aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/webservice_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* Do not rescue Exception in ParamsParserYuki Nishijima2014-11-231-0/+10
| | | | | Unlike ShowExceptions or PublicExceptions, ParamsParser shouldn't transform exceptions like Interrupt and NoMemoryError into ParserError.
* Eliminate `JSON.{parse,load,generate,dump}` and `def to_json`Godfrey Chan2013-11-051-1/+2
| | | | | | | | | | | | | | | JSON.{dump,generate} offered by the JSON gem is not compatiable with Rails at the moment and can cause a lot of subtle bugs when passed certain data structures. This changed all direct usage of the JSON gem in internal Rails code to always go through AS::JSON.{decode,encode}. We also shouldn't be implementing `to_json` most of the time, and these occurances are replaced with an equivilent `as_json` implementation to avoid problems down the road. See [1] for all the juicy details. [1]: intridea/multi_json#138 (comment)
* Remove XML Parser from ActionDispatchPrem Sichanugrist2013-02-201-131/+15
| | | | | If you want an ability to parse XML parameters, please install `actionpack-xml_parser` gem.
* Remove yaml Proc param parser testBrendon Murphy2013-01-281-13/+0
| | | | | | | | I don't believe this test is exercising any explicit params_parser behavior that the other two Proc tests aren't already doing. Given that we now know it's a bad idea to load user input via YAML.load, somebody reading this test might get a dangerous idea about building out a YAML params parser.
* Remove :yaml related tests and fix other related to parsing empty arraysCarlos Antonio da Silva2013-01-081-43/+0
| | | | All Action Pack tests are green.
* CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
|
* Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-081-13/+0
| | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
|
* Remove default match without specified methodJose and Yehuda2012-04-241-1/+1
| | | | | | | | | | | | | | | | In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964
* Remove rescue_action from compatibility module and testsCarlos Antonio da Silva2012-01-171-2/+0
|
* try not to use assert_blank when nil will wouldNeeraj Singh2011-06-111-2/+2
| | | | | | be considered as failure Test for specific value to the extent possible
* use spec compliant YAMLAaron Patterson2011-01-211-1/+1
|
* Initialize ivars in tests.Emilio Tagua2010-09-281-0/+1
|
* Remove deprecated stuff in ActionControllerCarlos Antonio da Silva2010-09-261-1/+1
| | | | | | This removes all deprecated classes in ActionController related to Routing, Abstract Request/Response and Integration/IntegrationTest. All tests and docs were changed to ActionDispatch instead of ActionController.
* Removed deprecated RouteSet API, still many tests failPiotr Sarnacki2010-09-051-1/+1
|
* code gardening: we have assert_(nil|blank|present), more concise, with ↵Xavier Noria2010-08-171-2/+2
| | | | better default failure messages - let's use them
* Consistent routing languageJoshua Peek2010-03-301-1/+1
|
* Merge branch 'master' of github.com:rails/railsCarlhuda2010-02-251-1/+1
|
* Use ActionDispatch::Routing everywhereMartin Schürrer2010-02-211-1/+1
|
* Use new routing dsl in testsJoshua Peek2009-12-081-3/+1
|
* Add custom "with_routing" to internal tests to fix reseting session after usingJoshua Peek2009-10-031-1/+0
| | | | with_routing. This only affects our internal AP tests.
* Allow integration test rack app to be set with "@app" ivar instead of using ↵Joshua Peek2009-09-261-2/+2
| | | | open_session
* Reset session in integration tests after changing routes to reload the ↵Joshua Peek2009-08-271-0/+1
| | | | middleware stack
* Move legacy param_parsers config onto AD::ParamsParserJoshua Peek2009-08-211-62/+67
|
* Move Safari response-padding fix to Rails2Compatibility. Should be a Rack ↵Jeremy Kemper2009-05-211-2/+2
| | | | concern.
* Switch to Rack based session stores.Joshua Peek2008-12-151-2/+0
|
* Refactor SessionFixationTest and WebServiceTest with IntegrationTest so they ↵Joshua Peek2008-12-041-144/+178
| | | | are compatible with the Rack interface.
* Remove XmlSimple dependenciesJeremy Kemper2008-11-251-5/+4
|
* Fix Hash#from_xml with Type records. Closes #9242 [Juanjo Bazan, Isaac Feliu]Jeremy Kemper2008-02-271-2/+47
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8937 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* require abstract_unit directly since test is in load pathJeremy Kemper2008-01-051-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8564 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Parse url-encoded and multipart requests ourselves instead of delegating to CGI.Jeremy Kemper2007-05-181-3/+6
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6764 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Introduce the request.body stream. Lazy-read to parse parameters rather than ↵Jeremy Kemper2007-05-151-7/+3
| | | | | | always setting RAW_POST_DATA. Reduces the memory footprint of large binary PUT requests. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6740 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Removed ill faded xml_node class from codebase. Use XmlSimple insteadTobias Lütke2007-04-091-57/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6511 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Deprecation: remove deprecated request methods.Jeremy Kemper2007-03-131-9/+0
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6401 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added Hash.create_from_xml(string) which will create a hash from a XML ↵David Heinemeier Hansson2006-06-161-7/+0
| | | | | | string and even typecast if possible [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@4453 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Make sure xml_simple requests don't blow up if an empty request body is recievedJamis Buck2006-03-181-0/+6
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3936 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Add a test to make sure basic XML entities get unescaped properlyJamis Buck2006-03-181-0/+8
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3918 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* XML-formatted requests are typecast according to "type" attributes for ↵Jamis Buck2006-03-181-1/+53
| | | | | | :xml_simple git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3915 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Underscore dasherized keys in formatted requestsJamis Buck2006-03-151-3/+28
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3878 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Mime types are separated by a comma, not semicolon, in the Accept header. ↵David Heinemeier Hansson2006-03-121-5/+5
| | | | | | Also switch all internal configuration of mime types away from strings and over to Mime::Type [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3847 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added better support for using the same actions to output for different ↵David Heinemeier Hansson2006-03-111-1/+1
| | | | | | sources depending on the Accept header [DHH] Added Base#render(:xml => xml) that works just like Base#render(:text => text), but sets the content-type to text/xml and the charset to UTF-8 [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3838 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* ActionController::Base.param_parsers now accept symbols. currently supported ↵Tobias Lütke2006-03-051-2/+20
| | | | | | are :xml_node, :xml_simple and :yaml git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3778 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added new infrastructure support for REST webservices.Tobias Lütke2006-03-051-0/+146
By default application/xml posts are handled by creating a XmlNode object with the same name as the root element of the submitted xml. M$ ActionController::Base.param_parsers['application/atom+xml'] = Proc.new do |data| node = REXML::Document.new(post) { node.root.name => node.root } end XmlSimple and Yaml web services were retired, ActionController::Base.param_parsers carries an example which shows how to get this functio$ request.[formatted_post?, xml_post?, yaml_post? and post_format] were all deprecated in favor of request.content_type [Tobias Luetke] Closes #4081 git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3777 5ecf4fe2-1ee6-0310-87b1-e25e094e27de