| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|\ \
| | |
| | |
| | | |
Don't handle params option in a special way in url_for helper
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since Rails 6.0 will support Ruby 2.4.1 or higher
`# frozen_string_literal: true` magic comment is enough to make string object frozen.
This magic comment is enabled by `Style/FrozenStringLiteralComment` cop.
* Exclude these files not to auto correct false positive `Regexp#freeze`
- 'actionpack/lib/action_dispatch/journey/router/utils.rb'
- 'activerecord/lib/active_record/connection_adapters/sqlite3_adapter.rb'
It has been fixed by https://github.com/rubocop-hq/rubocop/pull/6333
Once the newer version of RuboCop released and available at Code Climate these exclude entries should be removed.
* Replace `String#freeze` with `String#-@` manually if explicit frozen string objects are required
- 'actionpack/test/controller/test_case_test.rb'
- 'activemodel/test/cases/type/string_test.rb'
- 'activesupport/lib/active_support/core_ext/string/strip.rb'
- 'activesupport/test/core_ext/string_ext_test.rb'
- 'railties/test/generators/actions_test.rb'
|
|\ \ \
| | | |
| | | | |
Fix optionally scoped root route unscoped access
|
| | | | |
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This PR fixes an issue when the following situation occurs.
If you define a class like this
class MyConstraint
def call(*args)
# for some reason this is defined
end
def matches?(*args)
# checking the args
end
end
and try to use it as a constraint
get "/", to: "home#show", constraints: MyConstraint.new
if its `matches?` method returns `false` there will be an error for the
mapper will ask for the constraint arity, thinking it is a proc, lambda
or method.
This PR checks for the presence of the `arity` method on the constraint
calling it only if present, preventing the error while keeping the basic
behavior.
|
|\ \ \
| | | |
| | | | |
Added ActionController::Parameters.each_value methods
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
ActiveStorage::BaseController subclasses ActionController::Base.
ActionController::Base has an "inherited" hook set that includes the
routing helpers to any subclass of AC::Base. Since
ActiveStorage::BaseController is a subclass of AC::Base, it will get
routing helpers included automatically. Unfortunately, when the
framework is eagerly loaded, ActiveStorage::BaseController is loaded
*before* the applications routes are loaded which means it attempts to
include an "in flight" module so it gets an exception.
This commit allows a class that's interested in being extended with
routing helpers register itself such that when the routes are finalized,
it will get the helpers included. If the routes are already finalized,
then the helpers get included immediately.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This commit eagerly builds the route helper module after the routes have
been drawn and finalized. This allows us to cache the helper module but
not have to worry about people accessing the module while route
definition is "in-flight", and automatically deals with cache
invalidation as the module is regenerated anytime someone redraws the
routes.
The restriction this commit introduces is that the url helper module can
only be accessed *after* the routes are done being drawn.
Refs #24554 and #32892
|
|\ \ \ \
| |/ / /
|/| | | |
Remove deprecated catch-all route in the AV tests
|
| | | |
| | | |
| | | |
| | | |
| | | | |
We should be able to remove this once the catch-all route is gone from
AP
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This commit removes a deprecated catch-all route in the AV tests. It
defines and includes the necessary routes for each test such that we
don't need the catch-all anymore.
This also helps push us toward #33970
|
|\ \ \ \
| | | | |
| | | | | |
Encode Content-Disposition filenames on send_data and send_file
|
| | | | | |
|
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In Ruby 2.3 or later, `String#+@` is available and `+@` is faster than `dup`.
```ruby
# frozen_string_literal: true
require "bundler/inline"
gemfile(true) do
source "https://rubygems.org"
gem "benchmark-ips"
end
Benchmark.ips do |x|
x.report('+@') { +"" }
x.report('dup') { "".dup }
x.compare!
end
```
```
$ ruby -v benchmark.rb
ruby 2.5.1p57 (2018-03-29 revision 63029) [x86_64-linux]
Warming up --------------------------------------
+@ 282.289k i/100ms
dup 187.638k i/100ms
Calculating -------------------------------------
+@ 6.775M (± 3.6%) i/s - 33.875M in 5.006253s
dup 3.320M (± 2.2%) i/s - 16.700M in 5.032125s
Comparison:
+@: 6775299.3 i/s
dup: 3320400.7 i/s - 2.04x slower
```
|
|\ \ \ \
| | | | |
| | | | | |
Add CSP nonce to `style-src` directive
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
For nonce, only `script-src` and` style-src` are meaningful in the
definition of Content Security Policy Level 2.
https://www.w3.org/TR/CSP2/#script-src-nonce-usage
https://www.w3.org/TR/CSP2/#style-src-nonce-usage
Therefore, I think that customization function not needs and it is enough
to enable both directives inside the framework.
Fixes #32920
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Conditionally use `helper_method` in Flash concern
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I was attempting to use the `flash` functionality in a `Metal`
controller. When including the `flash` concern I received the following
error:
NoMethodError: undefined method `helper_method'....
Either:
- `AbstractController::Helpers` should be a dependency of
`ActionController::Flash`
- `ActionController::Flash` should not require the existence of
`AbstractController::Helpers`.
Since my use case (set a flash and redirect) has no need for the helper
method and that is a common use case, making the dependency conditional
seemed the better option.
NOTE: This is similar to issue #21067 only the error is within Rails
itself while that issue had the error within Devise.
|
| | | | |
| | | | |
| | | | |
| | | | | |
Two implemented but undocumented features are to help indicate that cache is fresh for 3 hours, and it may continue to be served stale for up to an additional 60 seconds to parallel requests for the same resource or up to 5 minutes while errors are being returned back while the initial synchronous revalidation is attempted.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When running with code triage and derailed benchmarks and focusing on this file:
Before
16199 /Users/rschneeman/Documents/projects/rails/actionpack/lib/action_controller/metal/strong_parameters.r
After
2280 /Users/rschneeman/Documents/projects/rails/actionpack/lib/action_controller/metal/strong_parameters.rb
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
Instead of using a splat on the head and tail we can mutate the array by flattening 1 level. We get further savings by not allocating another via `compact` but instead by using `compact!`
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Finish converting whitelist and blacklist references
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* Call block to #redirect_to in controller context
The documentation for ActionController::Redirecting states that a Proc
argument "will be executed in the controller's context." However,
unless #instance_eval is used (removed in 6b3ad0ca), that statement is
false for procs defined outside of the controller instance.
This commit restores the documented behavior.
Fixes #33731.
* Move test proc into a constant in another class
Per @rafaelfranca's suggestion.
[Steven Peckins + Rafael Mendonça França]
|
| | | | | |
| | | | | |
| | | | | | |
ActionDispatch::TestProcess::FixtureFile
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | | |
This updates the `respond_to` method to be code formatted rather than
plain text (as it refers to the method)
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Use string lengths instead of regexp to extract path
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The regexp was introduced in 186ac4cdaa911a9af659a29f2179a19b99dea13b,
and looks cosmetic. While they should be functionally identical in
theory, in practice, case insensitive (but preserving) filesystems can
give results that are differently-cased from the pattern we supplied.
I don't know how to force the filesystem to do the surprising thing,
even when running in an environment that _could_, so no new test.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Remove extra execution of `uniq!` on action_methods
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Execution of `to_set` below should remove duplicated elements.
Follow up #33693
|
|\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | | |
Update ParameterFilter to yield original parameters
|
| |/ / / / / |
|
|/ / / / /
| | | | |
| | | | |
| | | | | |
Instead of creating new arrays for `uniq` and `map` we can instead modify the array in place.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[ci skip]
It seems to need an escape for the showing `ENV`.
https://api.rubyonrails.org/classes/AbstractController/Caching/Fragments.html#method-i-combined_fragment_cache_key
|
| |_|/ /
|/| | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
Fixes #33634.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Layout/TrailingWhitespace
```
actionpack/lib/action_controller/metal/request_forgery_protection.rb:49:4:
C: Layout/TrailingWhitespace: Trailing whitespace detected.
#
^
```
Related to c3787494eda
- Performance/StartWith
```
tasks/release.rb:108:44: C: Performance/StartWith:
Use String#start_with? instead of a regex match anchored to the beginning of the string.
header += "* No changes.\n\n\n" if current_contents =~ /\A##/
```
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Purpose metadata prevents cookie values from being
copy-pasted and ensures that the cookie is used only
for its originally intended purpose.
The Purpose and Expiry metadata are embedded inside signed/encrypted
cookies and will not be readable on previous versions of Rails.
We can switch off purpose and expiry metadata embedded in
signed and encrypted cookies using
config.action_dispatch.use_cookies_with_metadata = false
if you want your cookies to be readable on older versions of Rails.
|
|\ \ \ \
| |/ / /
|/| | | |
fixes #27157 CSRF protection documentation
|