aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/render_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #30367 from ptoomey3/consistent-cache-control-headersAaron Patterson2017-09-051-0/+21
|\ | | | | Normalize/process Cache-Control headers consistently
| * Use equality in place of refute assertions for accuracyPatrick Toomey2017-08-221-4/+2
| |
| * Normalize/process Cach-Control headers consistentlyPatrick Toomey2017-08-221-0/+23
| | | | | | | | | | | | | | | | | | | | In the existing logic, the `Cache-Control` header may or may not get normalized by additional logic depending on whether `response.cache_conrol` has been modified. This leads to inconsistent behavior, since sometimes `Cache-Control` can contain whatever a user sets and sometimes it gets normalized, based on the logic inside of `set_conditional_cache_control!`. It seems like this normalization process should happen regardless to ensure consistent behavior.
* | Fix `can't modify frozen String` error in AC::RenderingKoichi ITO2017-09-021-0/+12
|/
* Use frozen string literal in actionpack/Kir Shatrov2017-07-291-0/+2
|
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-021-1/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Enforce frozen string in RubocopKir Shatrov2017-07-011-0/+1
|
* Define path with __dir__bogdanvlviv2017-05-231-6/+6
| | | | | | ".. with __dir__ we can restore order in the Universe." - by @fxn Related to 5b8738c2df003a96f0e490c43559747618d10f5f
* make `render` work with AC::Paramsyuuji.yaginuma2017-01-151-1/+0
| | | | | | | | In 4.2, since AC::Params inherited `Hash`, processing in the case of `Hash` was done. But in 5.x, since AC::Params does not inherit `Hash`, need to add care for AC::Params. Related to 00285e7cf75c96553719072a27c27e4ab7d25b40
* Add more rubocop rules about whitespacesRafael Mendonça França2016-10-291-1/+1
|
* Remove deprecated support to :nothing in renderRafael Mendonça França2016-10-091-10/+0
|
* Remove deprecated support for status option in headRafael Mendonça França2016-10-091-21/+0
|
* improve error message when include assertions failMichael Grosser2016-09-161-1/+1
| | | | | | assert [1, 3].includes?(2) fails with unhelpful "Asserting failed" message assert_includes [1, 3], 2 fails with "Expected [1, 3] to include 2" which makes it easier to debug and more obvious what went wrong
* fixes remaining RuboCop issues [Vipul A M, Xavier Noria]Xavier Noria2016-09-011-1/+1
|
* Add three new rubocop rulesRafael Mendonça França2016-08-161-1/+1
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* applies remaining conventions across the projectXavier Noria2016-08-061-6/+6
|
* modernizes hash syntax in actionpackXavier Noria2016-08-061-24/+24
|
* applies new string literal convention in actionpack/testXavier Noria2016-08-061-59/+59
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Fix adding implicitly rendered namespaced template digests to ETagsJavan Makhmali2016-07-131-10/+44
|
* Fix adding implicitly rendered template digests to ETagsJavan Makhmali2016-06-281-10/+35
| | | | Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
* render_to_string Regression Outside of Real Requests in Rails 5.0.0.rc1 (#25308)Brandon Medenwald2016-06-091-0/+7
| | | | | | * Restore the functionality of PR#14129, but do so with not nil to better indicate the purpose of the conditional * Add a test when render_to_string called on ActionController::Base.new()
* Strong ETag validatorsJeremy Daer2016-03-311-15/+43
| | | | | | | | | | | | | | | | | | * Introduce `Response#strong_etag=` and `#weak_etag=` and analogous options for `fresh_when` and `stale?`. `Response#etag=` sets a weak ETag. Strong ETags are desirable when you're serving byte-for-byte identical responses that support Range requests, like PDFs or videos (typically done by reproxying the response from a backend storage service). Also desirable when fronted by some CDNs that support strong ETags only, like Akamai. * No longer strips quotes (`"`) from ETag values before comparing them. Quotes are significant, part of the ETag. A quoted ETag and an unquoted one are not the same entity. * Support `If-None-Match: *`. Rarely useful for GET requests; meant to provide some optimistic concurrency control for PUT requests.
* Remove http_cache_forever's version parameterJean Boussier2016-03-051-9/+1
|
* Deprecate :controller and :action path parametersAndrew White2016-03-011-1/+4
| | | | | | | | Allowing :controller and :action values to be specified via the path in config/routes.rb has been an underlying cause of a number of issues in Rails that have resulted in security releases. In light of this it's better that controllers and actions are explicitly whitelisted rather than trying to blacklist or sanitize 'bad' values.
* Lock down new `ImplicitRender` behavior for 5.0 RCGodfrey Chan2016-02-251-2/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Conceptually revert #20276 The feature was implemented for the `responders` gem. In the end, they did not need that feature, and have found a better fix (see plataformatec/responders#131). `ImplicitRender` is the place where Rails specifies our default policies for the case where the user did not explicitly tell us what to render, essentially describing a set of heuristics. If the gem (or the user) knows exactly what they want, they could just perform the correct `render` to avoid falling through to here, as `responders` did (the user called `respond_with`). Reverting the patch allows us to avoid exploding the complexity and defining “the fallback for a fallback” policies. 2. `respond_to` and templates are considered exhaustive enumerations If the user specified a list of formats/variants in a `respond_to` block, anything that is not explicitly included should result in an `UnknownFormat` error (which is then caught upstream to mean “406 Not Acceptable” by default). This is already how it works before this commit. Same goes for templates – if the user defined a set of templates (usually in the file system), that set is now considered exhaustive, which means that “missing” templates are considered `UnknownFormat` errors (406). 3. To keep API endpoints simple, the implicit render behavior for actions with no templates defined at all (regardless of formats, locales, variants, etc) are defaulted to “204 No Content”. This is a strictly narrower version of the feature landed in #19036 and #19377. 4. To avoid confusion when interacting in the browser, these actions will raise an `UnknownFormat` error for “interactive” requests instead. (The precise definition of “interactive” requests might change – the spirit here is to give helpful messages and avoid confusions.) Closes #20666, #23062, #23077, #23564 [Godfrey Chan, Jon Moss, Kasper Timm Hansen, Mike Clark, Matthew Draper]
* Fix master buildJon Moss2016-02-181-1/+1
|
* remove unused variable from render testyuuji.yaginuma2016-01-301-1/+1
| | | | | | | | This removes the following warning. ``` rails/actionpack/test/controller/render_test.rb:278: warning: assigned but unused variable - response ```
* Run `file.close` before unlinking for traviseileencodes2016-01-281-1/+2
| | | | | | | | | | | This works on OSX but for some reason travis is throwing a ``` 1) Error: ExpiresInRenderTest#test_dynamic_render_with_absolute_path: NoMethodError: undefined method `unlink' for nil:NilClass ``` Looking at other tests in Railties the file has a name and we close it before unlinking, so I'm going to try that.
* Regression test for rendering file from absolute patheileencodes2016-01-281-0/+11
| | | | | | Test that we are not allowing you to grab a file with an absolute path outside of your application directory. This is dangerous because it could be used to retrieve files from the server like `/etc/passwd`.
* doc typoAkira Matsuda2016-01-271-2/+2
| | | | [ci skip]
* add a skip for failing testAaron Patterson2016-01-261-1/+2
|
* fix permitted? conditional for `render` callsAaron Patterson2016-01-261-0/+11
|
* clear view path cache between testsAaron Patterson2016-01-261-0/+5
| | | | | | | | The cache for `render file:` seems to also be used in the case of `render(string)`. If one is supposed to be a hit and the other is supposed to be a miss, and they both reference the same file, then the cache could return incorrect values. This commit clears the cache between runs so that we get non-cached behavior.
* Merge branch '5-0-beta-sec'Aaron Patterson2016-01-251-0/+31
|\ | | | | | | | | | | | | | | | | | | | | * 5-0-beta-sec: bumping version fix version update task to deal with .beta1.1 Eliminate instance level writers for class accessors allow :file to be outside rails root, but anything else must be inside the rails view directory Don't short-circuit reject_if proc stop caching mime types globally use secure string comparisons for basic auth username / password
| * allow :file to be outside rails root, but anything else must be inside the ↵Aaron Patterson2016-01-221-0/+31
| | | | | | | | | | | | rails view directory CVE-2016-0752
* | Response etags to always be weak: Prefixed W/ to value returned by ↵abhishek2016-01-201-1/+1
|/ | | | ActionDispatch::Http::Cache::Response#etag= such that etags set in fresh_when and stale? are weak. For #17556.
* Change Integer#year to return a Fixnum instead of a Float to improve consistencyKonstantinos Rousis2015-10-221-2/+2
|
* remove RackDelegation moduleAaron Patterson2015-08-261-2/+0
| | | | | | Since all controller instances are required to have a request and response object, RackDelegation is no longer needed (we always have to delegate to the response)
* Get rid of mocha tests - part 1Marcin Olichwirowicz2015-08-241-4/+4
|
* Stop using deprecated `render :text` in testPrem Sichanugrist2015-07-171-4/+4
| | | | | | | | | This will silence deprecation warnings. Most of the test can be changed from `render :text` to render `:plain` or `render :body` right away. However, there are some tests that needed to be fixed by hand as they actually assert the default Content-Type returned from `render :body`.
* Deprecate passing hash as first parameter into ActionController::HeadMehmet Emin İNAÇ2015-06-151-7/+28
|
* Add test coverage for implicit render in empty actionsJorge Bejar2015-06-111-0/+14
|
* Deprecate `:nothing` option for render methodMehmet Emin İNAÇ2015-05-281-0/+10
| | | | `head` method works similar to `render` method with `:nothing` option
* Return true from head methodJoel Hayhurst2015-03-121-0/+11
| | | | | | It was returning false in normal circumstances. This broke the `head :ok and return if` construct. Add appropriate test.
* Implement http_cache_forever to ActionControllerArthur Neves2015-02-151-0/+53
| | | | | | | | | Add http_cache_forever to ActionController, so we can cache results forever. Things like static pages are a good candidate for this type of caching. This cache only controls caching headers, so it is up to the browser to cache those requests.
* Accept a collection in fresh_when and stale?claudiob2015-02-101-1/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The methods `fresh_when` and `stale?` from ActionController::ConditionalGet accept a single record as a short form for a hash. For instance ```ruby def show @article = Article.find(params[:id]) fresh_when(@article) end ``` is just a short form for: ```ruby def show @article = Article.find(params[:id]) fresh_when(etag: @article, last_modified: @article.created_at) end ``` This commit extends `fresh_when` and `stale?` to also accept a collection of records, so that a short form similar to the one above can be used in an `index` action. After this commit, the following code: ```ruby def index @article = Article.all fresh_when(etag: @articles, last_modified: @articles.maximum(:created_at)) end ``` can be simply written as: ```ruby def index @article = Article.all fresh_when(@articles) end ```
* Fix wrong kwarg "record" from #18872claudiob2015-02-101-0/+1
| | | | | | | | | | | | PR #18772 changed the parameters of `stale?` to use `kwargs`. [As for this comment](https://github.com/rails/rails/pull/18872/files#r24456288) the default value for the `etag` parameter should be `record`, not `nil`. This commit fixes the code and introduces a test that: - passed before #18872 - fails on the current master (after #18772) - passes again after setting the default value of `etag` to `record`.
* Switch to kwargs in ActionController::TestCase and ActionDispatch::IntegrationKir Shatrov2015-01-291-6/+6
| | | | | | | | Non-kwargs requests are deprecated now. Guides are updated as well. `post url, nil, nil, { a: 'b' }` doesn't make sense. `post url, params: { y: x }, session: { a: 'b' }` would be an explicit way to do the same
* Remove unused AV fixtures from AP testsclaudiob2015-01-111-65/+0
| | | | | | | | | When `render` was moved from ActionPack to ActionView in acc8e259, some fixtures required by the tests were duplicated, but they are actually only required by ActionView tests. To give one example, `double_render` is already defined [in the AV tests](https://github.com/rails/rails/blob/72139d8d310d896db78eaec98582c7a638135102/actionview/test/actionpack/controller/render_test.rb#L407) and is never used in the ActionPack tests.
* Correctly use the response's status code calling headRobin Dupret2014-12-311-0/+17
| | | | | | | | | | | | | | | | Commit 20fece1 introduced the `_status_code` method to fix calls to `head :ok`. This method has been added on both ActionController::Metal and ActionDispatch::Response. As for the latter, this method is just equivalent to the `response_code` one so commit aefec3c removed it from the `Reponse` object so call to the `_status_code` method on an ActionController::Base instance would be handled by the `Metal` class (which `Base` inherits from) but the status code is not updated according to the response at this level. The fix is to actually rely on `response_code` for ActionController::Base instances but this method doesn't exist for bare Metal controllers so we need to define it.