| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |\ \
| | |
| | |
| | | |
Allow fallback to LegacyKeyGenerator when secret_key_base is not set but secrets.secret_token is
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- `secrets.secret_token` is now used in all places `config.secret_token` was
- `secrets.secret_token`, when not present in `config/secrets.yml`,
now falls back to the value of `config.secret_token`
- when `secrets.secret_token` is set, it over-writes
`config.secret_token` so they are the same (for backwards-compatibility)
- Update docs to reference app.secrets in all places
- Remove references to `config.secret_token`, `config.secret_key_base`
- Warn that missing secret_key_base is deprecated
- Add tests for secret_token, key_generator, and message_verifier
- the legacy key generator is used with the message verifier when
secrets.secret_key_base is blank and secret_token is set
- app.key_generator raises when neither secrets.secret_key_base nor
secret_token are set
- app.env_config raises when neither secrets.secret_key_base nor
secret_token are set
- Add changelog
Run focused tests via
ruby -w -Itest test/application/configuration_test.rb -n '/secret_|key_/'
|
| |/ /
| |
| |
| |
| | |
ActionDispatch::ExceptionWrapper seems to be the more natural place for
this method to live in.
|
| |\ \
| | |
| | |
| | |
| | | |
* master-sec:
FileHandler should not be called for files outside the root
|
| | | |
| | |
| | |
| | |
| | | |
FileHandler#matches? should return false for files that are outside the
"root" path.
|
| | | |
| | |
| | |
| | | |
trace list, closes #17312
|
| |/ /
| |
| |
| | |
Fixes #15967
|
| | |
| |
| |
| |
| |
| | |
Hash#keys.each allocates an array of keys; Hash#each_key iterates through the
keys without allocating a new array. This is the reason why Hash#each_key
exists.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
IPAddr::InvalidAddressError does not exist in Ruby 1.9.3
and fails for JRuby in 1.9 mode.
As IPAddr::InvalidAddressError is a subclass of ArgumentError
(via IPAddr::Error) just rescuing ArgumentError is fine.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Dir.glob can be a security concern. The original use was to provide logic of fallback files. Example a request to `/` should render the file from `/public/index.html`. We can replace the dir glob with the specific logic it represents. The glob {,index,index.html} will look for the current path, then in the directory of the path with index file and then in the directory of the path with index.html. This PR replaces the glob logic by manually checking each potential match. Best case scenario this results in one less file API request, worst case, this has one more file API request.
Related to #16464
Update: added a test for when a file of a given name (`public/bar.html` and a directory `public/bar` both exist in the same root directory. Changed logic to accommodate this scenario.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- don't mutate PATH_INFO in env, test
- test fallback content type matches Rack::File
- change assertion style
- make HTTP_ACCEPT_ENCODING comparison case insensitive
- return gzip path from method instead of true/false so we don't have to assume later
- don't allocate un-needed hash.
Original comments:
https://github.com/rails/rails/commit/
cfaaacd9763642e91761de54c90669a88d772e5a#commitcomment-7468728
cc @jeremy
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Refactored IP address checking in ActionDispatch::RemoteIp to rely on
the IPAddr class instead of the unwieldly regular expression to match
IP addresses. This commit keeps the same api but allows users to pass
IPAddr objects to config.action_dispatch.trusted_proxies in addition
to passing strings and regular expressions.
Example:
# config/environments/production.rb
config.action_dispatch.trusted_proxies = IPAddr.new('4.8.15.0/16')
|
| | |
| |
| |
| |
| |
| | |
If someone is using ActionDispatch::Static to serve assets and makes it past the `match?` then the file exists on disk and it will be served. This PR adds in logic that checks to see if the file being served is already compressed (via gzip) and on disk, if it is it will be served as long as the client can handle gzip encoding. If not, then a non gzip file will be served.
This additional logic slows down an individual asset request but should speed up the consumer experience as compressed files are served and production applications should be delivered with a CDN. This PR allows a CDN to cache a gzip file by setting the `Vary` header appropriately. In net this should speed up a production application that are using Rails as an origin for a CDN. Non-asset request speed is not affected in this PR.
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
actionpack/lib/action_controller/metal/mime_responds.rb
actionview/lib/action_view/vendor/html-scanner/html/sanitizer.rb
activerecord/lib/active_record/type/value.rb
|
| | | |
| | |
| | |
| | | |
[skip ci]
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use the Active Support JSON encoder for cookie jars using the `:json` or
`:hybrid` serializer. This allows you to serialize custom Ruby objects into
cookies by defining the `#as_json` hook on such objects.
Fixes #16520.
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Cookies digest config option (pt. 2)
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_dispatch/middleware/cookies.rb
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
You can now configure custom digest for cookies in the same way as `serializer`:
config.action_dispatch.cookies_digest = 'SHA256'
|
| |\ \ \ \
| | | | |
| | | | | |
Remove redundant NullSerializer
|
| | |/ / /
| | | |
| | | |
| | | | |
Use one from ActiveSupport::MessageEncryptor module.
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit 705977620539e2be6548027042f33175ebdc2505, reversing
changes made to dde91e9bf5ab246f0f684b40288b272f4ba9a699.
IT BROKE THE BUILD!!!
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
You can now configure custom digest for cookies in the same way as `serializer`:
config.action_dispatch.cookies_digest = \SHA256'
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Provide the ability to extract the source code of the entire exception stack
trace, not just the frame raising the error. This improves debugging
capability of the error page, especially for framework-related errors.
|
| |/ /
| |
| |
| |
| |
| | |
Fixed broken test.
Thanks Stephen Richards for reporting.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`ActionDispatch::ShowExceptions` overwrites `PATH_INFO` with the status code
for the exception defined in `ExceptionWrapper`, so the path the user was
visiting when an exception occurred was not previously available to any custom
exceptions_app.
The original `PATH_INFO` is now stashed in
`env["action_dispatch.original_path"]`.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Although the cookie values happens to be ASCII strings because they are
Base64 encoded, it is semantically incorrect to check for the number of the
characters in the cookie, when we actually want to check for the number of the
bytes it consists of.
Furthermore it is unecessary coupling with the current implementation that
uses Base64 for encoding the values.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
This is not a security issue since this page is not present in
production and user have to type something in the field but is better to
escape the input.
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Make remote_ip detection properly handle private IPv6 addresses
Conflicts:
actionpack/CHANGELOG.md
|
| | | |
| | |
| | |
| | | |
Fixes #12638.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
cookies are marshal-encoded. This is not the case when `secret_token` is
used in conjunction with the `:json` or `:hybrid` serializer.
In those case, when upgrading to use `secret_key_base`, this would cause a
`TypeError: incompatible marshal file format` and a 500 error for the user.
Fixes #14774.
*Godfrey Chan*
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
References to ``AppName::Application` removed in favour of ``Rails.application``
as generated with a new rails 4.1 app.
[ci skip]
|
| | | |
| | |
| | |
| | | |
- also refactored the javascript.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
This parsing is unecessary once the Request object already has the
needed information.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Closes #8513
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when streaming responses, we need to make sure the cookie jar is written
to the headers before returning up the stack. This commit introduces a
new method on the response object that writes the cookie jar to the
headers as the response is committed. The middleware and test framework
will not write the cookie headers if the response has already been
committed.
fixes #14352
|
| | | |
| | |
| | |
| | | |
This commit also addresses rails/docrails#169 and rails/rails#14159
|
