| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
| |
| |
| |
| |
| | |
File paths cannot contain null byte characters and methods that do path
operations such as Rack::Utils#clean_path_info will raise unwanted
errors.
|
|/ |
|
| |
|
|
|
|
|
| |
This was causing bug #22738 to occur. Also added extra tests to make
sure everything is A-OK.
|
|
|
|
| |
Still more to do. Please assist!
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new method to request and response so we don't need to
violate the law of demeter.
We are changing `Request` and `Response` so that they always have a
`cookie_jar`
This is a continuation on work to combine integration and controller
test code bases in Rails.
|
|\
| |
| | |
Add text template for source code
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a request is made with AJAX and an error occurs, Rails will render
a text-template for the exception instead of the HTML error page
(#11960).
The `.text.erb` variant of the `_source` template is currently missing,
causing HTML to be rendered in the response. This commit adds the text
template.
To keep the page scannable we only only show the first three source
extracts.
Related to #14745.
Before:
```
~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H
'X-Requested-With: XMLHttpRequest'
RuntimeError in PostsController#index
<div class="source " id="frame-source-0">
<div class="info">
Extracted source (around line <strong>#3</strong>):
</div>
<div class="data">
<table cellpadding="0" cellspacing="0" class="lines">
<tr>
```
After:
```
~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H
'X-Requested-With: XMLHttpRequest'
RuntimeError in PostsController#index
Extracted source (around line #3):
*3 raise
```
|
| | |
|
| | |
|
|\ \
| | |
| | | |
remove unnecessary @compiled_root from static.rb
|
| |/ |
|
|/
|
|
|
|
|
| |
Closes #21230 by following the indication of @rafaelfranca:
> I think the output change would be simpler.
> What is really important to show is the class of the middleware, so we should change the output to show that.
|
| |
|
|
|
|
|
| |
When `require 'active_support/rails'`, 'active_support/deprecation'
is automatically loaded.
|
|\
| |
| |
| | |
Add basic support for access control headers to ActionDispatch::Static
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Now ActionDispatch::Static can accept HTTP headers so that developers
will have control of returning arbitrary headers like
'Access-Control-Allow-Origin' when a response is delivered. They can
be configured through `#config.public_file_server.headers`:
config.public_file_server.headers = {
"Cache-Control" => "public, max-age=60",
"Access-Control-Allow-Origin" => "http://rubyonrails.org"
}
Also deprecate `config.static_cache_control` in favor of
`config.public_file_server.headers`.
|
| |
| |
| |
| | |
header.
|
| | |
|
| |
| |
| |
| |
| |
| | |
We only want to activate flash when the user has enabled it. Api
servers don't use flash, so add an empty implementation to the base
Request object.
|
| |
| |
| |
| |
| | |
Committing the flash needs to happen in order for the session to be
written correctly, so lets guarantee that it actually does happen.
|
| |
| |
| |
| |
| | |
I'm doing this so that we can commit the flash to the session object Out
of Band of the flash middleware
|
| |
| |
| |
| |
| | |
Use the Rack utility methods for functional header manipulation. This
helps to eliminate coupling on the header hash
|
| |
| |
| |
| |
| | |
The flash middleware shouldn't know how to look up the session object.
Just ask the request for that information.
|
| | |
|
| |
| |
| |
| |
| |
| | |
we don't actually need a param parser middleware instance since the
request object will take care of parsing parameters for us. For now,
we'll just configure the parameter parsers on the request in this class.
|
| |
| |
| |
| |
| |
| |
| |
| | |
The middleware stack is a singleton in the application (one instance is
shared for the entire application) which means that there was only one
opportunity to set the parameter parsers. Since there is only one set
of parameter parsers in an app, lets just configure them on the request
class (since that is where they are used).
|
| |
| |
| |
| |
| | |
Parameters will not be parsed until they are specifically requested via
the `request_parameters` method.
|
| |
| |
| |
| |
| | |
`normalize_encode_params` is common to all parser code paths, so we can
pull that up and always apply it before assigning the request parameters
|
| |
| |
| |
| |
| | |
All parameter parsing should be on the request object because the
request object is the object that we ask for parameters.
|
| | |
|
| |
| |
| |
| |
| | |
`Rack::Session::Abstract::ID` is now deprecated and
`Rack::Session::Abstract::Persisted` should be used instead.
|
| |
| |
| |
| | |
It's only used there.
|
| |
| |
| |
| |
| | |
`CookieJar` is only at the start of the chain and has its own
request method, so we don't need it in the module.
|
| |
| |
| |
| | |
It was the same in both legacy versions of the signed and encrypted cookie jars.
|
| |
| |
| |
| | |
The `EncryptedCookieJar` already calls it for us, so just delegate to its `parse` implementation.
|
| |
| |
| |
| |
| | |
`SignedCookieJar`'s parse method already attempts to verify the message,
so we can just call super and try the old verifier if it fails.
|
| |
| |
| |
| | |
Cuts down on the duplicated reading parts.
|
| |
| |
| |
| | |
Gets rid of the option parsing and makes what the encryptor does stand out.
|
| |
| |
| |
| | |
Lets us avoid worrying about parsing the options and doing just what we need.
|
| |
| |
| |
| | |
Remove the clutter to make PermanentCookieJar's one change stand out.
|
| |
| |
| |
| | |
Eventually this will be the superclass of all the chained jars.
|