| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
| |
Hide malformed parameters from error page
Accidentally merged this to 6-0-stable so forward porting it to master
here instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Actionable errors let's you dispatch actions from Rails' error pages. This
can help you save time if you have a clear action for the resolution of
common development errors.
The de-facto example are pending migrations. Every time pending migrations
are found, a middleware raises an error. With actionable errors, you can
run the migrations right from the error page. Other examples include Rails
plugins that need to run a rake task to setup themselves. They can now
raise actionable errors to run the setup straight from the error pages.
Here is how to define an actionable error:
```ruby
class PendingMigrationError < MigrationError #:nodoc:
include ActiveSupport::ActionableError
action "Run pending migrations" do
ActiveRecord::Tasks::DatabaseTasks.migrate
end
end
```
To make an error actionable, include the `ActiveSupport::ActionableError`
module and invoke the `action` class macro to define the action. An action
needs a name and a procedure to execute. The name is shown as the name of a
button on the error pages. Once clicked, it will invoke the given
procedure.
|
|
|
|
|
|
| |
not exist
- This is similar to the work done in https://github.com/rails/rails/pull/31534
|
|
|
|
| |
NameError: uninitialized constant ActionView::CompiledTemplates::ActiveStorage
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ActionDispatch::HostAuthorization is a new middleware that prevent
against DNS rebinding and other Host header attacks. By default it is
included only in the development environment with the following
configuration:
Rails.application.config.hosts = [
IPAddr.new("0.0.0.0/0"), # All IPv4 addresses.
IPAddr.new("::/0"), # All IPv6 addresses.
"localhost" # The localhost reserved domain.
]
In other environments, `Rails.application.config.hosts` is empty and no
Host header checks will be done. If you want to guard against header
attacks on production, you have to manually permit the allowed hosts
with:
Rails.application.config.hosts << "product.com"
The host of a request is checked against the hosts entries with the case
operator (#===), which lets hosts support entries of type RegExp,
Proc and IPAddr to name a few. Here is an example with a regexp.
# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << /.*\.product\.com/
A special case is supported that allows you to permit all sub-domains:
# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << ".product.com"
|
| |
|
|\
| |
| |
| |
| | |
albertoalmagro/albertoalmagro/prefer-rails-command-over-bin-rails
Prefer rails command over bin/rails
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As discussed in #33203 rails command already looks for, and runs,
bin/rails if it is present.
We were mixing recommendations within guides and USAGE guidelines,
in some files we recommended using rails, in others bin/rails and
in some cases we even had both options mixed together.
|
|/ |
|
|
|
|
|
|
|
|
|
| |
Since other views use the `h2` tag, should also use `h2` on
`missing_exact_template.html.erb`.
https://github.com/rails/rails/blob/76acaf6eb9ef3635e4c6f2ca9dba34edb50f541d/actionpack/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb#L5
https://github.com/rails/rails/blob/76acaf6eb9ef3635e4c6f2ca9dba34edb50f541d/actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb#L11
https://github.com/rails/rails/blob/76acaf6eb9ef3635e4c6f2ca9dba34edb50f541d/actionpack/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb#L5
|
| |
|
|
|
|
|
|
| |
When a user tries to create a new attachment or blog and the matching table is missing from the database
(`active_storage_attachments` and `active_storage_blobs` by default), an informative error is displayed
that invites users to run the `active_storage:install` task.
|
|
|
|
|
|
| |
Long source lines cause line wrapping in the extracted
source section of the rescue handler page which can make
the line numbers not match up with the source lines.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a request is made with AJAX and an error occurs, Rails will render
a text-template for the exception instead of the HTML error page
(#11960).
The `.text.erb` variant of the `_source` template is currently missing,
causing HTML to be rendered in the response. This commit adds the text
template.
To keep the page scannable we only only show the first three source
extracts.
Related to #14745.
Before:
```
~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H
'X-Requested-With: XMLHttpRequest'
RuntimeError in PostsController#index
<div class="source " id="frame-source-0">
<div class="info">
Extracted source (around line <strong>#3</strong>):
</div>
<div class="data">
<table cellpadding="0" cellspacing="0" class="lines">
<tr>
```
After:
```
~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H
'X-Requested-With: XMLHttpRequest'
RuntimeError in PostsController#index
Extracted source (around line #3):
*3 raise
```
|
| |
|
|
|
|
|
|
|
|
| |
Change filter on /rails/info/routes to use an actual path regexp from rails
and not approximate javascript version. Oniguruma supports much more
extensive list of features than javascript regexp engine.
Fixes #18402.
|
|
|
| |
Avoid logic in ERB and use helpers
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This will help you debug missing template errors, especially if they
come from a programmatic template selection. Thanks to @dhh for
suggesting that.
As a bonus, also show request and response info on the routing error
page for consistency.
|
|
|
|
|
| |
It returns multiple source extracts since 1ed264bc. Also cleaned its
result structure, as we no longer need the file in a code extract.
|
|
|
|
|
|
| |
Those three can be nil when exception backtrace is nil. This happens and
that forced a couple of nil guards in the code. I'm proposing to make
those always return an array, even on nil backtrace.
|
|
|
|
| |
trace list, closes #17312
|
|
|
|
|
|
| |
Hash#keys.each allocates an array of keys; Hash#each_key iterates through the
keys without allocating a new array. This is the reason why Hash#each_key
exists.
|
| |
|
|
|
|
|
|
| |
Provide the ability to extract the source code of the entire exception stack
trace, not just the frame raising the error. This improves debugging
capability of the error page, especially for framework-related errors.
|
|
|
|
|
|
| |
This is not a security issue since this page is not present in
production and user have to type something in the field but is better to
escape the input.
|
| |
|
|
|
|
| |
- also refactored the javascript.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
It'd be a nice convention to mark the unused variables like this, now that Ruby 2 will issue no warnings for such vars being unused.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When debugging routes ,it can sometimes be difficult to understand exactly how the paths are matched. This PR adds a JS based path matching widget to the `/rails/info/routes` output. You can enter in a path, and it will tell you which of the routes that path matches, while preserving order (top match wins).
The matching widget in action:
![](http://f.cl.ly/items/3A2F0v2m3m1Z1p3P3O3k/path-match.gif)
Prior to this PR the only way to check matching paths is via mental math, or typing in a path in the url bar and seeing where it goes. This feature will be an invaluable debugging tool by dramatically decreasing the time needed to check a path match.
ATP actionpack
|
|
|
|
|
|
| |
It is used by the table formatter only, and it's already inside a routes
directory that namespaces it properly, so calling it just "table" seems
simpler.
|
|
|
|
|
|
|
| |
It feels more consistent to have this class called "HtmlTableFormatter",
and to have it here with the routes inspector and console formatter,
since it's used for both routing error exceptions and the rails info
page.
|