aboutsummaryrefslogtreecommitdiffstats
path: root/actioncable
Commit message (Collapse)AuthorAgeFilesLines
* Work around all the thingsMatthew Draper2017-04-061-1/+11
|
* Avoid "can't modify frozen IOError" failuresMatthew Draper2017-04-051-5/+16
| | | | https://bugs.ruby-lang.org/issues/13239
* Rename local variable name `current_user` to `verified_user` [ci skip]Ryuta Kamizono2017-03-251-2/+2
| | | | | Assigning local variable named `current_user` in the condition is confusing.
* Revert "Merge pull request #28569 from HarryCollins/patch-1"Kasper Timm Hansen2017-03-251-1/+1
| | | | | | | This reverts commit 296d024b4e91c4891ae0b010249193513e63b921, reversing changes made to e341d835070c7ef9990f41e02bbf46536be0aee7. We aren't trying to compare to current_user, we're assigning that variable.
* Update Action Cable README.md - typo fixHarryCollins2017-03-251-1/+1
|
* Document AC::Connection::Authorization#reject_unauthorized_connectionT.J. Schuck2017-03-221-5/+5
| | | | | | | This method is repeatedly used throughout the docs (in the [AC::Connection docs](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L28), the [AC README](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/README.md#a-full-stack-example), the [AC Guides](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/guides/source/action_cable_overview.md#connection-setup)), but not actually documented itself and seemingly not supported for public use based on its current `private` status. This actually makes the method public and documents it. The actual behavior that’s documented here is implemented [here](https://github.com/rails/rails/blob/12b684985837bc8ee9ad15c174cf4e07ca82d7c4/actioncable/lib/action_cable/connection/base.rb#L213-L219), via [this rescuing of the UnauthorizedError](https://github.com/rails/rails/blob/3dd1de8ba4d5862b01e7f5dd3878b21fd98b443b/actioncable/lib/action_cable/connection/base.rb#L172). The method is [already tested here](https://github.com/rails/rails/blob/25473baf409185638073fe2f016f4b9dda284e50/actioncable/test/connection/authorization_test.rb#L17-L29).
* Fix a race in ActionCable stream testsMatthew Draper2017-03-231-0/+4
| | | | | These tests double-stub connection.pubsub, so we need to ensure the first call's completed before we set up for the second.
* Start Rails 5.2 developmentMatthew Draper2017-03-223-48/+4
|
* Restore action_cable.js UMD module support. Fixes #28366Javan Makhmali2017-03-111-1/+35
|
* Update package.jsonRafael Mendonça França2017-02-231-1/+1
|
* Preparing for 5.1.0.beta1 releaseRafael Mendonça França2017-02-232-1/+3
|
* Deprecate the EventedRedis subscription adapterMatthew Draper2017-02-232-1/+9
| | | | | Unlike Faye support, it seems a bit too documented to remove without warning. So, here's a warning.
* Move some ActionCable logs to debug levelMartijn Storck2017-02-062-2/+2
|
* bin/test for Active Job and Action Cable testsAkira Matsuda2017-02-021-0/+4
| | | | | | According to the commit comment on 54d84cbb77a7fbc6359eda4eb40cc7da29c426e1, AJ/bin/test was intentionally not added, but AJ tests doesn't actually do anything special other than specifying ENV['AJ_ADAPTER'], which can be easily done via command line environment variable.
* correctly check error messageyuuji.yaginuma2017-01-251-3/+6
| | | | | | | `assert_raise` does not check error message. However, in some tests, it seems like expecting error message checking with `assert_raise`. Instead of specifying an error message in `assert_raise`, modify to use another assert to check the error message.
* Add changelog entry for #27425 [ci skip]Chad Ingram2017-01-211-0/+6
|
* Add channel_prefix support to ActionCable redis/evented_redis adapters.Chad Ingram2017-01-177-0/+71
|
* Fix missing bracket.Eugene2017-01-141-1/+1
| | | Fix missing left bracket in exception message.
* Reduce string objects by using \ instead of + or << for concatenating stringsAkira Matsuda2017-01-121-2/+2
| | | | (I personally prefer writing one string in one line no matter how long it is, though)
* ActionCable should not raise when a connection is already openDuncan Grazier2017-01-062-3/+6
| | | | | | | | | | | ActionCable was throwing a "Existing connection must be closed before opening" exception which was being picked up as a production issue in our error monitoring software. Since this happens pretty often on any device that allows the browser to sleep (mobile) this error was getting triggered often. This change removes the exception, but keeps logging the occurrence. We now return `false` to let the caller now that `open` failed.
* `self.` is not needed when calling its own instance methodAkira Matsuda2017-01-052-3/+3
| | | | Actually, private methods cannot be called with `self.`, so it's not just redundant, it's a bad habit in Ruby
* Merge pull request #25626 from maclover7/jm-standardize-ac-readmeRafael França2017-01-031-0/+9
|\ | | | | Standardize Action Cable README.md
| * Standardize Action Cable README.mdJon Moss2016-07-021-0/+9
| | | | | | | | | | | | | | All other Rails components feature this section, Action Cable should have it as well. [ci skip]
* | Bump license years for 2017Jon Moss2016-12-312-2/+2
| | | | | | | | | | | | | | | | Per https://www.timeanddate.com/counters/firstnewyear.html, it's already 2017 in a lot of places, so we should bump the Rails license years to 2017. [ci skip]
* | Upgrade to nio4r 2.0.0Tony Arcieri2016-12-281-1/+1
| | | | | | | | | | | | | | | | | | | | nio4r 2.0.0 primarily includes new features and bugfixes, with few breaking changes. The primary reason for bumping the major version is dropping support for all Ruby versions prior to 2.2.2, so as to match Rails 5. Full release announcement here: https://groups.google.com/forum/#!topic/socketry/ZDIUj1ufiJ8
* | Small edits to actioncable/CHANGELOG.mdJon Moss2016-12-271-2/+2
| | | | | | | | | | | | [ci skip] - capitalize WebSocket
* | Privatize unneededly protected methods in Action CableAkira Matsuda2016-12-245-25/+24
| |
* | Privatize unneededly protected methods in Action Cable testsAkira Matsuda2016-12-243-3/+3
| |
* | Describe what we are protectingAkira Matsuda2016-12-234-0/+8
| |
* | Fix typo in channel generator usage messageCarlos Eduardo Monti2016-12-191-2/+2
| |
* | ActionCable::Connection::Base doc code sample syntax errorMSP-Greg2016-12-061-4/+1
| |
* | Prevent race condition when launching EventMachine reactorMatthew Draper2016-11-302-2/+28
| | | | | | | | | | | | | | reactor_running? will be true just after the thread enters EventMachine.run; reactor_thread only gets set after the internal initialize_event_machine method has been called, the C extension is set up, and it is entering its run loop.
* | Add more Action Cable JavaScript testsJavan Makhmali2016-11-214-0/+78
| |
* | use correct value in example [ci skip]yuuji.yaginuma2016-11-141-1/+1
| | | | | | | | | | Need to specify `reload` from turbolinks 5. Ref: 7225f0bb9fd1d71a7a37b53815c90178cc7319bd
* | Changelog editsVipul A M2016-11-121-4/+4
| |
* | Add more rubocop rules about whitespacesRafael Mendonça França2016-10-298-18/+18
| |
* | Lazy-load blade for actioncable tests; no blade on JRuby.Charles Oliver Nutter2016-10-211-1/+2
| |
* | Permit same-origin connections by defaultMatthew Draper2016-10-115-8/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WebSocket always defers the decision to the server, because it didn't have to deal with legacy compatibility... but the same-origin policy is still a reasonable default. Origin checks do not protect against a directly connecting attacker -- they can lie about their host, but can also lie about their origin. Origin checks protect against a connection from 3rd-party controlled script in a context where a victim browser's cookies will be passed along. And if an attacker has breached that protection, they've already compromised the HTTP session, so treating the WebSocket connection in the same way seems reasonable. In case this logic proves incorrect (or anyone just wants to be more paranoid), we retain a config option to disable it.
* | Merge pull request #26568 from skateman/cable-sameorigin-as-hostMatthew Draper2016-10-114-1/+18
|\ \ | | | | | | | | | Optionally allow ActionCable requests from the same host as origin
| * | Optionally allow ActionCable requests from the same host as originDávid Halász2016-09-214-1/+18
| | | | | | | | | | | | | | | | | | | | | When the `allow_same_origin_as_host` is set to `true`, the request forgery protection permits `HTTP_ORIGIN` values starting with the corresponding `proto://` prefix followed by `HTTP_HOST`. This way it is not required to specify the list of allowed URLs.
* | | Merge pull request #26714 from matthewd/close-raceMatthew Draper2016-10-074-10/+11
|\ \ \ | | | | | | | | Work around read/close race (x2)
| * | | Wait for the socket to be closed asynchronouslyMatthew Draper2016-10-061-2/+10
| | | |
| * | | Use a branch of websocket-client-simple, to work around read/close raceMatthew Draper2016-10-061-7/+0
| | | |
| * | | Close the IO from the read loop threadMatthew Draper2016-10-062-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IO#close and IO#read across threads don't get along so well: After T1 enters #read and releases the GVL, T2 can call #close on the IO, thereby both closing the fd and freeing the buffer while T1 is using them.
* | | | Change page:change to turbolinks:load in README.md [ci skip]kenta-s2016-10-051-1/+1
|/ / /
* | | Don't shut down adapters that haven't been setMatthew Draper2016-10-041-1/+1
| | | | | | | | | | | | We hit when we skip the PostgreSQL adapter.
* | | Shut down the worker pool - don't kill itMatthew Draper2016-10-031-1/+1
| | | | | | | | | | | | | | | Different parts of concurrent-ruby's documentation make inconsistent claims about how kill will behave. It doesn't do the thing we want.
* | | Add tests for Server::Base#restartJon Moss2016-10-021-0/+33
| | |
* | | Move behavior to Server::Base, and flush pubsubJon Moss2016-10-022-3/+6
| | |
* | | Shutdown pubsub connection before classes are reloadedJon Moss2016-10-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this patch, if you were to make a file edit in your Rails application and you tried to load up the page, it would hang indefinitely. The issue is that Active Record is trying to cleanup after itself and clear all active connection, but Action Cable is still holding onto a connection from the pool. To resolve this, we are now shutting down the pubsub adapter before classes are reloaded, to avoid this altogether (connection is being returned to the pool). Credits to @skateman for discovering this bug. :)