aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch.rb
Commit message (Collapse)AuthorAgeFilesLines
* Adds support for configuring HTTP Feature Policy (#33439)Jacob Bednarz2019-07-101-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A HTTP feature policy is Yet Another HTTP header for instructing the browser about which features the application intends to make use of and to lock down access to others. This is a new security mechanism that ensures that should an application become compromised or a third party attempts an unexpected action, the browser will override it and maintain the intended UX. WICG specification: https://wicg.github.io/feature-policy/ The end result is a HTTP header that looks like the following: ``` Feature-Policy: geolocation 'none'; autoplay https://example.com ``` This will prevent the browser from using geolocation and only allow autoplay on `https://example.com`. Full feature list can be found over in the WICG repository[1]. As of today Chrome and Safari have public support[2] for this functionality with Firefox working on support[3] and Edge still pending acceptance of the suggestion[4]. #### Examples Using an initializer ```rb # config/initializers/feature_policy.rb Rails.application.config.feature_policy do |f| f.geolocation :none f.camera :none f.payment "https://secure.example.com" f.fullscreen :self end ``` In a controller ```rb class SampleController < ApplicationController def index feature_policy do |f| f.geolocation "https://example.com" end end end ``` Some of you might realise that the HTTP feature policy looks pretty close to that of a Content Security Policy; and you're right. So much so that I used the Content Security Policy DSL from #31162 as the starting point for this change. This change *doesn't* introduce support for defining a feature policy on an iframe and this has been intentionally done to split the HTTP header and the HTML element (`iframe`) support. If this is successful, I'll look to add that on it's own. Full documentation on HTTP feature policies can be found at https://wicg.github.io/feature-policy/. Google have also published[5] a great in-depth write up of this functionality. [1]: https://github.com/WICG/feature-policy/blob/master/features.md [2]: https://www.chromestatus.com/feature/5694225681219584 [3]: https://bugzilla.mozilla.org/show_bug.cgi?id=1390801 [4]: https://wpdev.uservoice.com/forums/257854-microsoft-edge-developer/suggestions/33507907-support-feature-policy [5]: https://developers.google.com/web/updates/2018/06/feature-policy
* Introduce Actionable ErrorsGenadi Samokovarov2019-04-191-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Actionable errors let's you dispatch actions from Rails' error pages. This can help you save time if you have a clear action for the resolution of common development errors. The de-facto example are pending migrations. Every time pending migrations are found, a middleware raises an error. With actionable errors, you can run the migrations right from the error page. Other examples include Rails plugins that need to run a rake task to setup themselves. They can now raise actionable errors to run the setup straight from the error pages. Here is how to define an actionable error: ```ruby class PendingMigrationError < MigrationError #:nodoc: include ActiveSupport::ActionableError action "Run pending migrations" do ActiveRecord::Tasks::DatabaseTasks.migrate end end ``` To make an error actionable, include the `ActiveSupport::ActionableError` module and invoke the `action` class macro to define the action. An action needs a name and a procedure to execute. The name is shown as the name of a button on the error pages. Once clicked, it will invoke the given procedure.
* Bump license years for 2019Arun Agrawal2018-12-311-1/+1
|
* Introduce a guard against DNS rebinding attacksGenadi Samokovarov2018-12-151-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ActionDispatch::HostAuthorization is a new middleware that prevent against DNS rebinding and other Host header attacks. By default it is included only in the development environment with the following configuration: Rails.application.config.hosts = [ IPAddr.new("0.0.0.0/0"), # All IPv4 addresses. IPAddr.new("::/0"), # All IPv6 addresses. "localhost" # The localhost reserved domain. ] In other environments, `Rails.application.config.hosts` is empty and no Host header checks will be done. If you want to guard against header attacks on production, you have to manually permit the allowed hosts with: Rails.application.config.hosts << "product.com" The host of a request is checked against the hosts entries with the case operator (#===), which lets hosts support entries of type RegExp, Proc and IPAddr to name a few. Here is an example with a regexp. # Allow requests from subdomains like `www.product.com` and # `beta1.product.com`. Rails.application.config.hosts << /.*\.product\.com/ A special case is supported that allows you to permit all sub-domains: # Allow requests from subdomains like `www.product.com` and # `beta1.product.com`. Rails.application.config.hosts << ".product.com"
* Bump license years for 2018Yoshiyuki Hirano2017-12-311-1/+1
|
* Add DSL for configuring Content-Security-Policy headerAndrew White2017-11-271-0/+1
| | | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
* Use frozen string literal in actionpack/Kir Shatrov2017-07-291-0/+2
|
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-021-1/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Enforce frozen string in RubocopKir Shatrov2017-07-011-0/+1
|
* Move and rename system testseileencodes2017-02-201-0/+2
| | | | | | | | | | * Move system tests back into Action Pack * Rename `ActionSystemTest` to `ActionDispatch::SystemTestCase` * Remove private base module and only make file for public `SystemTestCase` class, name private module `SystemTesting` * Rename `ActionSystemTestCase` to `ApplicationSystemTestCase` * Update corresponding documentation and guides * Delete old `ActionSystemTest` files
* Bump license years for 2017Jon Moss2016-12-311-1/+1
| | | | | | | | Per https://www.timeanddate.com/counters/firstnewyear.html, it's already 2017 in a lot of places, so we should bump the Rails license years to 2017. [ci skip]
* Deprecated ActionDispatch::ParamsParser::ParamsParserRafael Mendonça França2016-10-101-1/+0
| | | | | | ActionDispatch::ParamsParser class was removed in favor of ActionDispatch::Http::Parameters so it is better to move the error constant to the new class.
* applies new string literal convention in actionpack/libXavier Noria2016-08-061-17/+17
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Provide a middleware to debug misbehaving locksMatthew Draper2016-06-101-0/+1
| | | | | Only intended to be enabled when in use; by necessity, it sits above any reasonable access control.
* Publish AS::Executor and AS::Reloader APIsMatthew Draper2016-03-021-1/+1
| | | | | | These should allow external code to run blocks of user code to do "work", at a similar unit size to a web request, without needing to get intimate with ActionDipatch.
* Add both HTTP Response Code and Type to assertion messagesSean Collins2016-01-121-0/+1
| | | | | Also, refactor logic to convert between symbol and response code, via the AssertionResponse class
* Update copyright notices to 2016 [ci skip]Rashmi Yadav2015-12-311-1/+1
|
* Soften the lock requirements when eager_load is disabledMatthew Draper2015-07-091-0/+1
| | | | | We don't need to fully disable concurrent requests: just ensure that loads are performed in isolation.
* Update copyright notices to 2015 [ci skip]Arun Agrawal2014-12-311-1/+1
|
* `ActionDispatch::Head` was replaced by `Rack::Head`. Closes #14191.Yves Senn2014-02-251-1/+0
| | | | See 449039a86d802871b707dfb51ac1ed96d53526f9 for the original commit.
* Renamed session_serializer option to cookies_serializerGodfrey Chan2014-02-111-2/+0
|
* FilterParameters is referenced at the class level from the RequestZachary Scott2014-02-091-1/+0
| | | | | Since it's already required in the file, we don't need to use autoload too. This commit is symmetrical change to 0b10180 for Response.
* FilterRedirect is referenced at the class level from the ResponseAaron Patterson2014-01-311-1/+0
| | | | | We can just require the file rather than going through the autoload indirection
* Allow session serializer key in config.session_storeLukasz Sarnacki2014-01-291-4/+6
| | | | | | | | | | | | | MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt.
* update copyright notices to 2014. [ci skip]Vipul A M2014-01-011-1/+1
|
* Remove extra whitespaceAgis Anastasopoulos2013-04-061-4/+4
|
* Allow transparent upgrading of legacy signed cookies to encrypted cookies; ↵Trevor Turk2013-03-281-2/+0
| | | | Automatically configure cookie-based sessions to use the best cookie jar given the app's config
* Remove BestStandardsSupport middlewareGuillermo Iguaran2013-01-291-1/+0
|
* extract PerformanceTest into rails-performance_tests gemYves Senn2013-01-101-1/+0
|
* Updated copyright notices for 2013Andrew Nesbitt2012-12-311-1/+1
|
* Integrate Journey into Action DispatchAndrew White2012-12-191-0/+1
| | | | | | | | Move the Journey code underneath the ActionDispatch namespace so that we don't pollute the global namespace with names that may be used for models. Fixes rails/journey#49.
* Adding filter capability to ActionController logsFabrizio Regini2012-12-051-0/+1
|
* Add UpgradeSignatureToEncryptionCookieStoreSantiago Pastorino2012-11-161-5/+6
| | | | | | This allows easy upgrading from the old signed Cookie Store <= 3.2 or the deprecated one in 4.0 (the ones that doesn't use key derivation) to the new one that signs using key derivation
* Add encrypted cookie storeSantiago Pastorino2012-11-031-4/+5
|
* Implement ActionView::Template::TypesPiotr Sarnacki2012-08-281-0/+1
| | | | | | AV::Template::Types is a small abstraction to allow to specify template types that can be used in ActionView. When Action Pack is loaded it's replaced with Mime::Type.
* Add ActionView::Base.default_formatsPiotr Sarnacki2012-08-281-0/+4
| | | | | | | | default_formats array is used by LookupContext in order to allow rendering templates when :formats option is not passed. Previously it was always set to Mime::SET, which created dependency on Action Pack. In order to remove this dependency, Mime::SET is used only if ActionController is loaded.
* Get rid of config.preload_frameworks in favor of config.eager_load_namespacesJosé Valim2012-08-211-3/+5
| | | | | | | The new option allows any Ruby namespace to be registered and set up for eager load. We are effectively exposing the structure existing in Rails since v3.0 for all developers in order to make their applications thread-safe and CoW friendly.
* Remove the active_model require from action_dispatch.Rafael Mendonça França2012-08-161-1/+0
| | | | | | | | Since we removed the ActiveModel dependenxy from ActionPack at 166dbaa7526a96fdf046f093f25b0a134b277a68 we don't need to require it anymore. Closes #7370
* load active_support/dependencies/autoload in active_support/railsXavier Noria2012-08-021-1/+0
|
* defines a private require-hub active_support/railsXavier Noria2012-08-021-0/+1
| | | | | | | | This is a private place to put those AS features that are used by every component. Nowadays we cherry-pick individual files wherever they are used, but that it is not worth the effort for stuff that is going to be loaded for sure sooner or later, like blank?, autoload, concern, etc.
* raise exceptions on header set after response committedAaron Patterson2012-07-291-0/+3
|
* Remove useless load path modificationsSantiago Pastorino2012-05-111-6/+0
|
* Rack::SSL -> ActionDispatch::SSLRafael Mendonça França2012-03-171-0/+1
|
* Merge pull request #4248 from andrew/2012Vijay Dev2011-12-311-1/+1
|\ | | | | Updated copyright notices for 2012
| * Updated copyright notices for 2012Andrew Nesbitt2011-12-311-1/+1
| |
* | Remove Rescue middleware that was never used by Rails.José Valim2011-12-241-1/+0
| |
* | remove Rails application fallback from AD::IntegrationTestSergey Nartimov2011-12-231-0/+3
| | | | | | | | set AD::IntegrationTest.app in railtie initializer
* | Extract the rendering of public exceptions pages into a Rack app.José Valim2011-12-161-0/+1
| |
* | Get rid of the close checks since we cannot reliably close the session anyway.José Valim2011-12-161-1/+0
| |
* | Split ShowExceptions responsibilities in two middlewares.José Valim2011-12-011-0/+1
| |