aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/request
Commit message (Collapse)AuthorAgeFilesLines
* add missing indifferent_access require for #normalize_encode_paramsWill Jordan2018-08-161-0/+2
| | | | Fixes #33634.
* Add changelog entry for #32446bogdanvlviv2018-04-061-2/+2
| | | | | | | In #32446 was added method `dig` to `session`. Improve docs of method `dig`. [ci skip]
* Add #dig to ActionDispatch::Request::Sessionclaudiob2018-04-041-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | ### Summary The `session` object is not a real Hash but responds to many methods of Hash such as `[]`, `[]`, `fetch`, `has_key?`. Since Ruby 2.3, Hash also supports a `dig` method. This commit adds a `dig` method to `ActionDispatch::Request::Session` with the same behavior as `Hash#dig`. This is useful if you store a hash in your session, such as: ```ruby session[:user] = { id: 1, avatar_url: "http://example.org/nyancat.jpg" } ``` Then you can shorten your code from `session[:user][:avatar_url]` to `session.dig :user, :avatar_url`. ### Other Information I cherry-picked a commit from https://github.com/rails/rails/pull/23864, and modify a bit. The changes are below: * Converts only the first key to a string adjust to the `fetch` method. * Fixes a test case because we cannot use the indifferent access since ee5b621e2f8fde380ea4bc75b0b9d6f98499f511.
* Consistent behavior for session and cookies with to_h and to_hash methodIgor Kasyanchuk2018-01-311-0/+1
|
* Use frozen string literal in actionpack/Kir Shatrov2017-07-292-0/+4
|
* Scrub the invalid paramter value before using it in the errorArthur Neves2017-07-171-1/+1
| | | | | | | You should be able to safely use the String error message. So when finding the paramter has an invalid encoding we need to remove the invalid bytes before using it in the error. Otherwise the caller might get another Encoding error if they use the message.
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-022-2/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Enforce frozen string in RubocopKir Shatrov2017-07-012-0/+2
|
* Use mattr_accessor default: option throughout the projectGenadi Samokovarov2017-06-031-2/+1
|
* Add lazy loading to #keys and #values methods in Sessioncodeforkjeff2017-04-261-0/+2
| | | | | | | This fixes a bug where session.keys and session.values return an empty array unless one of the other methods that does lazy loading from the underlying store is called first. #keys and #values should also call #load_for_read!
* [docs] fix ActionDispatch documentationHrvoje Šimić2017-03-132-6/+5
|
* Document and update API for `skip_parameter_encoding`Aaron Patterson2016-12-211-0/+11
| | | | | | | | This commit changes `parameter_encoding` to `skip_parameter_encoding`. `skip_parameter_encoding` will set encoding on all parameters to ASCII-8BIT for a given action on a particular controller. This allows the controller to handle data when the encoding of that data is unknown, for example file systems or truly binary parameters.
* Merge pull request #26905 from bogdanvlviv/docsAndrew White2016-11-131-1/+1
|\ | | | | Add missing `+` around a some literals.
| * Add missing `+` around a some literals.bogdanvlviv2016-10-271-1/+1
| | | | | | | | | | | | Mainly around `nil` [ci skip]
* | Add more rubocop rules about whitespacesRafael Mendonça França2016-10-291-3/+3
|/
* applies remaining conventions across the projectXavier Noria2016-08-061-1/+0
|
* normalizes indentation and whitespace across the projectXavier Noria2016-08-062-18/+17
|
* applies new string literal convention in actionpack/libXavier Noria2016-08-061-1/+1
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Ensure compatibility between ActionDispatch::Request::Session and RackJon Moss2016-05-041-1/+5
| | | | | | | | | | | | | | Adding the `each` method is required for ensuring compatibility between Rails, and other Rack frameworks (like Sinatra, etc.), that are mounted within Rails, and wish to use its session tooling. Prior to this, there was an inconsistency between ActionDispatch::Request::Session and Rack::Session::Cookie, due to the absence of the `each` method. This should hopefully fix that error. :) For a full integration test with Sinatra and a standalone Rack application, you can check out the gist for that here: https://gist.github.com/maclover7/08cd95b0bfe259465314311941326470. Solves #15843.
* Revert "Merge pull request #20851 from tomprats/indifferent-sessions"Matthew Draper2016-02-261-2/+2
| | | | | | | This reverts commit 22db455dbe9c26fe6d723cac0758705d9943ea4b, reversing changes made to 40be61dfda1e04c3f306022a40370862e3a2ce39. This finishes off what I meant to do in 6216a092ccfe6422f113db906a52fe8ffdafdbe6.
* Revert "Update Session to utilize indiffernt access"Matthew Draper2016-02-261-8/+14
| | | | | | | | | | | This reverts commit 45a75a3fcc96b22954caf69be2df4e302b134d7a. HWIAs are better than silently deeply-stringified hashes... but that's a reaction to a shortcoming of one particular session store: we should not break the basic behaviour of other, more featureful, session stores in the process. Fixes #23884
* Update Session to utilize indiffernt accessTom Prats2016-01-301-14/+8
|
* Update session to have indifferent accessTom Prats2016-01-291-2/+2
|
* Fix typo in docs [ci skip]Rebecca Skinner2016-01-141-2/+2
|
* Space OddityAkira Matsuda2016-01-141-2/+2
| | | | | Converting nbsp(\u{00A0}) to the normal ASCII space(\u{0020}) [ci skip]
* Catch invalid UTF-8 querystring values and respond with BadRequestGrey Baker2015-10-231-0/+15
|
* stop using deprecated Abstract::ID classAaron Patterson2015-09-041-1/+1
|
* stop inheriting from Rack::RequestAaron Patterson2015-09-042-2/+2
| | | | | | Just include the modules necessary in the Request object to implement the things we need. This should make it easier to build delegate request objects because the API is smaller
* use a request object in the session middlewareAaron Patterson2015-08-221-22/+22
| | | | | This commit allows us to use one request object rather than allocating multiple request objects to deal with the session.
* point at rack masterAaron Patterson2015-08-201-2/+2
|
* rm `deep_munge`. You will live on in our hearts (and git history)Aaron Patterson2015-07-211-18/+12
| | | | | Now that we have encoding strategies, we can just walk the params hash once to encode as HWIA, and remove nils.
* push param encoding in to the utils moduleAaron Patterson2015-07-211-0/+29
| | | | we'll refactor deep munge mostly out of existence shortly
* stop keeping track of keys when "deep munging"Aaron Patterson2015-07-211-5/+3
| | | | This should have been done along with 8f8ccb9901cab457c6e1d52bdb25acf658fd5777
* don't hold a reference to `env` in the options objectAaron Patterson2015-06-131-13/+11
| | | | | I want to decouple Rails from the rack ENV as much as possible. We should try to keep as few references to the env as possible
* Add missing documentation for ActionDispatch::Request::Session [ci skip]Mehmet Emin İNAÇ2015-06-071-0/+33
|
* remove new line between doc and methodBruce Park2015-04-071-1/+0
|
* added docs for ActionDispatch::Request::Session#createBruce Park2015-04-071-1/+3
|
* Don't convert empty arrays to nils when deep munging paramsChris Sinjakli2014-12-151-4/+0
|
* Log which keys were set to nil in deep_mungeLukasz Sarnacki2014-01-281-4/+9
| | | | | | | | deep_munge solves CVE-2013-0155 security vulnerability, but its behaviour is definately confuisng. This commit adds logging to deep_munge. It logs keys for which values were set to nil. Also mentions in guides were added.
* Merge pull request #13188 from imanel/skip_deep_mungeJeremy Kemper2013-12-191-0/+6
|\ | | | | | | | | | | | | Add configuration option to optionally disable deep_munge Conflicts: actionpack/CHANGELOG.md
| * Add configuration option to optionally disable deep_mungeBernard Potocki2013-12-051-0/+6
| |
* | Make ActionDispatch::Request::Session#fetch behave like Hash#fetchTrent Ogren2013-12-111-8/+8
|/ | | | | | Session#fetch was mutating the session when given a default argument and/or a block. Since Session duck-types as a Hash, it should behave like one in these cases.
* add the fetch method to sessionsDamien Mathieu2013-10-291-0/+12
|
* Extract ActionDispatch::Request#deep_mungeGenadi Samokovarov2013-05-301-0/+24
| | | | | | | | | ActionDispatch::Request#deep_munge was introduced as a private method, but was turned into a public one for the use of ActionDispatch::ParamsParser. I have extracted it into ActionDispatch::Request::Utils, so it does not get mixed up with the Request public methods.
* Integrate Action Pack with Rack 1.5Carlos Antonio da Silva2013-01-251-0/+4
| | | | | | All ActionPack and Railties tests are passing. Closes #8891. [Carlos Antonio da Silva + Santiago Pastorino]
* Merge pull request #7495 from steveklabnik/issue_7478Aaron Patterson2012-09-011-2/+5
|\ | | | | Properly reset the session on reset_session
| * Force reloading of the session after destroyAndreas Loupasakis2012-09-011-0/+3
| | | | | | | | | | | | | | Use load_for_write! to ensure a refresh of the session object. This way the new session_id and the empty data will be stored properly. E.g. in the case of the session cookie store this means that a new digest will be returned to the user.
| * Assign a new session_id to session options hashAndreas Loupasakis2012-09-011-2/+2
| |
* | Fix comment about Session.Steve Klabnik2012-08-311-1/+1
|/ | | | SessionHash isn't a thing, and tenses are wrong.
* Added ActionDispatch::Request::Session#keys and ↵Philip Arndt2012-05-231-0/+8
| | | | ActionDispatch::Request::Session#values