aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | | Fix incorrect indentation in method comment [ci skip]Junya Ogura2016-07-211-3/+3
|/ /
* / Fix failing requirement of duplicable in ParameterFilterVipul A M2016-07-161-0/+2
|/
* Check `request.path_parameters` encoding at the point they're setGrey Baker2016-07-143-13/+7
| | | | | | | | Check for any non-UTF8 characters in path parameters at the point they're set in `env`. Previously they were checked for when used to get a controller class, but this meant routes that went directly to a Rack app, or skipped controller instantiation for some other reason, had to defend against non-UTF8 characters themselves.
* Merge pull request #25798 from ↵Matthew Draper2016-07-141-3/+3
|\ | | | | | | | | greysteil/dont-raise-unknown-http-method-low-in-stack Don't raise ActionController::UnknownHttpMethod from ActionDispatch::Static
| * Don't raise ActionController::UnknownHttpMethod from ActionDispatch::StaticGrey Baker2016-07-131-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `ActionDispatch::Static` middleware is used low down in the stack to serve static assets before doing much processing. Since it's called from so low in the stack, we don't have access to the request ID at this point, and generally won't have any exception handling defined (by default `ShowExceptions` is added to the stack quite a bit higher and relies on logging and request ID). Before https://github.com/rails/rails/commit/8f27d6036a2ddc3cb7a7ad98afa2666ec163c2c3 this middleware would ignore unknown HTTP methods, and an exception about these would be raised higher in the stack. After that commit, however, that exception will be raised here. If we want to keep `ActionDispatch::Static` so low in the stack (I think we do) we should suppress the `ActionController::UnknownHttpMethod` exception here, and instead let it be raised higher up the stack, once we've had a chance to define exception handling behaviour. This PR updates `ActionDispatch::Static` so it passes `Rack::Request` objects to `ActionDispatch::FileHandler`, which won't raise an `ActionController::UnknownHttpMethod` error. If an unknown method is passed, it should exception higher in the stack instead, once we've had a chance to define exception handling behaviour.`
* | Merge pull request #25817 from ↵Rafael França2016-07-131-1/+1
|\ \ | | | | | | | | | | | | javan/fix-namespaced-implicit-render-etag-template-digest Fix adding implicitly rendered namespaced template digests to ETags
| * | Fix adding implicitly rendered namespaced template digests to ETagsJavan Makhmali2016-07-131-1/+1
| |/
* | Merge pull request #25771 from kaspth/make-test-response-assign-response-parserKasper Timm Hansen2016-07-133-57/+64
|\ \ | |/ |/| Let TestResponse assign a parser.
| * Let TestResponse assign a parser.Kasper Timm Hansen2016-07-103-57/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | Previously we'd only assign a response parser when a request came through Action Dispatch integration tests. This made calls to `parsed_body` when a TestResponse was manually instantiated — though own doing or perhaps from a framework — unintentionally blow up because no parser was set at that time. The response can lookup a parser entirely through its own ivars. Extract request encoder to its own file and assume that a viable content type is present at TestResponse instantiation. Since the default response parser is a no-op, making `parsed_body` equal to `body`, no exceptions will be thrown.
* | Handle `Rack::QueryParser` errors in `ActionDispatch::ExceptionWrapper`Grey Baker2016-07-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Rack [recently](https://github.com/rack/rack/commit/7e7a3890449b5cf5b86929c79373506e5f1909fb) moved the namespace of its `ParameterTypeError` and `InvalidParameterError` errors. Whilst an alias for the old name was added, the logic in `ActionDispatch::ExceptionWrapper` was still broken by this change, since it relies on the class name. This PR updates `ActionDispatch::ExceptionWrapper` to handle the Rack 2.0 namespaced errors correctly. We no longer need to worry about the old names, since Rails specifies Rack ~> 2.0.
* | Merge pull request #25735 from timrogers/actioncontroller-parameters-dupMatthew Draper2016-07-121-14/+5
|\ \ | |/ |/| Stop changes to a dupped `ActionController::Parameters` mutating the original
| * Trust `Object#dup` in `ActionController::Parameters`, using ↵Tim Rogers2016-07-081-15/+1
| | | | | | | | | | | | `#initialize_copy` to manually duplicate the underlying parameters hash It looks like `ActionController::Parameters#dup` is leftover from when the class inherited from `Hash`. We can just trust `#dup`, which already copies the `@permitted` instance variable (confirmed by tests). We still define a `#initialize_copy` to make `@parameters` a copy that can be mutated without affecting the original instance.
| * Changes to a dupped `ActionController::Parameters` mutate the originalTim Rogers2016-07-071-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | When `ActionController::Parameters` is duplicated with `#dup`, it doesn't create a duplicate of the instance variables (e.g. `@parameters`) but rather maintains the reference (see <http://ruby-doc.org/core-2.3.1/Object.html>). Given that the parameters object is often manipulated as if it were a hash (e.g. with `#delete` and similar methods), this leads to unexpected behaviour, like the following: ``` params = ActionController::Parameters.new(foo: "bar") duplicated_params = params.dup duplicated_params.delete(:foo) params == duplicated_params ``` This fixes the bug by defining a private `#initialize_copy` method, used internally by `#dup`, which makes a copy of `@parameters`.
* | Add a test case for verifying `cookie_only` is set even if user tries to set ↵Prathamesh Sonpatki2016-07-071-1/+1
| | | | | | | | it false
* | [ci skip] Correct defaults in documentation for ActionDispatch::SSLTim Rogers2016-07-061-4/+5
|/ | | | `config.ssl_options` permits configuring various options for the middleware. Default options for HSTS (specified with the `:hsts` key in the options hash) are specified in `.default_hsts_options`. The documentation did not make clear these defaults, and in one case was wrong.
* Deprecate usage of nil as route pathVolmer2016-07-051-0/+6
| | | | | | | | | | | | | | | | | | | In Rails 4 these kind of routes used to work: ```ruby scope '/*id', controller: :builds, as: :build do get action: :show end ``` But since 1a830cbd830c7f80936dff7e3c8b26f60dcc371d, routes are only created for paths specified as strings or symbols. Implicit `nil` paths are just ignored, with no deprecation warnings or errors. Routes are simply not created. This come as a surprise for people migrating to Rails 5, since the lack of logs or errors makes hard to understand where the problem is. This commit introduces a deprecation warning in case of path as `nil`, while still allowing the route definition.
* Fix conditional order broken in ea40ec56.Kasper Timm Hansen2016-07-021-2/+2
|
* Merge pull request #25344 from matthewd/debug-locksMatthew Draper2016-07-022-0/+123
|\ | | | | ActionDispatch::DebugLocks
| * Provide a middleware to debug misbehaving locksMatthew Draper2016-06-102-0/+123
| | | | | | | | | | Only intended to be enabled when in use; by necessity, it sits above any reasonable access control.
* | Silence DebugExceptions template render logs during exceptionsGenadi Samokovarov2016-07-021-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | When an exception is raised, those Action View rendering logs are just noise for the end developer. I recently silenced those from Web Console, as we do use Action View rendering in it as well. It used created a half a screen of rendering logs. I think we can save those in this recent push for cleaner development logs. Now, the silencing is a bit hacky and we have a bunch of it now, so we can also invest in turning off the logs directly from Action View objects instead of silencing off the logging stream.
* | Make mutation stand out some more.Kasper Timm Hansen2016-07-011-2/+5
| | | | | | | | | | | | Felt that += overwriting the path variable was a little too hidden. Make the outcomes easier to spot with an if-else branch.
* | Fix request encoding in tests when string literals are frozenVolmer2016-07-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running tests with `--enable-frozen-string-literal` or `# frozen_string_literal: true`, it's currently attempted to mutate the path string in order to append the format, causing a `RuntimeError`. ```ruby get '/posts', as: :json ``` ``` RuntimeError: can't modify frozen String ``` This commit fixes the problem by replacing the mutation with a concatenation, returning a new string.
* | [ci skip] Add 'params' formatting in ActionController::BaseAlex Kitchens2016-06-301-4/+4
| |
* | [ci skip] Fix typo & add link in PolymorphicRoutesAlex Kitchens2016-06-291-2/+2
| |
* | Merge pull request #25544 from piotrj/pj-issue-25488Rafael França2016-06-281-1/+9
|\ \ | | | | | | Fix setting route's to in a scope
| * | Fix setting route's to in a scopePiotr Jakubowski2016-06-281-1/+9
| | | | | | | | | | | | | | | | | | Fixes #25488 97d7dc4 introduced a regression that resulted in ArgumentError when to was in options of the scope and not of particular route.
* | | Fix adding implicitly rendered template digests to ETagsJavan Makhmali2016-06-281-1/+7
|/ / | | | | | | Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
* | Extract method to share path expansion logic.Kasper Timm Hansen2016-06-251-11/+16
| | | | | | | | Then just yield the location for the place where we need some extra processing.
* | Simplify `as` passed check.Kasper Timm Hansen2016-06-251-1/+1
| | | | | | | | `if !var.nil?` is the same as just `if var`
* | Merge pull request #25435 from y-yagi/make_as_option_work_with_get_parametersKasper Timm Hansen2016-06-251-2/+4
|\ \ | | | | | | make `as` option work with get parameters
| * | make `as` option work with get parametersyuuji.yaginuma2016-06-251-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | Currently, if path is a relative path, add format without the discrimination of the query. Therefore, if there is a query, format at end of the query would been added, format was not be specified correctly. This fix add format to end of path rather than query.
* | | `params.permitted?` is false by defaultJon Moss2016-06-231-0/+2
| | | | | | | | | | | | | | | In the docs: "+permit_all_parameters+ - If it's +true+, all the parameters will be permitted by default. The default is +false+."
* | | Update ActionController::Parameters documentation [ci skip]Benjamin Quorning2016-06-221-19/+18
|/ / | | | | | | | | | | | | | | | | | | The changes in this commit are twofold: 1. The examples showing `#require` accepting two arguments were wrong - you have to wrap the arguments (two, or more) in an array. 2. `ActionController::Parameters` has an `#inspect` method now (since https://github.com/rails/rails/pull/23732), and the documentation should reflect that.
* / Fix typo in ActionController::Renderer [ci skip]Alex Kitchens2016-06-101-1/+1
|/
* render_to_string Regression Outside of Real Requests in Rails 5.0.0.rc1 (#25308)Brandon Medenwald2016-06-091-1/+1
| | | | | | * Restore the functionality of PR#14129, but do so with not nil to better indicate the purpose of the conditional * Add a test when render_to_string called on ActionController::Base.new()
* Prevent `{ internal: true }` from being stored in the routerJon Moss2016-06-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Forgotten followup to #23669 :grimacing: If you went to an internal route (e.g. `/rails/info/routes`), you would previously see the following in your logger: ```bash Processing by Rails::InfoController#routes as HTML Parameters: {"internal"=>true} Rendering /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application Rendered collection of /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_route.html.erb [2 times] (10.5ms) Rendered /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb (2.5ms) Rendered /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application (23.5ms) Completed 200 OK in 50ms (Views: 35.1ms | ActiveRecord: 0.0ms) ``` Now, with this change, you would see: ```bash Processing by Rails::InfoController#routes as HTML Rendering /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application Rendered collection of /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_route.html.erb [2 times] (1.6ms) Rendered /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb (10.2ms) Rendered /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application (17.4ms) Completed 200 OK in 44ms (Views: 28.0ms | ActiveRecord: 0.0ms) ```
* Use `#performed?` to terminate controller callbacksJeff Kreeftmeijer2016-06-032-1/+8
| | | | | | | | | | | | | | | Since 69009f, `ActionController::Metal::DataStreaming#send_file` doesn't set `@_response_body` anymore. `AbstractController::Callbacks` used `@_response_body` in its callback terminator, so it failed to halt the callback cycle when using `#send_file` from a `before_action`. Instead, it now uses `#performed?` on `AbstractController::Base` and `ActionController::Metal`, which checks `response.committed?`, besides checking if `@_response_body` is set, if possible. Example application: https://gist.github.com/jeffkreeftmeijer/78ae4572f36b198e729724b0cf79ef8e
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2016-06-031-4/+4
|\ | | | | | | | | Conflicts: guides/source/action_cable_overview.md
| * `routes.rb` --> `config/routes.rb`Jon Moss2016-05-191-4/+4
| | | | | | | | | | | | For consistency. [ci skip]
* | Clean up the test request/response even after an exceptionMatthew Draper2016-06-011-23/+26
| |
* | Tiny document fixes [ci skip]Robin Dupret2016-05-301-1/+1
| | | | | | | | | | | | Add a missing capital letter and avoid using absolute links to the API because they may refer to out-dated documentation on the Edge site.
* | ActionController::Parameters: Fix #dig doc codeChristian Wesselhoeft2016-05-291-5/+5
| | | | | | This example code wasn't getting wrapped in a `<code>` tag due to incorrect indentation.
* | fix incorrect class name [ci skip]yuuji.yaginuma2016-05-281-1/+1
| |
* | add missing `as` to request kwargs of `ActionDispatch::IntegrationTest`yuuji.yaginuma2016-05-271-2/+3
| | | | | | | | Follow up to #21671
* | Respect `log_warning_on_csrf_failure` setting for all CSRF failuresMatthew Caruana Galizia2016-05-231-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | CSRF verification for non-XHR GET requests (cross-origin `<script>` tags) didn't check this flag before logging failures. Setting `config.action_controller.log_warning_on_csrf_failure = false` now disables logging for these CSRF failures as well. Closes #25086. Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
* | Revert "Make sure the cache is always populated"Rafael Mendonça França2016-05-201-5/+1
| | | | | | | | | | | | This reverts commit 0ce7eae7418f1b9bb06b351c1f26d50c3674c0d0. Tests were broken https://travis-ci.org/rails/rails/jobs/131850726#L520
* | Make sure the cache is always populatedAaron Patterson2016-05-201-1/+5
| | | | | | | | This way we don't have to make multiple calls on anonymous controllers
* | Add back in Oxford CommaJon Moss2016-05-191-1/+1
| | | | | | | | | | | | per [API documentation guidelines](http://edgeguides.rubyonrails.org/api_documentation_guidelines.html#oxford-comma) [ci skip]
* | Merge pull request #25070 from josedonizetti/fix_example_routes_docArthur Nogueira Neves2016-05-191-3/+3
|\ \ | | | | | | fix named route example [ci skip]
| * | fix named route example [ci skip]Jose Donizetti2016-05-191-3/+3
| | |