aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-03-013-3/+20
|\
| * Explained how to set session expiry through session_store configIain Beeston2015-02-273-3/+20
| | | | | | | | | | | | Most session stores offer an :expire_after option, but it's largely undocumented. Cookie store also supports a number of options via rack (these used to be documented in rails 2.3)
* | Change filter on /rails/info/routes to use an actual path regexp from railsbrainopia2015-02-232-67/+63
| | | | | | | | | | | | | | | | Change filter on /rails/info/routes to use an actual path regexp from rails and not approximate javascript version. Oniguruma supports much more extensive list of features than javascript regexp engine. Fixes #18402.
* | Aliased the ActionDispatch::Request#uuid method with ↵David Ilizarov2015-02-201-1/+1
| | | | | | | | ActionDispatch::Request#request_id
* | Freeze strings to reduce allocations in integration testseileencodes2015-02-181-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | Moves `X-Request-ID`, `action_dispatch.request_id` and `HTTP_X_REQUEST_ID` strings to constants and freezes them. We are freezing these strings to reduce the number of allocations in Rails integration tests. The tests are spending a lot of time in GC and this reduces the amount of time spent from 12% to 9% (in combination with Rack PR that also freezes some strings). Number of allocations before this change: 1030722 Number of allocations after this change: 967722
* | Reduce the number of times `#clean_path_info` is calledeileencodes2015-02-181-3/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | It's unnecessary to call `#clean_path_info`. It doesn't need to be called on the path with each extension. This reduces allocations to `Rack::Utils` in integration tests. Before `#clean_path_info` from `Rack::Utils` (line 622) was number 2 in top 5 allocations: ``` [["rack/lib/rack/utils.rb", 499, :T_STRING], [51034, 4539, 71559, 0, 12, 1791120]] [["rack/lib/rack/utils.rb", 662, :T_STRING], [33012, 0, 27930, 0, 1, 1226009]] [["rails/activesupport/lib/active_support/notifications/fanout.rb", 55, :T_DATA], [29998, 0, 25380, 0, 1, 3230600]] [["rails/activesupport/lib/active_support/subscriber.rb", 99, :T_STRING], [29996, 0, 25378, 0, 2, 1113840]] [["rails/activesupport/lib/active_support/notifications/instrumenter.rb", 52, :T_HASH], [29994, 147, 27014, 0, 11, 4897784]] ``` After `#clean_path_info` from `Rack::Utils` (line 622) does not appear in the top 5 highest allocations: ``` [["rack/lib/rack/utils.rb", 499, :T_STRING], [47617, 2414, 68969, 0, 12, 1667360]] [["rack/lib/rack/body_proxy.rb", 34, :T_ARRAY], [28230, 0, 26060, 0, 1, 1046800]] [["rails/activesupport/lib/active_support/notifications/fanout.rb", 55, :T_DATA], [28208, 0, 26042, 0, 1, 3034096]] [["rails/activesupport/lib/active_support/subscriber.rb", 99, :T_STRING], [28204, 0, 26040, 0, 1, 1046080]] [["rails/activesupport/lib/active_support/callbacks.rb", 165, :T_DATA], [28200, 0, 26046, 0, 2, 3451800]] ```
* require rack/utils in exception_wrapperAndrew Lazarus2015-02-121-0/+1
|
* Merge pull request #18721 from sj26/pre-discard-flashAaron Patterson2015-02-011-17/+23
|\ | | | | Pre-discard flash messages
| * Migrate old flash behaviourSamuel Cochran2015-01-301-0/+6
| |
| * Discard from flash before persisting in sessionSamuel Cochran2015-01-291-17/+17
| |
* | Show proper traces on Windows for the error pagesGenadi Samokovarov2015-02-011-2/+8
|/ | | | | | | | | | | | | | | | | | | | | | This is an issue brought up by @daniel-rikowski in rails/web-console#91. Citing his PR proposal here: > Prior to this, backtrace lines were simply split by a single colon. > > Unfortunately that is also the drive letter delimiter in Windows paths > which resulted in a lot of empty source fragments of "C:0". ("C" from > the drive letter and 0 from "/path/to/rails/file.rb:16".to_i) > > Now the trace line is split by the first colon followed by some digits, > which works for both Windows and Unix path styles. Now, the PR was sent against web-console, because of the templates copy issue we used to had. Instead of bothering the contributor to reopen the issue against upstream Rails itself, I will make sure he gets the credit by putting his name in [rails-contributors/hard_coded_authors.rb][]. [rails-contributors/hard_coded_authors.rb]: (https://github.com/fxn/rails-contributors/blob/master/app/models/names_manager/hard_coded_authors.rb).
* Changing sets -> set Lindsey Bieda2015-01-061-1/+1
| | | Updating some minor grammar issue.
* - Removed unused parameter to cookie serialize method and fixed usage of the ↵Vipul A M2014-12-241-4/+4
| | | | same elsewhere
* We don't need to call to_sym. Just compare the stringRafael Mendonça França2014-12-041-1/+1
|
* Merge pull request #17792 from rockrep/masterRafael Mendonça França2014-12-041-1/+1
|\ | | | | | | allow 'all' for :domain option in addition to :all
| * allow 'all' for :domain option in addition to :allrockrep2014-11-261-1/+1
| |
| * Revert "Invert precedence of content in ActionDispatch::Static"Andrew White2012-12-071-11/+7
| | | | | | | | This reverts commit c59734f756b79c39486c45273d2cc5d42cd0c864.
| * Invert precedence of content in ActionDispatch::StaticAndrew White2012-12-061-7/+11
| | | | | | | | | | | | | | | | | | | | This commit inverts the precedence in ActionDispatch::Static so that dynamic content will be served before static content. This is so that precompiled assets do not inadvertently get included when running in development mode - it should have no effect in production where static files are usually handled by the web server. Closes #6421
* | Action View is needed for DebugExceptionsRafael Mendonça França2014-12-021-0/+2
| | | | | | | | We should remove this dependency later.
* | Refactor debug viewKir Shatrov2014-12-023-23/+31
| | | | | | Avoid logic in ERB and use helpers
* | Pretty-print request params on exception pageKir Shatrov2014-12-012-1/+9
| |
* | Merge pull request #17803 from sadfuzzy/patch-2Abdelkader Boudih2014-11-271-1/+3
| | | | | | | | | | | | Update cookies.rb Conflicts: actionpack/lib/action_dispatch/middleware/cookies.rb
* | Merge pull request #17728 from jcutrell/jcutrell/docs-to_session_value-for-prRafael Mendonça França2014-11-251-3/+6
|\ \ | | | | | | Adding simple docs for ActionDispatch::Flash::FlashHash#to_session_value
| * | adding nodoc to private methodsJonathan Cutrell2014-11-231-2/+2
| | |
| * | Adding simple docs for ActionDispatch::Flash::FlashHash#to_session_valueJonathan Cutrell2014-11-231-1/+4
| | |
* | | Merge pull request #17733 from yuki24/do-not-rescue-exception-in-params-parserRafael Mendonça França2014-11-251-1/+1
|\ \ \ | | | | | | | | Do not rescue Exception in ActionDispatch::ParamsParser
| * | | Do not rescue Exception in ParamsParserYuki Nishijima2014-11-231-1/+1
| |/ / | | | | | | | | | | | | Unlike ShowExceptions or PublicExceptions, ParamsParser shouldn't transform exceptions like Interrupt and NoMemoryError into ParserError.
* | | Don't center the routes table on routing errorsGenadi Samokovarov2014-11-241-1/+1
| | |
* | | Show source view and backtrace on missing template errorsGenadi Samokovarov2014-11-242-0/+6
|/ / | | | | | | | | | | | | | | | | This will help you debug missing template errors, especially if they come from a programmatic template selection. Thanks to @dhh for suggesting that. As a bonus, also show request and response info on the routing error page for consistency.
* | [ci skip] Fix comment of ActionDispatch::Callbacksyui-knk2014-11-231-1/+1
| | | | | | | | cc ddce3dd
* | Merge pull request #17630 from gsamokovarov/exception-wrapper-source-extractGuillermo Iguaran2014-11-163-8/+8
|\ \ | | | | | | Rename #source_extract to #source_extracts in ExceptionWrapper
| * | Rename #source_extract to #source_extracts in ExceptionWrapperGenadi Samokovarov2014-11-163-8/+8
| | | | | | | | | | | | | | | It returns multiple source extracts since 1ed264bc. Also cleaned its result structure, as we no longer need the file in a code extract.
* | | Merge pull request #17639 from gsamokovarov/faster-exception-wrapper-tracesGuillermo Iguaran2014-11-161-2/+6
|\ \ \ | | | | | | | | Don't double check trace origin in ExceptionWrapper#traces
| * | | Don't double check trace origin in ExceptionWrapper#tracesGenadi Samokovarov2014-11-161-2/+6
| |/ / | | | | | | | | | | | | | | | If a trace isn't an application one, then it comes from a framework. That's the definition of framework trace. We can speed up the traces generation if we don't double check that.
* / / Don't show full trace on routing errorsGenadi Samokovarov2014-11-161-1/+1
|/ / | | | | | | | | | | | | | | | | | | Since dbcbbcf2bc58e8971672b143d1c52c0244e33f26 the full trace is shown by default on routing errors. While this is a nice feature to have, it does take the attention off the routes table in this view and I think this is what most of the people look for in this page. Added an exception to the default trace switching rule to remove that noise.
* | Don't let #{application,framework,full}_trace be nilGenadi Samokovarov2014-11-162-31/+31
| | | | | | | | | | | | Those three can be nil when exception backtrace is nil. This happens and that forced a couple of nil guards in the code. I'm proposing to make those always return an array, even on nil backtrace.
* | Make FlashHash#key? work with symbol and stringRafael Mendonça França2014-11-111-1/+1
| | | | | | | | Closes #17586
* | Merge pull request #16535 from bf4/patch-1Rafael Mendonça França2014-11-101-4/+4
|\ \ | | | | | | | | | Allow fallback to LegacyKeyGenerator when secret_key_base is not set but secrets.secret_token is
| * | `secret_token` is now saved in `Rails.application.secrets.secret_token`Benjamin Fleischer2014-11-021-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - `secrets.secret_token` is now used in all places `config.secret_token` was - `secrets.secret_token`, when not present in `config/secrets.yml`, now falls back to the value of `config.secret_token` - when `secrets.secret_token` is set, it over-writes `config.secret_token` so they are the same (for backwards-compatibility) - Update docs to reference app.secrets in all places - Remove references to `config.secret_token`, `config.secret_key_base` - Warn that missing secret_key_base is deprecated - Add tests for secret_token, key_generator, and message_verifier - the legacy key generator is used with the message verifier when secrets.secret_key_base is blank and secret_token is set - app.key_generator raises when neither secrets.secret_key_base nor secret_token are set - app.env_config raises when neither secrets.secret_key_base nor secret_token are set - Add changelog Run focused tests via ruby -w -Itest test/application/configuration_test.rb -n '/secret_|key_/'
* | | Move DebugExceptions#traces_from_wrapper to ExceptionWrapperGenadi Samokovarov2014-11-032-29/+23
|/ / | | | | | | | | ActionDispatch::ExceptionWrapper seems to be the more natural place for this method to live in.
* | Merge branch 'master-sec'Aaron Patterson2014-10-301-2/+12
|\ \ | | | | | | | | | | | | * master-sec: FileHandler should not be called for files outside the root
| * | FileHandler should not be called for files outside the rootAaron Patterson2014-10-101-2/+12
| | | | | | | | | | | | | | | FileHandler#matches? should return false for files that are outside the "root" path.
* | | Show the user’s application in the source window and select the correct ↵Byron Bischoff2014-10-233-25/+35
| | | | | | | | | | | | trace list, closes #17312
* | | ActionController::InvalidCrossOriginRequest fails with 422 instead of 500Max Melentiev2014-10-141-10/+11
|/ / | | | | | | Fixes #15967
* | Use Hash#each_key instead of Hash#keys.eachErik Michaels-Ober2014-09-291-1/+1
| | | | | | | | | | | | Hash#keys.each allocates an array of keys; Hash#each_key iterates through the keys without allocating a new array. This is the reason why Hash#each_key exists.
* | Don't rescue IPAddr::InvalidAddressErrorPeter Suschlik2014-08-291-1/+1
| | | | | | | | | | | | | | | | IPAddr::InvalidAddressError does not exist in Ruby 1.9.3 and fails for JRuby in 1.9 mode. As IPAddr::InvalidAddressError is a subclass of ArgumentError (via IPAddr::Error) just rescuing ArgumentError is fine.
* | Refactor out Dir.glob from ActionDispatch::Staticschneems2014-08-271-20/+5
| | | | | | | | | | | | | | | | Dir.glob can be a security concern. The original use was to provide logic of fallback files. Example a request to `/` should render the file from `/public/index.html`. We can replace the dir glob with the specific logic it represents. The glob {,index,index.html} will look for the current path, then in the directory of the path with index file and then in the directory of the path with index.html. This PR replaces the glob logic by manually checking each potential match. Best case scenario this results in one less file API request, worst case, this has one more file API request. Related to #16464 Update: added a test for when a file of a given name (`public/bar.html` and a directory `public/bar` both exist in the same root directory. Changed logic to accommodate this scenario.
* | Address comments on Gzip implementationschneems2014-08-241-10/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - don't mutate PATH_INFO in env, test - test fallback content type matches Rack::File - change assertion style - make HTTP_ACCEPT_ENCODING comparison case insensitive - return gzip path from method instead of true/false so we don't have to assume later - don't allocate un-needed hash. Original comments: https://github.com/rails/rails/commit/ cfaaacd9763642e91761de54c90669a88d772e5a#commitcomment-7468728 cc @jeremy
* | Refactor ActionDispatch::RemoteIpSam Aarons2014-08-211-52/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | Refactored IP address checking in ActionDispatch::RemoteIp to rely on the IPAddr class instead of the unwieldly regular expression to match IP addresses. This commit keeps the same api but allows users to pass IPAddr objects to config.action_dispatch.trusted_proxies in addition to passing strings and regular expressions. Example: # config/environments/production.rb config.action_dispatch.trusted_proxies = IPAddr.new('4.8.15.0/16')
* | Enable gzip compression by defaultschneems2014-08-201-14/+40
| | | | | | | | | | | | If someone is using ActionDispatch::Static to serve assets and makes it past the `match?` then the file exists on disk and it will be served. This PR adds in logic that checks to see if the file being served is already compressed (via gzip) and on disk, if it is it will be served as long as the client can handle gzip encoding. If not, then a non gzip file will be served. This additional logic slows down an individual asset request but should speed up the consumer experience as compressed files are served and production applications should be delivered with a CDN. This PR allows a CDN to cache a gzip file by setting the `Vary` header appropriately. In net this should speed up a production application that are using Rails as an origin for a CDN. Non-asset request speed is not affected in this PR.