aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch/request/json_params_parsing_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* Use frozen string literal in actionpack/Kir Shatrov2017-07-291-0/+2
|
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-021-1/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Enforce frozen string in RubocopKir Shatrov2017-07-011-0/+1
|
* Remove deprecated support to non-keyword arguments in ↵Rafael Mendonça França2016-10-101-1/+3
| | | | | | `ActionDispatch::IntegrationTest`, `#process`, `#get`, `#post`, `#patch`, `#put`, `#delete`, and `#head`.
* Deprecated ActionDispatch::ParamsParser::ParamsParserRafael Mendonça França2016-10-101-1/+1
| | | | | | ActionDispatch::ParamsParser class was removed in favor of ActionDispatch::Http::Parameters so it is better to move the error constant to the new class.
* Add three new rubocop rulesRafael Mendonça França2016-08-161-11/+11
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* remove redundant curlies from hash argumentsXavier Noria2016-08-061-14/+14
|
* modernizes hash syntax in actionpackXavier Noria2016-08-061-3/+3
|
* applies new string literal convention in actionpack/testXavier Noria2016-08-061-20/+20
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Modifies mime-registration test not to interfere with real mime typesBenjamin Fleischer2016-05-231-3/+3
| | | | | | | | | | | | | | | | The tests introduced in https://github.com/rails/rails/pull/23816/files#diff-384a5a15d8d53de799fb6541688ea5f9R153 register the JSON API media type `application/vnd.api+json` with `Mime[:json]`. The JSON API media type should not be registered with `Mime[:json]`, as discussed in #23712. Moreover, since the actual mime type used in the test is incidental, I've changed this to a valid, but fictional `applcation/vnd.rails+json`. These tests were causing failures in https://github.com/rails/rails/pull/25050#issuecomment-221092934 where `Mime[:jsonapi]` is being added, so that JSON API request params are parsed with the JSONAPI gem.
* Deprecate :controller and :action path parametersAndrew White2016-03-011-2/+6
| | | | | | | | Allowing :controller and :action values to be specified via the path in config/routes.rb has been an underlying cause of a number of issues in Rails that have resulted in security releases. In light of this it's better that controllers and actions are explicitly whitelisted rather than trying to blacklist or sanitize 'bad' values.
* Make sure we unregister the mime type before registeringRafael Mendonça França2016-02-221-10/+22
| | | | Also make sure we don't change the global state of our test suite.
* Use symbol of mime type instead of object to get correct parserMehmet Emin İNAÇ2016-02-221-0/+16
| | | | | | After registering new `:json` mime type `parsers.fetch` can't find the mime type because new mime type is not equal to old one. Using symbol of the mime type as key on parsers hash solves the problem. Closes #23766
* Fix typoRafael Mendonça França2016-02-171-1/+1
|
* The JSON API media type should only work wih a JSON API handlerBenjamin Fleischer2016-02-161-9/+2
| | | | | | | | | | | | Since the media type 'application/vnd.api+json' is a spec, it is inappropriate to handle it with the JSON renderer. This PR removes support for a JSON API media type. I would recommend the media type be registered on its own as `jsonapi` when a jsonapi Renderer and deserializer (Http::Parameters::DEFAULT_PARSERS) are added. Is related to work in https://github.com/rails/rails/pull/21496
* Deprecate exception#original_exception in favor of exception#causeYuki Nishijima2015-11-031-2/+2
|
* Add test for parsing application/vnd.api+jsonMarcin Olichwirowicz2015-08-211-0/+14
|
* Make AC::Parameters not inherited from HashPrem Sichanugrist2015-07-151-1/+1
| | | | | | | | This is another take at #14384 as we decided to wait until `master` is targeting Rails 5.0. This commit is implementation-complete, as it guarantees that all the public methods on the hash-inherited Parameters are still working (based on test case). We can decide to follow-up later if we want to remove some methods out from Parameters.
* Consistent usage of spaces in hashes across our codebaseRafael Mendonça França2015-01-291-1/+1
|
* Switch to kwargs in ActionController::TestCase and ActionDispatch::IntegrationKir Shatrov2015-01-291-4/+4
| | | | | | | | Non-kwargs requests are deprecated now. Guides are updated as well. `post url, nil, nil, { a: 'b' }` doesn't make sense. `post url, params: { y: x }, session: { a: 'b' }` would be an explicit way to do the same
* Don't convert empty arrays to nils when deep munging paramsChris Sinjakli2014-12-151-2/+2
|
* test boolean and number json param parsingArthur Neves2014-01-231-0/+7
|
* Use Request#raw_post instead Request#bodyPaul Nikitochkin2013-07-081-0/+7
| | | | | | | | In order to get raw_post to be not empty after ParamsParser#parse_formatted_parameters, added rewinding of body stream input on parsing json params. Closes #11345
* Replace multi_json with jsonErik Michaels-Ober2013-05-111-1/+1
|
* Fix failing AP testCarlos Antonio da Silva2013-05-011-1/+1
|
* Fix json params parsing regression for non-object JSON content.Dylan Smith2013-01-111-0/+7
| | | | Fixes #8845.
* * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-081-0/+15
| | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-081-15/+0
| | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-071-0/+15
| | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* Make ActionDispatch::ParamsParser::ParseError#original_exception return the ↵Szymon Nowak2012-08-271-1/+2
| | | | original exception.
* Fix ActionDispatch::ParamsParser::ParseError message for XML and JSON parsers.Szymon Nowak2012-08-241-1/+2
|
* Raise generic ParseError exception when ActionDispatch::ParamsParser fails ↵Szymon Nowak2012-08-241-1/+1
| | | | parsing request params.
* Remove default match without specified methodJose and Yehuda2012-04-241-2/+2
| | | | | | | | | | | | | | | | In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964
* Moved all the logger methods to active support loggerKarunakar (Ruby)2012-01-061-1/+1
| | | | minor
* middlewares should use logger from envlest2011-11-251-10/+6
|
* Remove unreachable code, and add additional testcases.kennyj2011-11-241-0/+12
|
* Add `ActionController::ParamsWrapper` to wrap parameters into a nested hashPrem Sichanugrist2011-05-031-0/+53
| | | This will allow us to do a rootless JSON/XML request to server.
* Remove deprecated stuff in ActionControllerCarlos Antonio da Silva2010-09-261-1/+1
| | | | | | This removes all deprecated classes in ActionController related to Routing, Abstract Request/Response and Integration/IntegrationTest. All tests and docs were changed to ActionDispatch instead of ActionController.
* Removed deprecated RouteSet API, still many tests failPiotr Sarnacki2010-09-051-1/+1
|
* Disable ShowExceptions during integration testsJoshua Peek2010-01-191-1/+1
|
* Ruby 1.9: resolve constant lookup issuesJeremy Kemper2009-11-041-1/+1
|
* Start rewriting some internal tests to use the new routing dslJoshua Peek2009-10-201-1/+1
|
* Add custom "with_routing" to internal tests to fix reseting session after usingJoshua Peek2009-10-031-1/+0
| | | | with_routing. This only affects our internal AP tests.
* Reset session in integration tests after changing routes to reload the ↵Joshua Peek2009-08-271-0/+1
| | | | middleware stack
* Adding a call to logger from params_parser to give detailed debug ↵Jay Pignata2009-08-151-4/+24
| | | | | | | | information when invalid xml or json is posted [#2481 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Move dispatch related tests into test/dispatchJoshua Peek2009-01-281-0/+45