aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch
Commit message (Collapse)AuthorAgeFilesLines
* Don't show full trace on routing errorsGenadi Samokovarov2014-11-161-1/+1
| | | | | | | | | | Since dbcbbcf2bc58e8971672b143d1c52c0244e33f26 the full trace is shown by default on routing errors. While this is a nice feature to have, it does take the attention off the routes table in this view and I think this is what most of the people look for in this page. Added an exception to the default trace switching rule to remove that noise.
* Don't let #{application,framework,full}_trace be nilGenadi Samokovarov2014-11-162-31/+31
| | | | | | Those three can be nil when exception backtrace is nil. This happens and that forced a couple of nil guards in the code. I'm proposing to make those always return an array, even on nil backtrace.
* Make FlashHash#key? work with symbol and stringRafael Mendonça França2014-11-111-1/+1
| | | | Closes #17586
* Merge pull request #16535 from bf4/patch-1Rafael Mendonça França2014-11-101-4/+4
|\ | | | | | | Allow fallback to LegacyKeyGenerator when secret_key_base is not set but secrets.secret_token is
| * `secret_token` is now saved in `Rails.application.secrets.secret_token`Benjamin Fleischer2014-11-021-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - `secrets.secret_token` is now used in all places `config.secret_token` was - `secrets.secret_token`, when not present in `config/secrets.yml`, now falls back to the value of `config.secret_token` - when `secrets.secret_token` is set, it over-writes `config.secret_token` so they are the same (for backwards-compatibility) - Update docs to reference app.secrets in all places - Remove references to `config.secret_token`, `config.secret_key_base` - Warn that missing secret_key_base is deprecated - Add tests for secret_token, key_generator, and message_verifier - the legacy key generator is used with the message verifier when secrets.secret_key_base is blank and secret_token is set - app.key_generator raises when neither secrets.secret_key_base nor secret_token are set - app.env_config raises when neither secrets.secret_key_base nor secret_token are set - Add changelog Run focused tests via ruby -w -Itest test/application/configuration_test.rb -n '/secret_|key_/'
* | Remove session to allow `with_routing` to be called twice.Guo Xiang Tan2014-11-051-0/+4
| | | | | | | | Fixes: https://github.com/rails/rails/issues/16814
* | Move DebugExceptions#traces_from_wrapper to ExceptionWrapperGenadi Samokovarov2014-11-032-29/+23
|/ | | | | ActionDispatch::ExceptionWrapper seems to be the more natural place for this method to live in.
* Merge pull request #17440 from claudiob/remove-yet-another-redundant-to-sXavier Noria2014-10-301-1/+1
|\ | | | | Remove redundant `to_s` in interpolation
| * Remove redundant `to_s` in interpolationclaudiob2014-10-301-1/+1
| |
* | Merge branch 'master-sec'Aaron Patterson2014-10-301-2/+12
|\ \ | |/ |/| | | | | * master-sec: FileHandler should not be called for files outside the root
| * FileHandler should not be called for files outside the rootAaron Patterson2014-10-101-2/+12
| | | | | | | | | | FileHandler#matches? should return false for files that are outside the "root" path.
* | edit pass over all warningsXavier Noria2014-10-286-9/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch uniformizes warning messages. I used the most common style already present in the code base: * Capitalize the first word. * End the message with a full stop. * "Rails 5" instead of "Rails 5.0". * Backticks for method names and inline code. Also, converted a few long strings into the new heredoc convention.
* | let's warn with heredocsXavier Noria2014-10-282-12/+21
| | | | | | | | | | | | | | | | | | | | | | | | The current style for warning messages without newlines uses concatenation of string literals with manual trailing spaces where needed. Heredocs have better readability, and with `squish` we can still produce a single line. This is a similar use case to the one that motivated defining `strip_heredoc`, heredocs are super clean.
* | Typos in the deprecation messageGodfrey Chan2014-10-281-2/+2
| |
* | Deprecate the `only_path` option on `*_path` helpers.Godfrey Chan2014-10-281-2/+26
| | | | | | | | | | | | | | | | | | | | | | | | In cases where this option is set to `true`, the option is redundant and can be safely removed; otherwise, the corresponding `*_url` helper should be used instead. Fixes #17294. See also #17363. [Dan Olson, Godfrey Chan]
* | Show the user’s application in the source window and select the correct ↵Byron Bischoff2014-10-233-25/+35
| | | | | | | | trace list, closes #17312
* | Merge pull request #17313 from accessd/fix-url-generation-error-messageRafael Mendonça França2014-10-211-1/+1
|\ \ | | | | | | Fix url generation error message
| * | fix url generation error messageAccessd2014-10-211-1/+1
| | |
* | | remove duplicate method (_status_code) in action_dispatchAbdelkader Boudih2014-10-191-3/+0
| | |
* | | Make _status_code methods nodocPrathamesh Sonpatki2014-10-191-1/+1
|/ / | | | | | | | | - Also one minor change for documenting url_for method in ActionController::Metal. [ci skip]
* | Fix typo in actionpack/lib/action_dispatch/routing/mapper.rbYuutetu2014-10-161-1/+1
| |
* | Merge pull request #17255 from printercu/cors_exception_wrapperRafael Mendonça França2014-10-151-10/+11
|\ \ | | | | | | ActionController::InvalidCrossOriginRequest fails with 422 instead of 500
| * | ActionController::InvalidCrossOriginRequest fails with 422 instead of 500Max Melentiev2014-10-141-10/+11
| | | | | | | | | | | | Fixes #15967
* | | Use `#tr` instead of `#gsub`Nicolas Cavigneaux2014-10-141-1/+1
| | | | | | | | | | | | | | | `#tr` is more efficient than `#gsub` and can be used as a drop in replacement in this context.
* | | Improve Journey compliance to RFC 3986Nicolas Cavigneaux2014-10-141-5/+5
|/ / | | | | | | | | | | | | | | | | | | The scanner in Journey fails to recognize routes that use literals from the sub-delims section of RFC 3986. This commit enhance the compatibility of Journey with the RFC by adding support of authorized delimiters to the scanner. Fix #17212
* / Replace Array#shuffle.first with Array#sampleErik Michaels-Ober2014-10-131-2/+2
|/
* Request#check_method no longer breaks when :en is not available localeStefan Henzen2014-10-091-1/+1
| | | | | | | | Request#check_method would use to_sentence(locale: :en), which breaks when I18n.available_locales does not include :en and I18n.enforce_available_locales is true (default). Inlined to_sentence functionality to solve this.
* Parse HTML as document fragment.Kasper Timm Hansen2014-09-292-2/+2
| | | | This is to match the changes in Rails Dom Testing rails/rails-dom-testing#20.
* Use Hash#each_key instead of Hash#keys.eachErik Michaels-Ober2014-09-291-1/+1
| | | | | | Hash#keys.each allocates an array of keys; Hash#each_key iterates through the keys without allocating a new array. This is the reason why Hash#each_key exists.
* Revert "Merge pull request #16966 from why-el/symbolize-path-params"Rafael Mendonça França2014-09-251-1/+0
| | | | | | | | This reverts commit 9d05d6de52871e57bfbf54a60de005e8a5f5b0e4, reversing changes made to 0863c9248fd47a15e88e05ce4fcd80966684c0e3. The change in the behaviour reported at #16958 doesn't exist since 4.0 and 4.1 works in the same way
* Ensure named path params are symbols (Fixes #16958)Mohamed Wael Khobalatte2014-09-251-0/+1
|
* Keep the original implementation to not having to allocate new objectsRafael Mendonça França2014-09-251-2/+15
|
* Remove internal options from query string of pathsGert Goet2014-09-251-18/+3
| | | | Fixes #17057
* Rescue Rack::Utils::ParameterTypeError instead of TypeErrorYuki Nishijima2014-09-131-2/+2
| | | | | | | | As of rack/rack@167b6480235ff00ed5f355698bf00ec2f250f72e, Rack raises Rack::Utils::ParameterTypeError which inherits TypeError. In terms of the behavior, Rescuing TypeError still works but this method shouldn't rescue if TypeError is raised for other reasons.
* [ci skip]Correct variables in the sample codesuginoy2014-09-101-2/+2
|
* Remove extra 'has been' from deprecation warning about asserting selectorsPrathamesh Sonpatki2014-09-091-1/+1
| | | | [ci skip]
* Remove extra 'has been' from the deprecation messagePrathamesh Sonpatki2014-09-091-1/+1
| | | | - [ci skip]
* Add support for Rack::ContentLength middelwareJavan Makhmali2014-09-061-0/+4
|
* Deprecate implicit AD::Response splatting and Array conversionJeremy Kemper2014-09-061-2/+13
|
* :scissors:Rafael Mendonça França2014-09-051-1/+1
|
* Message doesn't need to be optionalRafael Mendonça França2014-09-051-2/+2
|
* Merge pull request #14911 from estsauver/14908Rafael Mendonça França2014-09-051-7/+7
|\ | | | | | | Propagate test messages through assert_routing helper, Fixes #14908
| * Propagate test messages through assert_routing helper, Fixes #14908Earl St Sauver2014-04-291-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | assert_routing was not raising the message passed into the assertion violation that it raised. This change propagates messages through the on_fail error. This fixes this error: https://github.com/rails/rails/issues/14908 A test case for this issue is located here. https://github.com/estsauver/test14908 To see that test case fail in the example app, just run ruby -Itest test/controllers/guests_controller_test.rb
* | Allow polymorphic routes with nil when a route can still be drawnSammy Larbi2014-08-311-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Suppose you have two resources routed in the following manner: ```ruby resources :blogs do resources :posts end resources :posts ``` When using polymorphic resource routing like `url_for([@blog, @post])`, and `@blog` is `nil` Rails should still try to match the route to the top-level posts resource. Fixes #16754
* | Don't rescue IPAddr::InvalidAddressErrorPeter Suschlik2014-08-291-1/+1
| | | | | | | | | | | | | | | | IPAddr::InvalidAddressError does not exist in Ruby 1.9.3 and fails for JRuby in 1.9 mode. As IPAddr::InvalidAddressError is a subclass of ArgumentError (via IPAddr::Error) just rescuing ArgumentError is fine.
* | Merge pull request #16637 from Agis-/redirect-with-constraint-routeAaron Patterson2014-08-281-2/+0
|\ \ | | | | | | Fix the router ignoring constraints when used together with a redirect route
| * | Don't ignore constraints in redirect routesAgis-2014-08-251-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | https://github.com/rails/rails/commit/402c2af55053c2f29319091ad21fd6fa6b90ee89 introduced a regression that caused any constraints added to redirect routes to be ignored. Fixes #16605
* | | Refactor out Dir.glob from ActionDispatch::Staticschneems2014-08-271-20/+5
| | | | | | | | | | | | | | | | | | | | | | | | Dir.glob can be a security concern. The original use was to provide logic of fallback files. Example a request to `/` should render the file from `/public/index.html`. We can replace the dir glob with the specific logic it represents. The glob {,index,index.html} will look for the current path, then in the directory of the path with index file and then in the directory of the path with index.html. This PR replaces the glob logic by manually checking each potential match. Best case scenario this results in one less file API request, worst case, this has one more file API request. Related to #16464 Update: added a test for when a file of a given name (`public/bar.html` and a directory `public/bar` both exist in the same root directory. Changed logic to accommodate this scenario.
* | | Address comments on Gzip implementationschneems2014-08-241-10/+19
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | - don't mutate PATH_INFO in env, test - test fallback content type matches Rack::File - change assertion style - make HTTP_ACCEPT_ENCODING comparison case insensitive - return gzip path from method instead of true/false so we don't have to assume later - don't allocate un-needed hash. Original comments: https://github.com/rails/rails/commit/ cfaaacd9763642e91761de54c90669a88d772e5a#commitcomment-7468728 cc @jeremy
* | Refactor ActionDispatch::RemoteIpSam Aarons2014-08-211-52/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | Refactored IP address checking in ActionDispatch::RemoteIp to rely on the IPAddr class instead of the unwieldly regular expression to match IP addresses. This commit keeps the same api but allows users to pass IPAddr objects to config.action_dispatch.trusted_proxies in addition to passing strings and regular expressions. Example: # config/environments/production.rb config.action_dispatch.trusted_proxies = IPAddr.new('4.8.15.0/16')