| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This takes away the following log.
```
Error occurred while parsing request parameters.
Contents:
{:foo=>"heyo"}
```
Pass the correct value as JSON
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
… by switching the initialzation of an appropriate response parser
in `ActionDispatch::TestResponse` from eagerly to lazily.
By doing so, the response parser can be correctly set for
`ActionController::TestCase`, which doesn't include
the content type header in the constructor but only sets it at
a later time.
Fixes #34676.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since Rails 6.0 will support Ruby 2.4.1 or higher
`# frozen_string_literal: true` magic comment is enough to make string object frozen.
This magic comment is enabled by `Style/FrozenStringLiteralComment` cop.
* Exclude these files not to auto correct false positive `Regexp#freeze`
- 'actionpack/lib/action_dispatch/journey/router/utils.rb'
- 'activerecord/lib/active_record/connection_adapters/sqlite3_adapter.rb'
It has been fixed by https://github.com/rubocop-hq/rubocop/pull/6333
Once the newer version of RuboCop released and available at Code Climate these exclude entries should be removed.
* Replace `String#freeze` with `String#-@` manually if explicit frozen string objects are required
- 'actionpack/test/controller/test_case_test.rb'
- 'activemodel/test/cases/type/string_test.rb'
- 'activesupport/lib/active_support/core_ext/string/strip.rb'
- 'activesupport/test/core_ext/string_ext_test.rb'
- 'railties/test/generators/actions_test.rb'
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- There was an issue inside controller tests where order params were not respected, the reason
was because we were calling `Hash#to_query` which sorts the results lexicographically.
1e4e1b62 fixed that issue by not using `to_query` but instead a utility function provided by rack.
- However with the fix came another issue where it's now no longer possible to do this
```
post :foo, params: { user: User.first }
# Prior to the patch the controller will receive { "user" => "1" }
# Whereas now you get { "user": "#<User: ...>" }
```
The fix in this PR is to modify `Hash#to_query` to sort only when it
doesn't contain an array structure that looks something like "bar[]"
Ref https://github.com/rails/rails/pull/33341#issuecomment-404039396
|
|
|
|
|
|
|
|
| |
https://codeclimate.com/github/rails/rails/issues
`bundle exec rubocop -a`
Related to e4e1b62007fe40c4277ebc30067837a91bf25967
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`to_query` sorts parameters before encoding them. This causes a round
tripping issue as noted here:
https://github.com/rails/rails/issues/23997#issuecomment-328297933
https://github.com/rails/rails/issues/10529#issuecomment-328298109
https://github.com/rails/rails/pull/30558
Unfortunately, that method is being used to generate cache keys, so its
results need to be stable:
https://github.com/rails/rails/commit/10dec0e65e1f4d87f411b4361045eba86b121be9
However, the test harness is only using `to_query` to encode parameters
before sending them to the controller so the "cache key" usecase doesn't
apply here.
This commit adds a test that demonstrates the round trip problems and
changes the serialization strategy to use Rack for encoding the
parameters rather than `to_query`.
|
|
|
|
|
|
|
| |
If a POST request is followed by a GET request in a controller test, the
`rack.input` and `RAW_POST_DATA` headers from the first request will be
reset but the `CONTENT_LENGTH` header will leak, leading the request
object in the second request to incorrectly believe it has a body.
|
|
|
|
|
|
| |
`RAW_POST_DATA` is derived from the `rack.input` header, which changes
with each test request. It needs to be cleared in `scrub_env!`, or all
requests within the same test will see the value from the first request.
|
|
|
|
|
|
|
|
|
| |
Initially, the test was added to 5-0-stable in #32492
and a bit modified in #32506. This test ensures that request(in tests)
doesn't mutate params. It was fixed since v5.1.0.beta1 by
98b8309569a326910a723f521911e54994b112fb and then on 5-0-stable by #32492.
This commit adds this test to master branch in order to prevent any
regressions.
|
| |
|
| |
|
| |
|
|
|
|
| |
And enable `context_dependent` of Style/BracesAroundHashParameters cop.
|
| |
|
|
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
| |
|
|
|
|
|
|
| |
".. with __dir__ we can restore order in the Universe." - by @fxn
Related to 5b8738c2df003a96f0e490c43559747618d10f5f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit c6f9f8c28a720ad4ec7cf3613dddfa451d5968e2, reversing
changes made to c309073c7476f50dfb1e796d058580f176101c36.
Reason: This is fixing the behavior in the wrong place. Now the request
path after the request is nil and there is no way to assert that.
Also the test that was added in that PR also fails in 4.2 where the
reporter says it was passing. The reason the bahavior changed between
Rails 4.2 and Rails 5 is that the format in the path is now respected.
The correct way to fix the problem is not doign two requests in the same
controller test and use integrations tests. This change caused a
regression between Rails 5.0.1 and 5.0.2.
|
| |
|
|
|
|
| |
empty lines
|
|
|
|
|
|
|
|
|
|
| |
Prevents PATH_INFO from being used to infer the request format in later
test requests when no explicit format is given.
As the request PATH_INFO may be set before a request, it can't be
deleted during pre-request scrubbing.
Fixes #27774
|
|
|
|
|
|
| |
It was depending on a side-effect of the old html-scanner, so was no
longer proving what it intended to. Instead, assert more directly about
the resulting observable difference.
|
|
|
|
| |
this test case fails with ruby 2.4, so we want to see what's actually happening
|
| |
|
|
|
|
|
| |
This image has copyright that we are not giving so it is better to use
one image that we own the copyright.
|
| |
|
| |
|
|\
| |
| | |
Make :as option also set request format (AC::TestCase)
|
| |
| |
| |
| |
| |
| |
| |
| | |
right now you'd have to specify both :as and :format:
```
post :create, params: { foo: "bar" } as: :json, format: :json
```
|
|/
|
|
|
|
|
|
|
|
| |
When passed an already-valid file name, prepending the path is likely to
create problems.
This is particularly relevant for #26384, which adds fixture_path
handling to test classes that previously didn't have it: any existing
caller must have been manually locating the file, and we don't want to
break them.
|
|
|
|
| |
Documentation & testing
|
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before this change, posted parameters would leak across requests. The included
test case failed like so:
1) Failure:
TestCaseTest#test_multiple_mixed_method_process_should_scrub_rack_input:
--- expected
+++ actual
@@ -1 +1 @@
-{"bar"=>"an bar", "controller"=>"test_case_test/test", "action"=>"test_params"}
+{"foo"=>"an foo", "bar"=>"an bar", "controller"=>"test_case_test/test", "action"=>"test_params"}
An argument could be made that this situation isn't encountered often and that
one should limit the number of requests per test case, but I still think the
parameter leaking is an unexpected side-effect.
|
| |
|
|
|
|
|
|
|
|
| |
Ruby 2.4 unifies Fixnum and Bignum into Integer: https://bugs.ruby-lang.org/issues/12005
* Forward compat with new unified Integer class in Ruby 2.4+.
* Backward compat with separate Fixnum/Bignum in Ruby 2.2 & 2.3.
* Drops needless Fixnum distinction in docs, preferring Integer.
|
|
|
|
|
|
|
|
| |
Allowing :controller and :action values to be specified via the path
in config/routes.rb has been an underlying cause of a number of issues
in Rails that have resulted in security releases. In light of this it's
better that controllers and actions are explicitly whitelisted rather
than trying to blacklist or sanitize 'bad' values.
|
| |
|
|
|
|
|
|
| |
The `cookies` hash isn't updated with the value generated by the output
from `to_header` so it wasn't testing anything. Rendering the cookie
value in the controller makes sure that the escaping is actually working.
|
|
|
|
|
| |
Get an incorrect cookie value in controller action method
if cookie value contains an escapable string.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For ActionController::Base we write the cookies in a middleware if it
was not yet committed no matter if the response was committed or not. [1]
For ActionController::Live we write the cookies before the response is
committed. [2]
We already mimic ActionController::Live in
ActionController::TestCase but we don't mimic the ActionController::Base
behavior because we were checking if the response was committed before
writing the cookies.
Now we are matching the behavior of the middleware and writing the
cookies if it was not written before.
[1]: https://github.com/rails/rails/blob/80c6b901d4d87cee610ab0a438ff6e3c6bf118d1/actionpack/lib/action_dispatch/middleware/cookies.rb#L599-L604
[2]: https://github.com/rails/rails/blob/80c6b901d4d87cee610ab0a438ff6e3c6bf118d1/actionpack/lib/action_controller/metal/live.rb#L218-L223
|
|
|
|
|
|
|
| |
It doesn't make sense to access the response object before a request is
made (how was a response object created without making a request?) This
commit splits testing default headers and default header mutation tests
and removes access to the pre-request response object.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In c546a2b this was changed to mimic how the browser behaves in a real
situation but left out types that were registered.
When this was changed it didn't take `text/plain` or `text/html` content
types into account. This is a problem if you're manipulating the
`Content-Type` headers in your controller tests, and expect a certain
result.
The reason I changed this to use `to_sym` is because if the
`Content-Type` is not registered then the symbol will not exist. If it's
one of the special types we handle that specifically (:json, :xml, or
:url_encoded_form). If it's any registered type we handle it by setting
the `path_parameters` and then the `request_parameters`. If the `to_sym`
returns nil an error will be thrown.
If the controller test sets a `Content-Type` on the request that `Content-Type`
should remain in the header and pass along the filename.
For example:
If a test sets a content type on a post
```
@request.headers['CONTENT_TYPE'] = 'text/plain'
post :create, params: { name: 'foo.txt' }
```
Then `foo.txt` should be in the `request_parameters` and params related
to the path should be in the `path_parameters` and the `Content-Type`
header should match the one set in the `@request`. When c546a2b was
committed `text/plain` and `text/html` types were throwing a "Unknown
Content-Type" error which is misleading and incorrect.
Note: this does not affect how this is handled in the browser, just how
the controller tests handle setting `Content-Type`.
|