aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch/request_test.rb
Commit message (Collapse)AuthorAgeFilesLines
...
* Restore original remote_ip algorithm.Andre Arko2013-01-021-58/+44
| | | | | | | | | | | Proxy servers add X-Forwarded-For headers, resulting in a list of IPs. We remove trusted IP values, and then take the last given value, assuming that it is the most likely to be the correct, unfaked value. See [1] for a very thorough discussion of why that is the best option we have at the moment. [1]: http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection/ Fixes #7979
* return Mime::NullType if format is unknownAngelo Capilleri2012-12-221-1/+10
| | | | | | | | | | If a request has an unknown format, the methods html?, xml?, json? ...etc not raise an Exception. This patch add a class Mime::NullType, that is returned when request.format is unknown and it responds false to the methods that ends with '?' and true to 'nil?'. It refers to #7837, this issue is considered a improvement not a bug.
* Fix rewinding in ActionDispatch::Request#raw_postMatt Venables2012-12-111-0/+7
| | | | | | | | | If env['RAW_POST_DATA'] is nil, #raw_post will attempt to set it to the result of #body (which will return env['rack.input'] if env['RAW_POST_DATA'] is nil). #raw_post will then attempt to rewind the result of another call to #body. Since env['RAW_POST_DATA'] has already been set, the result of #body is not env['rack.input'] anymore. This causes env['rack.input'] to never be rewound.
* Correct the use of params options when given to url_forCarlos Antonio da Silva2012-11-191-9/+3
| | | | Merge url for tests and add changelog entry for #8233.
* Fix issue with params in url_fortumayun2012-11-191-0/+8
| | | | | | With a "params" argument, the following error is raised: undefined method `reject!` for "":String
* Refactor request tests, remove #with_set methodCarlos Antonio da Silva2012-11-191-8/+3
|
* Revert "if format is unknown NullMimeTypeObject is returned"Guillermo Iguaran2012-10-311-11/+1
| | | | This reverts commit a8560fa361958b33d76e4468eb5c07d82a20196e.
* if format is unknown NullMimeTypeObject is returnedAngelo capilleri2012-10-311-1/+11
| | | | | | | | | | If a unknown format is passed in a request, the methods html?, xml?, json? ...etc Nil Exception. This patch add a class NullMimeTypeObject, that is returned when request.format is unknown and it responds false to the methods that ends with '?'. It refers to #7837, not fixes because it's not considered a improvement not a bug.
* give access to the original exception raised in case of a parse errorAaron Patterson2012-10-251-0/+14
|
* do not lose backtrace information from the raised exceptionAaron Patterson2012-10-251-4/+5
|
* Support for multiple etags in an If-None-Match headerTravis Warlick2012-09-151-0/+39
| | | | | | | | This is a rebased version of #2520. Conflicts: actionpack/test/dispatch/request_test.rb
* Remove ActionDispatch::Head middleware in favor of Rack::HeadSantiago Pastorino2012-07-231-8/+0
| | | | Closes #7110 there's more work to do on rack-cache issue 69
* Raise ActionController::BadRequest for malformed parameter hashes.Andrew White2012-05-201-1/+1
| | | | | | | | | | | | | | Currently Rack raises a TypeError when it encounters a malformed or ambiguous hash like `foo[]=bar&foo[4]=bar`. Rather than pass this through to the application this commit captures the exception and re-raises it using a new ActionController::BadRequest exception. The new ActionController::BadRequest exception returns a 400 error instead of the 500 error that would've been returned by the original TypeError. This allows exception notification libraries to ignore these errors if so desired. Closes #3051
* Valid ips v4 and v6. Right logic for working with X-FORWARDED-FOR header and ↵Alexey Gaziev2012-04-251-20/+114
| | | | tests.
* Add config.default_method_for_update to support PATCHDavid Lee2012-02-221-4/+11
| | | | | | | | | | | | | | | | PATCH is the correct HTML verb to map to the #update action. The semantics for PATCH allows for partial updates, whereas PUT requires a complete replacement. Changes: * adds config.default_method_for_update you can set to :patch * optionally use PATCH instead of PUT in resource routes and forms * adds the #patch verb to routes to detect PATCH requests * adds #patch? to Request * changes documentation and comments to indicate support for PATCH This change maintains complete backwards compatibility by keeping :put as the default for config.default_method_for_update.
* Fix failing request testCarlos Antonio da Silva2012-02-071-1/+1
| | | | | | | | Latest changes in remote ip handling conflicted with each other in tests. Related: dd09811fa6214a130fdc2de1d4c00b4337cb15f9 6a720226aad2adffcbd2422d40db772719579e2f
* Merge pull request #2490 from gsterndale/x_forwarded_for_orderJosé Valim2012-02-071-4/+4
|\ | | | | The first IP address in the X-Forwarded-For header is the originating IP
| * The first IP address in the X-Forwarded-For header is the originating IPGreg Sterndale2012-02-071-4/+4
| |
* | Trusted proxies is replaced with a Regexp or appended to with a StringGreg Sterndale2012-02-071-2/+13
|/
* Add original_fullpath and original_url methods to RequestPiotr Sarnacki2011-12-211-0/+24
|
* add test for bug fixed in 4f2bf64Andre Arko2011-11-141-0/+5
|
* change tests to expect X-F-F over REMOTE_ADDRAndre Arko2011-11-131-2/+2
|
* :subdomain can now be specified with a value of false in url_for, allowing ↵Kamil Sobieraj2011-10-041-0/+1
| | | | for subdomain(s) removal from the host during link generation. Closes #2025
* Check Accept and Content-Type headers before evaluating them in xhr ↵ogeidix2011-07-191-0/+6
| | | | | | requests. Closes #2119 An xhr request must have an "Accept" or "Content-type" header in order to be considered a request with valid_accept_header.
* Logs should show overridden method; Issue 426David Lee2011-05-071-0/+7
|
* Fix .subdomain regression.José Valim2011-05-041-0/+9
|
* Koz asked to test something crazy.José Valim2011-05-021-0/+12
|
* Add ignore_accept_header config to AD::Request.José Valim2011-05-021-0/+22
|
* Filter sensitive query string parameters in the log [#6244 state:committed]Prem Sichanugrist & Xavier Noria2011-03-111-0/+38
| | | | | | This provides more safety to applications that put secret information in the query string, such as API keys or SSO tokens. Signed-off-by: Xavier Noria <fxn@hashref.com>
* cleaning up some warnings on 1.9.3Aaron Patterson2011-02-071-1/+1
|
* The redirect routing method now allows for a hash of options which only ↵Josh Kalderimis2010-11-301-0/+25
| | | | changes the relevant parts of the url, or an object which responds to call can be supplied so common redirect rules can be easily reused. This commit includes a change where url generation from parts has been moved to AD::Http::URL as a class method.
* port_string bought back to life as it is part of the public apiJosh Kalderimis2010-11-241-1/+9
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* :subdomain, :domain and :tld_length options can now be used in url_for, ↵Josh Kalderimis2010-11-231-3/+3
| | | | | | allowing for easy manipulation of the host during link generation. Signed-off-by: José Valim <jose.valim@gmail.com>
* Brought the domain method in AD http url inline with subdomain where ↵Josh Kalderimis2010-11-161-0/+3
| | | | @@tld_length is used by default. Also set the default value of @@tld_length to 1.
* make sure request parameters are accessible after rack throws an exception ↵Miles Egan2010-10-121-0/+12
| | | | | | parsing the query string [#3030 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
* Initialize @trusted_proxies.Emilio Tagua2010-09-281-0/+1
|
* Use parentheses when using assert_match followed by a regexp to avoid warnings.Emilio Tagua2010-09-271-3/+3
|
* Add configuration option for tld lengthSimon Jefford2010-09-091-0/+5
|
* Revert "Setup explicit requires for files with exceptions. Removed them from ↵José Valim2010-09-021-1/+0
| | | | | | | | autoloading." Booting a new Rails application does not work after this commit [#5359 state:open] This reverts commit 38a421b34d0b414564e919f67d339fac067a56e6.
* Setup explicit requires for files with exceptions. Removed them from ↵Łukasz Strzałkowski2010-09-021-0/+1
| | | | | | autoloading. Signed-off-by: José Valim <jose.valim@gmail.com>
* Don't add the standard https port when using redirect in routes.rb and ↵Andrew White2010-08-201-0/+36
| | | | | | | | ensure that request.scheme returns https when using a reverse proxy. [#5408 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
* Deletes trailing whitespaces (over text files only find * -type f -exec sed ↵Santiago Pastorino2010-08-141-1/+1
| | | | 's/[ \t]*$//' -i {} \;)
* Extract ParameterFilter class from FilterParameters mixinBryan Helmkamp2010-07-191-4/+4
| | | | Signed-off-by: wycats <wycats@gmail.com>
* * Change the object used in routing constraints to be an instance ofwycats2010-04-031-6/+14
| | | | | | | | | | | ActionDispatch::Request rather than Rack::Request. * Changed ActionDispatch::Request#method to return a String, to be compatible with the Rack::Request superclass. * Changed ActionDispatch::Request#method to return the original method in the case of methodoverride and #request_method not to, to be compatible with Rack::Request
* Request#content_type exists in Rack::Request, and other parts of ↵wycats2010-03-281-4/+4
| | | | | | Rack::Request expect it to return a String. Split the Rails API so that Request#content_type returns a String, and Request#content_mime_type returns a Mime::Type object.
* Deprecate IP spoofing settings that are directly on the controller in favor ↵Carlhuda2010-03-031-2/+0
| | | | of configuring a middleware
* Move remote_ip to a middleware:Carlhuda2010-03-031-5/+7
| | | | | * ActionController::Base.ip_spoofing_check deprecated => config.action_dispatch.ip_spoofing_check * ActionController::Base.trusted_proxies deprecated => config.action_dispatch.trusted_proxies
* ActionController::Base.use_accept_header is not actually used anymore, so ↵Carl Lerche2010-03-031-7/+0
| | | | let's deprecate it.
* ActionDispatch::Request deprecates #request_uriCarl Lerche2010-03-031-15/+15
| | | | * Refactored ActionPatch to use fullpath instead
* Tweak the semantic of various URL related methods of ActionDispatch::RequestCarlhuda2010-03-031-78/+8
|