| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Add the possibility to only filter parameters based on
their full path instead of relying on the immediate key.
config.filter_parameters += ['credit_card.code']
{ 'credit_card' => { 'code' => '[FILTERED]' },
'source' => { 'code' => '<%= puts 5 %>' } }
|
| |
|
|
|
|
|
| |
setup as block run before setup actlually runs so it will fail for our
case
|
|
|
|
| |
Closes #18933.
|
|
|
|
|
|
| |
Previously, an empty X_FORWARDED_HOST header would cause
Actiondispatch::Http:URL.raw_host_with_port to return nil, causing
Actiondispatch::Http:URL.host to raise a NoMethodError.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current implementation of `variants=` don't allow a resetting to nil, wich is the default value.
This results in the following code smell:
```ruby
case request.user_agent
when /iPhone/
request.variants = :phone
when /iPad/
request.variants = :ipad
end
```
With the ability to reset variants to nil, it could be:
```ruby
request.variants = case request.user_agent
when /iPhone/
:phone
when /iPad/
:ipad
end
```
|
| |
|
|
|
|
|
|
|
|
| |
Request#check_method would use to_sentence(locale: :en), which breaks when
I18n.available_locales does not include :en and
I18n.enforce_available_locales is true (default).
Inlined to_sentence functionality to solve this.
|
|
|
|
|
|
|
|
| |
As of rack/rack@167b6480235ff00ed5f355698bf00ec2f250f72e, Rack raises
Rack::Utils::ParameterTypeError which inherits TypeError.
In terms of the behavior, Rescuing TypeError still works but this
method shouldn't rescue if TypeError is raised for other reasons.
|
|
|
|
|
|
|
|
| |
Follow up to rails#15321
Instead of duplicating the routes, we will first match the HEAD request to
HEAD routes. If no match is found, we will then map the HEAD request to
GET routes.
|
|
|
|
| |
Related with #11795.
|
| |
|
|\
| |
| | |
Fixes to request method test.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Since we're stubbing the request, the test is actually just asserting
that `@method = env['REQUEST_METHOD']`. In order to the test against
the methodoverride middleware, we should test it against an actual
request. However, Rack is already covering this scenario so we can
remove this test.
|
| |
| |
| |
| |
| | |
There is already another test covering Request#request_method. This
test should cover Request#method.
|
| | |
|
| |
| |
| |
| |
| | |
The current test is asserting against an outdated version of
Request#method where HEAD requests are treated as GET requests.
|
| |
| |
| |
| |
| |
| |
| | |
Also cleanup test a bit
[related #14886]
[related #14743]
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The entire 127.0.0.0/8 range is assigned to the loopback address, not
only 127.0.0.0/24. This patch allows ActionDispatch::Request::LOCALHOST
to match any IPv4 127.0.0.0/8 loopback address.
The only place that the #local? method was previously under test was
in the show_expectations_test.rb file. I don't particularly like that
that's implicitly where this code is under test, and I feel like I
should move some of that testing code into the
test/dispatch/request_test.rb file, but I wanted some feedback first.
Credit goes to @sriedel for discovering the issue and adding the
patch.
|
|\ \
| |/
|/| |
This updates rails to use edge rack
|
| |
| |
| |
| |
| |
| |
| |
| | |
As Rack has some non backwards compatible changes added required
modifications to keep behaviour in rails close to same as before.
Also modified generators to include rack/rack for not yet released
version of rack
|
| | |
|
|/ |
|
|\
| |
| |
| |
| |
| |
| | |
Make remote_ip detection properly handle private IPv6 addresses
Conflicts:
actionpack/CHANGELOG.md
|
| |
| |
| |
| | |
Fixes #12638.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow setting `request.variant` as an array - an order in which they will be
rendered.
For example:
request.variant = [:tablet, :phone]
respond_to do |format|
format.html.none
format.html.phone # this gets rendered
end
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
By default, variants in the templates will be picked up if a variant is set
and there's a match. The format will be:
app/views/projects/show.html.erb
app/views/projects/show.html+tablet.erb
app/views/projects/show.html+phone.erb
If request.variant = :tablet is set, we'll automatically be rendering the
html+tablet template.
In the controller, we can also tailer to the variants with this syntax:
class ProjectsController < ActionController::Base
def show
respond_to do |format|
format.html do |html|
@stars = @project.stars
html.tablet { @notifications = @project.notifications }
html.phone { @chat_heads = @project.chat_heads }
end
format.js
format.atom
end
end
end
The variant itself is nil by default, but can be set in before filters, like
so:
class ApplicationController < ActionController::Base
before_action do
if request.user_agent =~ /iPad/
request.variant = :tablet
end
end
end
This is modeled loosely on custom mime types, but it's specifically not
intended to be used together. If you're going to make a custom mime type,
you don't need a variant. Variants are for variations on a single mime
types.
|
|/
|
|
| |
See #10780
|
|
|
|
|
|
| |
Fix ActionDispatch::Request#formats on xhr requests when HTTP_ACCEPT
header is empty string. About issue #7774, same fix as in commit bebb02f
but for xhr requests.
|
|\
| |
| | |
replace regexp global in #url_for
|
| | |
|
|/ |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Proxy servers add X-Forwarded-For headers, resulting in a list of IPs. We
remove trusted IP values, and then take the last given value, assuming that
it is the most likely to be the correct, unfaked value. See [1] for a very
thorough discussion of why that is the best option we have at the moment.
[1]: http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection/
Fixes #7979
|
|
|
|
|
|
|
|
|
|
| |
If a request has an unknown format, the methods html?, xml?, json? ...etc
not raise an Exception.
This patch add a class Mime::NullType, that is returned when request.format is unknown
and it responds false to the methods that ends with '?' and true to 'nil?'.
It refers to #7837, this issue is considered a improvement not a bug.
|
|
|
|
|
|
|
|
|
| |
If env['RAW_POST_DATA'] is nil, #raw_post will attempt to set it to
the result of #body (which will return env['rack.input'] if
env['RAW_POST_DATA'] is nil). #raw_post will then attempt to rewind
the result of another call to #body. Since env['RAW_POST_DATA'] has
already been set, the result of #body is not env['rack.input'] anymore.
This causes env['rack.input'] to never be rewound.
|
|
|
|
| |
Merge url for tests and add changelog entry for #8233.
|
|
|
|
|
|
| |
With a "params" argument, the following error is raised:
undefined method `reject!` for "":String
|
| |
|
|
|
|
| |
This reverts commit a8560fa361958b33d76e4468eb5c07d82a20196e.
|
|
|
|
|
|
|
|
|
|
| |
If a unknown format is passed in a request, the methods html?, xml?, json? ...etc
Nil Exception.
This patch add a class NullMimeTypeObject, that is returned when request.format is unknown
and it responds false to the methods that ends with '?'.
It refers to #7837, not fixes because it's not considered a improvement not a bug.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This is a rebased version of #2520.
Conflicts:
actionpack/test/dispatch/request_test.rb
|
|
|
|
| |
Closes #7110 there's more work to do on rack-cache issue 69
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently Rack raises a TypeError when it encounters a malformed or
ambiguous hash like `foo[]=bar&foo[4]=bar`. Rather than pass this
through to the application this commit captures the exception and
re-raises it using a new ActionController::BadRequest exception.
The new ActionController::BadRequest exception returns a 400 error
instead of the 500 error that would've been returned by the original
TypeError. This allows exception notification libraries to ignore
these errors if so desired.
Closes #3051
|
|
|
|
| |
tests.
|