| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
ActionDispatch::ParamsParser class was removed in favor of
ActionDispatch::Http::Parameters so it is better to move the error
constant to the new class.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
`skip_action_callback`, `skip_filter`, `before_filter`,
`prepend_before_filter`, `skip_before_filter`,
`append_before_filter`, `around_filter`
`prepend_around_filter`, `skip_around_filter`,
`append_around_filter`, `after_filter`,
`prepend_after_filter`, `skip_after_filter` and
`append_after_filter`.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently a misleading "missing required keys" error is thrown when a param
fails to match the constraints of a particular route. This commit ensures that
these params are recognised as unmatching rather than missing.
Note: this means that a different error message will be provided between
optimized and non-optimized path helpers, due to the fact that the former does
not check constraints when matching routes.
Fixes #26470.
|
| |
|
|
|
|
|
|
|
|
|
| |
Currently, `fixture_file_upload` does not work in integration test.
Because, `TestProcess` module has been include in `Session` class, but
`fixture_path` can not get from `Session` class.
Modify to include `TestProcess` in `IntegrationTest` class in order to get
correct value of `fixture_path`.
|
|
|
|
|
| |
I consider the missing deprecation warning a bug fix from
the point of view of the 5.0.x series and forward.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PR #20940 enabled the use of multiple roots with different constraints
at the top level but unfortunately didn't work when those roots were inside
a namespace and also broke the use of root inside a namespace after a top
level root was defined because the check for the existence of the named route
used the global :root name and not the namespaced name.
This is fixed by using the name_for_action method to expand the :root name to
the full namespaced name. We can pass nil for the second argument as we're not
dealing with resource definitions so don't need to handle the cases for edit
and new routes.
Fixes #26148.
|
|
|
| |
Include the content of the flash in the auto-generated etag
|
|
|
|
|
|
|
|
|
|
|
| |
When `config.force_ssl` is set to `true`, any POST/PUT/DELETE requests coming in to non-secure url are being redirected with a 301 status.
However, when that happens, the request is converted to a GET request and ends up hitting a different action on the controller.
Since we can not do non-GET redirects, we can instead redirect with a 307 status code instead to indicate to the caller that a fresh request should be tried preserving the original request method.
`rack-ssl` gem which was used to achieve this before we had this middleware directly baked into Rails also used to do the same, ref: https://github.com/josh/rack-ssl/blob/master/lib/rack/ssl.rb#L54
This would be specially important for any apps switching from older version of Rails or apps which expose an API through Rails.
|
| |
|
|
|
|
| |
Documentation & testing
|
| |
|
|
|
|
|
| |
The entry was a result of a combination of changes in Action View
and Action Controller.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In integration test when specify the "Accept" header with "xhr: true"
option, the Accept header is overridden with a default xhr Accept
header. The issue only affects HTTP header "Accept" but not CGI variable
"HTTP_ACCEPT".
For example:
get '/page', headers: { 'Accept' => 'application/json' }, xhr: true
# This is WRONG! And the response.content_type is also affected.
# It should be "application/json"
assert_equal "text/javascript, text/html, ...", request.accept
assert_equal 'text/html', response.content_type
The issue is in `ActionDispatch::Integration::RequestHelpers`. When
setting "xhr: true" the helper sets a default HTTP_ACCEPT if blank.
But the code doesn't consider supporting both HTTP header style and
CGI variable style.
For detail see this GitHub issue:
https://github.com/rails/rails/issues/25859
|
|\
| |
| |
| | |
Fix keyed defaults with root
|
|/ |
|
|
|
|
| |
- Also minor weekly CHANGELOG cleanup.
|
|
|
|
|
|
|
|
| |
Check for any non-UTF8 characters in path parameters at the point they're
set in `env`. Previously they were checked for when used to get a controller
class, but this meant routes that went directly to a Rack app, or skipped
controller instantiation for some other reason, had to defend against
non-UTF8 characters themselves.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `ActionDispatch::Static` middleware is used low down in the stack to serve
static assets before doing much processing. Since it's called from so low in
the stack, we don't have access to the request ID at this point, and generally
won't have any exception handling defined (by default `ShowExceptions` is added
to the stack quite a bit higher and relies on logging and request ID).
Before https://github.com/rails/rails/commit/8f27d6036a2ddc3cb7a7ad98afa2666ec163c2c3
this middleware would ignore unknown HTTP methods, and an exception about these
would be raised higher in the stack. After that commit, however, that exception
will be raised here.
If we want to keep `ActionDispatch::Static` so low in the stack (I think we do)
we should suppress the `ActionController::UnknownHttpMethod` exception here,
and instead let it be raised higher up the stack, once we've had a chance to
define exception handling behaviour.
This PR updates `ActionDispatch::Static` so it passes `Rack::Request` objects to
`ActionDispatch::FileHandler`, which won't raise an
`ActionController::UnknownHttpMethod` error. If an unknown method is
passed, it should exception higher in the stack instead, once we've had a
chance to define exception handling behaviour.`
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rack [recently](https://github.com/rack/rack/commit/7e7a3890449b5cf5b86929c79373506e5f1909fb)
moved the namespace of its `ParameterTypeError` and `InvalidParameterError`
errors. Whilst an alias for the old name was added, the logic in
`ActionDispatch::ExceptionWrapper` was still broken by this change, since it
relies on the class name.
This PR updates `ActionDispatch::ExceptionWrapper` to handle the Rack 2.0
namespaced errors correctly. We no longer need to worry about the old names,
since Rails specifies Rack ~> 2.0.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is a common pattern in the Rails community that when people want to
:xa
use any kind of helper that is defined inside app/helpers they includes
the helper module inside the controller like:
module UserHelper
def my_user_helper
# ...
end
end
class UsersController < ApplicationController
include UserHelper
def index
render inline: my_user_helper
end
end
This has problem because the helper can't access anything that is
defined in the view level context class.
Also all public methods of the helper become available in the controller
what can lead to undesirable methods being routed and behaving as
actions.
Also if you helper depends on other helpers or even Action View helpers
you need to include each one of these dependencies in your controller
otherwise your helper is not going to work.
We already have a helpers proxy at controller class level but that proxy
doesn't have access to the instance variables defined in the
controller.
With this new instance level helper proxy users can reuse helpers in the
controller without having to include the modules and with access to
instance variables defined in the controller.
class UsersController < ApplicationController
def index
render inline: helpers.my_user_helper
end
end
|
| |
|
|\
| |
| |
| | |
Refactor handling of :action default in routing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The longstanding convention in Rails is that if the :action parameter
is missing or nil then it defaults to 'index'. Up until Rails 5.0.0.beta1
this was handled slightly differently than other routing defaults by
deleting it from the route options and adding it to the recall parameters.
With the recent focus of removing unnecessary duplications this has
exposed a problem in this strategy - we are now mutating the request's
path parameters and causing problems for later url generation. This will
typically affect url_for rather a named url helper since the latter
explicitly pass :controller, :action, etc.
The fix is to add a default for :action in the route class if the path
contains an :action segment and no default is passed. This change also
revealed an issue with the parameterized part expiry in that it doesn't
follow a right to left order - as soon as a dynamic segment is required
then all other segments become required.
Fixes #23019.
|
| | |
|
|\ \
| | |
| | |
| | | |
extension synonyms yml and yaml
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
- skip calling helper_method if it's not there: if we don't have helpers, we needn't define one.
- tests that an api controller can include and use ActionController::Cookies
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Introduce `Response#strong_etag=` and `#weak_etag=` and analogous options
for `fresh_when` and `stale?`. `Response#etag=` sets a weak ETag.
Strong ETags are desirable when you're serving byte-for-byte identical
responses that support Range requests, like PDFs or videos (typically
done by reproxying the response from a backend storage service).
Also desirable when fronted by some CDNs that support strong ETags
only, like Akamai.
* No longer strips quotes (`"`) from ETag values before comparing them.
Quotes are significant, part of the ETag. A quoted ETag and an unquoted
one are not the same entity.
* Support `If-None-Match: *`. Rarely useful for GET requests; meant
to provide some optimistic concurrency control for PUT requests.
|
|/ /
| |
| |
| |
| |
| | |
Related with 38d2bf5fd1f3e014f2397898d371c339baa627b1.
cc @tenderlove
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ci skip]
This updates the 5.0 release notes guide to reflect changes that
happened after beta1 has been released.
I'll sync the other changelogs later today but I'll push this batch to
prevent against cumbersome merge conflicts.
|
|\ \
| | |
| | |
| | | |
Default rendering behavior if respond_to collector doesn't have a block.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a `respond_to` collector doesn't have a response, then a
`:no_content` response should be rendered. This brings the default
rendering behavior introduced by
https://github.com/rails/rails/issues/19036 to controller methods
employing `respond_to`
|