_confirmation_sent; call #subscribe_to_channel after ↵palkan2016-09-224-6/+15
| | | | | | | | | | | | initializing
| * | [Fix #25381] Avoid race condition on subscription confirmationpalkan2016-09-203-5/+37
| |/
* / Buffer writes to the cable socketsMatthew Draper2016-09-281-1/+3
|/ | | | | Otherwise, they can sometimes block, leading to reduced system throughput.
* Prevent invocation of channel action if rejected connectionJon Moss2016-08-191-0/+15
| | | | | | | | | Fixes #23757. Before this commit, even if `reject` was called in the `subscribe` method for an Action Cable channel, all actions on that channel could still be invoked. This calls a `return` if a rejected connection tries to invoke any actions on the channel.
* Add three new rubocop rulesRafael Mendonça França2016-08-163-26/+26
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* revises more Lint/EndAlignment offensesXavier Noria2016-08-081-6/+6
|
* Add `Style/EmptyLines` in `.rubocop.yml` and remove extra empty linesRyuta Kamizono2016-08-071-2/+0
|
* applies remaining conventions across the projectXavier Noria2016-08-061-1/+0
|
* normalizes indentation and whitespace across the projectXavier Noria2016-08-061-3/+3
|
* remove redundant curlies from hash argumentsXavier Noria2016-08-065-7/+7
|
* applies new string literal convention in actioncable/testXavier Noria2016-08-0629-260/+260
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Merge pull request #24988 from mwear/action_cable_broadcast_notificationsMatthew Draper2016-07-041-4/+49
|\ | | | | Add ActiveSupport::Notifications hook to ActionCable::Server.broadcast
| * Add ActiveSupport::Notifications hook to Broadcaster#broadcastMatthew Wear2016-05-121-4/+49
| | | | | | | | | | This addition of this notification hook will give users better visibility into the messages being sent over the PubSub adapter.
* | Merge pull request #25030 from mmmpa/pull_requestMatthew Draper2016-07-041-0/+17
|\ \ | | | | | | ActionCable, sometimes add_channel is not called.
| * | Add guard to broadcast.mmmpa2016-05-261-0/+17
| |/
* | close hijacked i/o socket after use (fixes #25613)Tinco Andringa2016-07-011-0/+14
| |
* | Make client test run individually.Kasper Timm Hansen2016-06-281-1/+3
| | | | | | | | Require our dependency and forgo the core ext version.
* | client test have not using Pathname and hashwithindifferent accessGaurav Sharma2016-06-261-3/+0
| |
* | Properly support reloading for Action Cable channelsMatthew Draper2016-06-024-52/+47
| |
* | Add helper for testing against a mock WebSocket and serverJavan Makhmali2016-05-315-56/+48
| |
* | Reorganize `MockWebSocket`Jon Moss2016-05-312-22/+32
| |
* | Add configuration for `WebSocket` and `logger`Jon Moss2016-05-312-4/+18
|/ | | | [Javan Makhmali, Jon Moss]
* Kick off initial JavaScript testsJavan Makhmali2016-05-096-0/+4617
|
* Cable: Extract stream handler constructionJeremy Daer2016-04-184-7/+13
| | | | | | | | * Use separate stream handler builders for easy override and testing. * Fix worker pool execution that was silently failing since it only expected connection receivers. Sparked by code in #24162.
* Cable: Periodic timers refreshJeremy Daer2016-04-182-20/+38
| | | | | | | | | * Rewrite docs * Support blocks in addition to method names and Proc args * Check for valid arguments * Convert `periodically :method_name` to Proc callbacks * Drop periodic runner methods from the worker pool * Ensure we clear active periodic timers after shutdown
* - Fixed ActionCable::Connection::ClientSocketTest that was overriding ↵Vipul A M2016-04-152-5/+3
| | | | | | ActionCable::Connection::StreamTest test name - Only add attr_readers for required attributes
* Run Action Cable callbacks through the worker poolSean Griffin2016-04-131-3/+25
| | | | | | | | | | Alternate implementation of #24162 with tests. The code had diverged too far on master to pull that implemenation directly. Fixes #23778 Close #24162 [Mattew Draper & Sean Griffin]
* Cable message encodingJeremy Daer2016-03-3110-88/+168
| | | | | | | | | | | | | | | | | | | * Introduce a connection coder responsible for encoding Cable messages as WebSocket messages, defaulting to `ActiveSupport::JSON` and duck- typing to any object responding to `#encode` and `#decode`. * Consolidate encoding responsibility to the connection. No longer explicitly JSON-encode from channels or other sources. Pass Cable messages as Hashes to `#transmit` and rely on it to encode. * Introduce stream encoders responsible for decoding pubsub messages. Preserve the currently raw encoding, but make it easy to use JSON. Same duck type as the connection encoder. * Revert recent data normalization/quoting (#23649) which treated `identifier` and `data` values as nested JSON objects rather than as opaque JSON-encoded strings. That dealt us an awkward hand where we'd decode JSON strings… or not, but always encode as JSON. Embedding JSON object values directly is preferably, no extra JSON encoding, but that should be a purposeful protocol version change rather than ambiguously, inadvertently supporting multiple message formats.
* Keep logging in the ActionCable::Channel::BaseRafael Mendonça França2016-03-301-69/+0
| | | | | | To move Action Cable logging to a LoggingSubscriber we need to pass the log tags in the notification payload since Action Cable logging use the Channel instance to tag the logs.
* Merge pull request #23723 from mwear/action_cable_notificationsRafael Mendonça França2016-03-292-0/+144
|\ | | | | | | Add ActiveSupport::Notification to Channel::Base#perform_action
| * Add AS::Notifications and LogSubscriber to ActionCable::ChannelMatthew Wear2016-03-042-0/+144
| | | | | | | | | | This commit adds ActiveSupport::Notifications instrumentation hooks and a LogSuscriber to ActionCable::Channel::Base.
* | Cable: Shush pop warnings when skipping Postgres tests.Kasper Timm Hansen2016-03-261-0/+1
| | | | | | | | | | | | | | | | `skip` raises an exception to abort the execution of the test, so `super` would never be called and thus `@rx_adapter` and `@tx_adapter` would never have been defined at the time of teardown. Define them just before skipping and zap the warnings.
* | Shush up EM::Hiredis when running tests.Kasper Timm Hansen2016-03-261-0/+11
| | | | | | | | | | | | | | | | | | | | EM::Hiredis were spewing screenfuls of warnings when running the Action Cable tests. Copied over the technique that shushes up faye-websocket in the client tests, so we can reduce the noise ratio. Note: there's still warnings spewed after tests have finished when EM::Hiredis shuts down. I haven't been able to shush them up yet.
* | Gracefully handle disconnected clientsJeremy Daer2016-03-202-0/+132
| | | | | | | | | | | | | | | | We'll get `Errno::ECONNRESET` if the client forcibly disconnected. Just close the socket rather than raising the exception. Handle other errors in `ClientSocket#write`, too, mirroring the Faye error handling which swallows all `StandardError` on write.
* | AC: skip PG adapter tests if the db isn't availableJeremy Daer2016-03-111-0/+7
|/
* Merge pull request #23992 from matthewd/em-optionMatthew Draper2016-03-0413-17/+73
|\ | | | | Support faye-websocket + EventMachine as an option
| * Support faye-websocket + EventMachine as an optionMatthew Draper2016-03-0213-17/+73
| |
* | Accept JSON with no backslashes/escapingJon Moss2016-03-022-2/+3
| | | | | | | | | | | | | | Fixes #22675 Allow channel identifiers and also data with no backslahes/escaping to be accepted by the subscription storer.