aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/http/request.rb
Commit message (Collapse)AuthorAgeFilesLines
* Add three new rubocop rulesRafael Mendonça França2016-08-161-1/+1
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* Allow specifying encoding of parameters by actionKerri Miller2016-08-091-0/+1
| | | | | At GitHub we need to handle parameter encodings that are not UTF-8. This patch allows us to specify encodings per parameter per action.
* applies new string literal convention in actionpack/libXavier Noria2016-08-061-33/+33
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Check `request.path_parameters` encoding at the point they're setGrey Baker2016-07-141-12/+0
| | | | | | | | Check for any non-UTF8 characters in path parameters at the point they're set in `env`. Previously they were checked for when used to get a controller class, but this meant routes that went directly to a Rack app, or skipped controller instantiation for some other reason, had to defend against non-UTF8 characters themselves.
* Fix request.reset_session for API controllersJon Moss2016-03-191-1/+0
| | | | | | | | | | | | Due to that `ActionDispatch::Flash` (the flash API's middleware) is not included for API controllers, the `request.reset_session` method, which relies on there being a `flash=` method which is in fact defined by the middleware, was previously breaking. Similarly to how add46482a540b33184f3011c5c307f4b8e90c9cc created a method to be overridden by the flash middleware in order to ensure non-breakage, this is how flashes are now reset. Fixes #24222
* Fix `request.ssl?` bug with Action CableJon Moss2016-02-231-0/+4
| | | | | This bug affects `wss://` requests when running Action Cable in-app. Fixes #23620.
* Space OddityAkira Matsuda2016-01-141-1/+1
| | | | | Converting nbsp(\u{00A0}) to the normal ASCII space(\u{0020}) [ci skip]
* Stop violating law of demeter in response cookie_jareileencodes2015-12-061-0/+3
| | | | | | | | | | | This adds a new method to request and response so we don't need to violate the law of demeter. We are changing `Request` and `Response` so that they always have a `cookie_jar` This is a continuation on work to combine integration and controller test code bases in Rails.
* Push `before_sending` to super classeileencodes2015-12-061-0/+4
| | | | | | | | | | | | We want to get rid of the `Live::Response` so we are consolidating methods from `Live::Response` and `Response` by merging them together. This adds an `#empty` method to the request so we don't need to hard-code the empty array each time we call an empty `ActionDispatch::Request`. The work here is a continuation on combining controller and integration test code bases into one.
* Merge pull request #22263 from mastahyeti/csrf-origin-checkRafael França2015-11-261-2/+2
|\ | | | | | | | | Add option to verify Origin header in CSRF checks [Jeremy Daer + Rafael Mendonça França]
| * Add option to verify Origin header in CSRF checksBen Toews2015-11-251-2/+2
| |
* | Merge pull request #17928 from sergey-alekseev/remove-unused-form-data-methodSean Griffin2015-11-231-3/+9
|\ \ | |/ |/|
| * write a test for `#form_data?`Sergey Alekseev2015-03-311-1/+9
| | | | | | | | | | | | | | | | | | The initial attempt was to remove the method at all in https://github.com/sergey-alekseev/rails/commit/4926aa68c98673e7be88a2d2b57d72dc490bc71c. The method overrides Rack's `#form_data?` https://github.com/rack/rack/blob/6f8808d4201e68e4bd780441b3b7bb3ee6d1f43e/lib/rack/request.rb#L172-L184. Which may have some incorrect implementation actually. `type.nil?` isn't possible I suppose. I'll check.
* | Deprecate exception#original_exception in favor of exception#causeYuki Nishijima2015-11-031-2/+2
| |
* | Catch invalid UTF-8 querystring values and respond with BadRequestGrey Baker2015-10-231-1/+4
| |
* | Show helpful messages on invalid param. encodingsAgis Anastasopoulos2015-10-191-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to this change, given a route: # config/routes.rb get ':a' => "foo#bar" If one pointed to http://example.com/%BE (param `a` has invalid encoding), a `BadRequest` would be raised with the following non-informative message: ActionController::BadRequest From now on the message displayed is: Invalid parameter encoding: hi => "\xBE" Fixes #21923.
* | pull the flash methods in to their own moduleAaron Patterson2015-09-251-0/+3
| | | | | | | | | | | | We only want to activate flash when the user has enabled it. Api servers don't use flash, so add an empty implementation to the base Request object.
* | commit the flash after the controller finishes being servicedAaron Patterson2015-09-251-15/+0
| | | | | | | | | | Committing the flash needs to happen in order for the session to be written correctly, so lets guarantee that it actually does happen.
* | move flash committing to the request object.Aaron Patterson2015-09-251-0/+15
| | | | | | | | | | I'm doing this so that we can commit the flash to the session object Out of Band of the flash middleware
* | remove the request parameter from `parse_formatted_parameters`Aaron Patterson2015-09-181-1/+1
| | | | | | | | | | This is an instance method on the request object now so we don't need it anymore
* | push the parameter parsers on to the classAaron Patterson2015-09-181-25/+0
| | | | | | | | | | | | | | | | The middleware stack is a singleton in the application (one instance is shared for the entire application) which means that there was only one opportunity to set the parameter parsers. Since there is only one set of parameter parsers in an app, lets just configure them on the request class (since that is where they are used).
* | only wrap the strategy with exception handlingAaron Patterson2015-09-181-9/+10
| | | | | | | | | | | | we need to be more specific about exception handling when dealing with the parse strategies. The calls to `return yield` can also raise an exception, but we don't want to handle that in *this* code.
* | pull `normalize_encode_params` upAaron Patterson2015-09-181-2/+2
| | | | | | | | | | `normalize_encode_params` is common to all parser code paths, so we can pull that up and always apply it before assigning the request parameters
* | remove the `default` parameter from the parser methodAaron Patterson2015-09-181-8/+5
| | | | | | | | | | since there is only one "default" strategy now, we can just use the block parameter for that.
* | move parameter parsing to the request objectAaron Patterson2015-09-181-1/+34
| | | | | | | | | | All parameter parsing should be on the request object because the request object is the object that we ask for parameters.
* | fewer direct env manipulationsAaron Patterson2015-09-151-1/+1
| | | | | | | | this commit removes some direct access to `env`.
* | stop inheriting from Rack::RequestAaron Patterson2015-09-041-3/+5
| | | | | | | | | | | | Just include the modules necessary in the Request object to implement the things we need. This should make it easier to build delegate request objects because the API is smaller
* | Merge pull request #21483 from justanshulsharma/add-ip6-addressEileen M. Uchitelle2015-09-031-1/+1
|\ \ | | | | | | [ci skip] Added localhost IPv6
| * | [ci skip] Added localhost IPv6Anshul Sharma2015-09-031-1/+1
| | |
* | | add a method for getting the http auth saltAaron Patterson2015-08-291-0/+4
| | |
* | | Code cleanupMarcin Olichwirowicz2015-08-271-2/+2
|/ / | | | | | | | | | | | | | | Cleanup for `ActionDispatch::Http::Parameters` - no need for required libraries and remove not used private method. Apparently this method was used in `ActionDispatch::Http::Request` - fixed by calling `Request::Utils` explicitly (as was done in other parts of the codebase)
* | always return a controller class from the `controller_class` methodAaron Patterson2015-08-251-6/+13
| | | | | | | | | | now the caller can just treat it like a regular controller even though it will return a 404
* | Remove unused block argumentsAnshul Sharma2015-08-251-1/+1
| |
* | remove more direct access to `env`Aaron Patterson2015-08-241-1/+2
| |
* | stop using `@env` in the GET / POST methodsAaron Patterson2015-08-241-2/+7
| | | | | | | | | | I want to implement this with something besides `@env` in the future, so lets stop directly referencing it.
* | use a request object in the session middlewareAaron Patterson2015-08-221-2/+2
| | | | | | | | | | This commit allows us to use one request object rather than allocating multiple request objects to deal with the session.
* | move more `@env` access to method callsAaron Patterson2015-08-221-16/+16
| | | | | | | | | | We're going to implement storing env values differently in the future, so let's disconnect these methods from the instance variables
* | move ORIGINAL_SCRIPT_NAME to the metaprogrammed methodsAaron Patterson2015-08-221-4/+1
| |
* | metaprogram the HTTP_X_REQUEST_ID methodAaron Patterson2015-08-221-6/+1
| | | | | | | | we're already doing this with a bunch of other header data.
* | use `body_stream` instead of getting the env value ourselvesAaron Patterson2015-08-221-1/+1
| | | | | | | | we have a method that knows how to get rack.input, so lets use that.
* | convert `@env` use to get / set headerAaron Patterson2015-08-221-16/+16
| | | | | | | | | | | | We need to abstract the internals of the request object away from this instance variable so that the values for `@env` can be calculated in a different way.
* | Refactor to remove controller class from route to requesteileencodes2015-08-221-0/+12
| | | | | | | | | | | | | | | | | | | | This refactoring moves the controller class name that was on the route set to the request. The purpose of this refactoring is for changes we need to move controller tests to integration tests, mainly being able to access the controller on the request instead of having to go through the router. [Eileen M. Uchitelle & Aaron Patterson]
* | pass a request object to the headers objectAaron Patterson2015-08-211-1/+1
| |
* | deprecate the env method on controller instancesAaron Patterson2015-08-071-1/+1
| | | | | | | | | | | | people should be accessing request information through the request object, not via the env hash. If they really really want at the env hash, then they can get it off the request.
* | stop using @_env in the controller instanceAaron Patterson2015-08-071-0/+8
| | | | | | | | | | | | | | Actions are processed through `dispatch`, so they should have the request set on them before any user land code can be executed. Lets stop setting _env on the controller, and give access to it through the `env` method.
* | refactor param parsing middleware to use request objectsAaron Patterson2015-08-071-0/+8
| | | | | | | | | | this is another place that we should stop directly accessing the env hash and let the request object take care of that for us
* | Fix documentation on ActionDispatch::RequestGabriel Sobrinho2015-08-061-1/+1
| |
* | use a request object to access info from env in GetIpAaron Patterson2015-08-061-1/+7
| | | | | | | | | | | | | | again, we want to hide the contents of `env` from the implementation. Allocate a request object to access the contents of env, but save allocations due to string literal allocations when accessing the env hash.
* | ask the request if we should show exceptionsAaron Patterson2015-08-061-0/+7
| | | | | | | | | | hide the env key in the request object so that other code doesn't need to know.
* | prevent string allocationsAaron Patterson2015-08-061-1/+1
| |
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 00:24:16 +0000