aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch/request
Commit message (Collapse)AuthorAgeFilesLines
* Remove XML Parser from ActionDispatchPrem Sichanugrist2013-02-201-182/+0
| | | | | If you want an ability to parse XML parameters, please install `actionpack-xml_parser` gem.
* Fix json params parsing regression for non-object JSON content.Dylan Smith2013-01-111-0/+7
| | | | Fixes #8845.
* Remove :yaml related tests and fix other related to parsing empty arraysCarlos Antonio da Silva2013-01-081-2/+2
| | | | All Action Pack tests are green.
* * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-082-0/+32
| | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-082-32/+0
| | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-072-0/+32
| | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* Alias refute methods to assert_not and perfer assert_not on testsRafael Mendonça França2012-12-311-1/+1
|
* Prevent raising EOFError on multipart GET request.Adam Stankiewicz2012-12-101-0/+12
| | | | | | | | | | Such request can happen on Internet Explorer. When we redirect after multipart form submission, the request type is changed to GET, but Content-Type is preserved as multipart. GET request cannot have multipart body and that caused Rails to fail. It's similar fix to Rack's one: https://github.com/chneukirchen/rack/blob/8025a4ae9477d1e6231344c2b7d795aa9b3717b6/lib/rack/request.rb#L224
* Merge pull request #7444 from szimek/params_parser_raises_parsing_errorAaron Patterson2012-09-262-2/+6
|\ | | | | Raise generic ParseError exception when ParamsParser fails parsing request params
| * Make ActionDispatch::ParamsParser::ParseError#original_exception return the ↵Szymon Nowak2012-08-272-2/+4
| | | | | | | | original exception.
| * Fix ActionDispatch::ParamsParser::ParseError message for XML and JSON parsers.Szymon Nowak2012-08-242-2/+4
| |
| * Raise generic ParseError exception when ActionDispatch::ParamsParser fails ↵Szymon Nowak2012-08-242-2/+2
| | | | | | | | parsing request params.
* | Add test for clear in ActionDispatch::Request::SessionAndreas Loupasakis2012-09-081-0/+9
|/
* Fix buildSantiago Pastorino2012-06-131-2/+2
|
* Array parameters should not contain nil values.Aaron Patterson2012-06-121-0/+4
|
* Merge branch 'master-sec'Aaron Patterson2012-05-311-1/+6
|\ | | | | | | | | | | * master-sec: Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this! predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
| * Strip [nil] from parameters hash.Aaron Patterson2012-05-301-1/+6
| | | | | | | | | | | | Thanks to Ben Murphy for reporting this! CVE-2012-2660
* | Added ActionDispatch::Request::Session#keys and ↵Philip Arndt2012-05-231-0/+16
|/ | | | ActionDispatch::Request::Session#values
* Raise ActionController::BadRequest for malformed parameter hashes.Andrew White2012-05-202-0/+22
| | | | | | | | | | | | | | Currently Rack raises a TypeError when it encounters a malformed or ambiguous hash like `foo[]=bar&foo[4]=bar`. Rather than pass this through to the application this commit captures the exception and re-raises it using a new ActionController::BadRequest exception. The new ActionController::BadRequest exception returns a 400 error instead of the 500 error that would've been returned by the original TypeError. This allows exception notification libraries to ignore these errors if so desired. Closes #3051
* testing session store behaviorAaron Patterson2012-05-021-0/+48
|
* Remove default match without specified methodJose and Yehuda2012-04-245-7/+7
| | | | | | | | | | | | | | | | In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964
* Moved all the logger methods to active support loggerKarunakar (Ruby)2012-01-062-2/+2
| | | | minor
* remove ActiveSupport::Base64 in favor of ::Base64Sergey Nartimov2012-01-021-4/+4
|
* remove checks for encodings availabilitySergey Nartimov2011-12-251-1/+1
|
* deprecate String#encoding_aware? and remove its usageSergey Nartimov2011-12-241-2/+0
|
* middlewares should use logger from envlest2011-11-252-20/+12
|
* Remove unreachable code, and add additional testcases.kennyj2011-11-242-0/+24
|
* Multipart is now fixed in Rack.José Valim2011-05-031-14/+8
|
* Add `ActionController::ParamsWrapper` to wrap parameters into a nested hashPrem Sichanugrist2011-05-032-0/+91
| | | This will allow us to do a rootless JSON/XML request to server.
* if it walks like a duck and talks like a duck, it must be a duckAaron Patterson2010-10-041-7/+0
|
* Change test to avoid warnings.Emilio Tagua2010-09-281-1/+1
|
* undef method if already defined.Emilio Tagua2010-09-281-0/+1
|
* Remove deprecated stuff in ActionControllerCarlos Antonio da Silva2010-09-265-5/+5
| | | | | | This removes all deprecated classes in ActionController related to Routing, Abstract Request/Response and Integration/IntegrationTest. All tests and docs were changed to ActionDispatch instead of ActionController.
* Removed deprecated RouteSet API, still many tests failPiotr Sarnacki2010-09-055-5/+5
|
* Fix several known web encoding issues:wycats2010-06-271-0/+23
| | | | | | | | | | | | | | | | | | | | | | | * Specify accept-charset on all forms. All recent browsers, as well as IE5+, will use the encoding specified for form parameters * Unfortunately, IE5+ will not look at accept-charset unless at least one character in the form's values is not in the page's charset. Since the user can override the default charset (which Rails sets to UTF-8), we provide a hidden input containing a unicode character, forcing IE to look at the accept-charset. * Now that the vast majority of web input is UTF-8, we set the inbound parameters to UTF-8. This will eliminate many cases of incompatible encodings between ASCII-8BIT and UTF-8. * You can safely ignore params[:_snowman_] TODO: * Validate inbound text to confirm it is UTF-8 * Combine the whole_form implementations in form_helper_test and form_tag_helper_test
* Upgrade to Rack 1.2.1Jeremy Kemper2010-06-271-8/+14
|
* Ruby 1.9: fix invalid rack response in testJeremy Kemper2010-05-151-1/+1
|
* Fix parsing xml input by ActionDispatch::ParamsParserLawrence Pit2010-05-061-0/+13
| | | | | | [#4437 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Disable ShowExceptions during integration testsJoshua Peek2010-01-192-2/+2
|
* Use new routing dsl in testsJoshua Peek2009-12-081-1/+1
|
* Ruby 1.9: resolve constant lookup issuesJeremy Kemper2009-11-044-6/+6
|
* Start rewriting some internal tests to use the new routing dslJoshua Peek2009-10-204-4/+4
|
* Add custom "with_routing" to internal tests to fix reseting session after usingJoshua Peek2009-10-035-5/+0
| | | | with_routing. This only affects our internal AP tests.
* Reset session in integration tests after changing routes to reload the ↵Joshua Peek2009-08-275-0/+5
| | | | middleware stack
* Adding a call to logger from params_parser to give detailed debug ↵Jay Pignata2009-08-152-5/+40
| | | | | | | | information when invalid xml or json is posted [#2481 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Remove legacy processing and content_lengthYehuda Katz2009-08-021-2/+0
| | | | | | | | | | | * convert_content_type! is handled by assign_default_content_type_and_charset! * set_content_length! should be handled by the endpoint server. Otherwise each middleware that modifies the body has to do the expensive work of recalculating content_length. * convert_language! appears to be legacy. There are no tests for this * convert_cookies! should be handled by the new HeaderHash in Rack * Use an integer for .status's internal representation to avoid needing to do String manipulation just to find out the status
* Can't please them allJeremy Kemper2009-04-271-2/+1
|
* Sufficient to test that multipart/mixed wasn't parsed to a hashJeremy Kemper2009-04-271-1/+1
|
* Remove RewindableInput middleware since all input MUST be rewindable ↵Joshua Peek2009-04-252-99/+0
| | | | according to a recent change in the Rack 1.0 SPEC
* Remove vendored version of RackJoshua Peek2009-04-251-1/+1
|