aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch
Commit message (Collapse)AuthorAgeFilesLines
* Remove skipped JRuby tests that are passing on 9.0.3.0.Guo Xiang Tan2015-10-273-6/+0
|
* Tweaked wording used in some tests.Sebastian McKenzie2015-10-251-2/+2
|
* Catch invalid UTF-8 querystring values and respond with BadRequestGrey Baker2015-10-231-6/+10
|
* Show helpful messages on invalid param. encodingsAgis Anastasopoulos2015-10-191-0/+14
| | | | | | | | | | | | | | | | | | Prior to this change, given a route: # config/routes.rb get ':a' => "foo#bar" If one pointed to http://example.com/%BE (param `a` has invalid encoding), a `BadRequest` would be raised with the following non-informative message: ActionController::BadRequest From now on the message displayed is: Invalid parameter encoding: hi => "\xBE" Fixes #21923.
* Merge pull request #19135 from yuki24/access-control-supportJeremy Daer2015-10-131-8/+27
|\ | | | | | | Add basic support for access control headers to ActionDispatch::Static
| * Add the ability of returning arbitrary headers to ActionDispatch::StaticYuki Nishijima2015-06-131-8/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now ActionDispatch::Static can accept HTTP headers so that developers will have control of returning arbitrary headers like 'Access-Control-Allow-Origin' when a response is delivered. They can be configured through `#config.public_file_server.headers`: config.public_file_server.headers = { "Cache-Control" => "public, max-age=60", "Access-Control-Allow-Origin" => "http://rubyonrails.org" } Also deprecate `config.static_cache_control` in favor of `config.public_file_server.headers`.
* | Merge pull request #21849 from yui-knk/refactor_regexp_to_stringAndrew White2015-10-122-2/+13
|\ \ | | | | | | Change `Journey::Route#verb` to return string instead of regexp.
| * | Change `Journey::Route#verb` to return string instead of regexp.yui-knk2015-10-032-2/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | By [this commit](https://github.com/rails/rails/commit/0b476de445faf330c58255e2ec3eea0f3a7c1bfc) `Journey::Route#verb` need not to return verb as regexp. The returned value is used by inspector, so change it to be a string. Add inspect_with_multiple_verbs test case to keep the behavior of inspector correctly.
* | | Use `Mime[:foo]` instead of `Mime::Type[:FOO]` for back compatJeremy Daer2015-10-063-93/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rails 4.x and earlier didn't support `Mime::Type[:FOO]`, so libraries that support multiple Rails versions would've had to feature-detect whether to use `Mime::Type[:FOO]` or `Mime::FOO`. `Mime[:foo]` has been around for ages to look up registered MIME types by symbol / extension, though, so libraries and plugins can safely switch to that without breaking backward- or forward-compatibility. Note: `Mime::ALL` isn't a real MIME type and isn't registered for lookup by type or extension, so it's not available as `Mime[:all]`. We use it internally as a wildcard for `respond_to` negotiation. If you use this internal constant, continue to reference it with `Mime::ALL`. Ref. efc6dd550ee49e7e443f9d72785caa0f240def53
* | | move file sending to the response objectAaron Patterson2015-10-051-0/+2
| | | | | | | | | | | | | | | | | | | | | Just a slight refactor that delegates file sending to the response object. This gives us the advantage that if a webserver (in the future) provides a response object that knows how to do accelerated file serving, it can implement this method.
* | | Merge pull request #21848 from yui-knk/test_suppress_warningsSean Griffin2015-10-041-3/+2
|\ \ \ | | | | | | | | Suppress warnings of `assigned but unused variable`
| * | | Suppress warnings of `assigned but unused variable`yui-knk2015-10-031-3/+2
| |/ /
* / / Introduce `Headers#add`. Move `Response#add_header` upstream.Jeremy Daer2015-10-032-10/+28
|/ / | | | | | | | | | | | | * Introduce `ActionDispatch::Http::Headers#add` to add a value to a multivalued header. * Move `Response#add_header` upstream: https://github.com/rack/rack/pull/957 * Match upstream `Response#have_header?` -> `#has_header?` name change.
* | Response#add_header for adding to multi-valued headers like VaryJeremy Daer2015-10-011-0/+59
| |
* | Don't set a nil Set-Cookie header when there aren't any cookies. Omit the ↵Jeremy Daer2015-10-011-74/+93
| | | | | | | | header.
* | adding test for content type with default charsetGaurav Sharma2015-10-021-1/+11
| | | | | | | | | | * first test is for `default_charset` i.e `ActionDispatch::Response.default_charset = “utf-8”` * In below test we are passing `ActionDispatch::Response.default_charset = 'utf-16’` so name of the test is irrelevant — “read content type without charset”
* | Added test case for deprecation of Mime.const_defined? and removed use of it.Ronak Jangir2015-09-271-1/+5
| |
* | fix Mime type in doc since mime types via constants is deprecated [ci skip]Gaurav Sharma2015-09-261-3/+3
| |
* | stop applying default headers in ActionDispatch::ResponseAaron Patterson2015-09-231-3/+3
| | | | | | | | | | | | | | | | | | | | I'm making this change so that I can construct response objects that *don't* have the default headers applied. For example, I would like to construct a response object from the return value of a controller. If you need to construct a response object with the default headers, then please use the alternate constructor: `ActionDispatch::Response.create`
* | split cookie testsAaron Patterson2015-09-231-1/+6
| | | | | | | | these should really be multiple tests.
* | don't mutate a response object after to_aAaron Patterson2015-09-231-0/+2
| | | | | | | | | | | | When the response object is `to_a`'d, that means it's been written to the socket. It doesn't make sense to mutate the response object after it's been written (and this may raise an exception in the future).
* | remove html_types setAaron Patterson2015-09-211-1/+1
| | | | | | | | Now that `all` has it's own object, we don't need the html_types Set.
* | introduce an `All` mime typeAaron Patterson2015-09-211-2/+4
| | | | | | | | | | This class gives us the `all?` predicate method that returns true without hitting method missing
* | change inheritance to compositionAaron Patterson2015-09-211-2/+3
| | | | | | | | | | | | Changes `Mimes` to compose a set rather than inherit from array. With this change we don't need to define as many methods, so ISEQ memory is saved. Also it is clear which methods break the set cache.
* | stop calling deprecated methodsAaron Patterson2015-09-213-32/+32
| | | | | | | | | | We should be asking the mime type method for the mime objects rather than via const lookup
* | deprecate accessing mime types via constantsAaron Patterson2015-09-211-35/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't want to manage a list of constants on `Mime::`. Managing constants is strange because it will break method caches, not to mention looking up by a constant could cause troubles. For example suppose there is a top level constant `HTML`, but nobody registers the HTML mime type and someone accesses `Mime::HTML`. Instead of getting an error about how the mime type doesn't exist, instead you'll get the top level constant. So, instead of directly accessing the constants, change this: Mime::HTML To this: Mime::Type[:HTML]
* | ensure that mutating headers will impact the content_type methodAaron Patterson2015-09-081-0/+5
| |
* | ensure that content type defaults to text / html when setting charsetAaron Patterson2015-09-081-0/+7
| |
* | Make `config.force_ssl` less dangerous to try and easier to disableJeremy Daer2015-09-071-164/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SSL redirect: * Move `:host` and `:port` options within `redirect: { … }`. Deprecate. * Introduce `:status` and `:body` to customize the redirect response. The 301 permanent default makes it difficult to test the redirect and back out of it since browsers remember the 301. Test with a 302 or 307 instead, then switch to 301 once you're confident that all is well. HTTP Strict Transport Security (HSTS): * Shorter max-age. Shorten the default max-age from 1 year to 180 days, the low end for https://www.ssllabs.com/ssltest/ grading and greater than the 18-week minimum to qualify for browser preload lists. * Disabling HSTS. Setting `hsts: false` now sets `hsts: { expires: 0 }` instead of omitting the header. Omitting does nothing to disable HSTS since browsers hang on to your previous settings until they expire. Sending `{ hsts: { expires: 0 }}` flushes out old browser settings and actually disables HSTS: http://tools.ietf.org/html/rfc6797#section-6.1.1 * HSTS Preload. Introduce `preload: true` to set the `preload` flag, indicating that your site may be included in browser preload lists, including Chrome, Firefox, Safari, IE11, and Edge. Submit your site: https://hstspreload.appspot.com
* | Remove mocha from ActionPack testsMarcin Olichwirowicz2015-09-053-51/+76
| |
* | implement abstract store methodsAaron Patterson2015-09-042-3/+3
| | | | | | | | converts old ID methods to the new abstract store methods in Rack
* | Fix bug where cookies mutated by request were not persistedeileencodes2015-09-011-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With changes made in 8363b8 and ae29142 cookies that are mutated on the request like `cookies.signed = x` were not retained in subsequent tests, breaking cookie authentiation in controller tests. The test added demonstrates the issue. The reason we need to select from non-deleted cookies is because without checking the `@delete_cookies` the `cookie_jar` `@cookies` will send the wrong cookies to be updated. The code must check for `@deleted_cookies` before sending an `#update` with the requests cookie_jar cookies. This follows how the cookie_jar cookies from the request were updated before these changes.
* | Merge pull request #19788 from cmdrclueless/actionpack_http_url_ipv6Rafael Mendonça França2015-09-011-0/+45
|\ \ | | | | | | Fix broken IPv6 addresses handling
| * | Fix broken IPv6 addresses handlingBrian Weaver2015-04-161-0/+45
| | |
* | | Updating TestSession to access with indifferenceJeremy Friesen2015-08-261-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following Rails code failed (with a `KeyError` exception) under test: ```ruby class ApplicationController < ActionController::Base def user_strategy # At this point: # ```ruby # session == { # "user_strategy"=>"email", # "user_identifying_value"=>"hello@world.com" # } # ``` if session.key?(:user_strategy) session.fetch(:user_strategy) end end end ``` When I checked the session's keys (`session.keys`), I got an array of strings. If I accessed `session[:user_strategy]` I got the expected `'email'` value. However if I used `session.fetch(:user_strategy)` I got a `KeyError` exception. This appears to be a Rails 4.2.4 regression (as the code works under Rails 4.2.3). Closes #21383
* | | Merge pull request #21368 from rodzyn/remove_mochaKasper Timm Hansen2015-08-252-41/+25
|\ \ \ | | | | | | | | Get rid of mocha tests in actionpack - part 2
| * | | Get rid of mocha tests - part 2Marcin Olichwirowicz2015-08-252-41/+25
| | | |
* | | | Remove more unused block arguments amitkumarsuroliya2015-08-251-1/+1
| | | |
* | | | Remove unused block argumentsAnshul Sharma2015-08-251-1/+1
|/ / /
* | | Merge pull request #21321 from rodzyn/removing_mochaKasper Timm Hansen2015-08-245-26/+27
|\ \ \ | | | | | | | | Get rid of mocha tests in actionpack - part 1
| * | | Get rid of mocha tests - part 1Marcin Olichwirowicz2015-08-245-26/+27
| | | |
* | | | use a request object in the session middlewareAaron Patterson2015-08-222-22/+24
|/ / / | | | | | | | | | | | | This commit allows us to use one request object rather than allocating multiple request objects to deal with the session.
* | | pass a request object to the headers objectAaron Patterson2015-08-211-1/+1
| | |
* | | move header allocation to a helper methodAaron Patterson2015-08-211-5/+9
| | | | | | | | | | | | | | | I'm going to change the constructor, so it's easier to do it in one place.
* | | point at rack masterAaron Patterson2015-08-201-1/+1
| | |
* | | make the routes reader privateAaron Patterson2015-08-181-1/+1
| | | | | | | | | | | | | | | nobody should be touching the routes hash without going through the NamedRouteCollection object.
* | | routes are always constructed with a hash for the conditionsAaron Patterson2015-08-171-2/+2
| | |
* | | pass pass the mapping object down the add_route stackAaron Patterson2015-08-141-1/+1
| | | | | | | | | | | | | | | then we can let the mapping object derive stuff that the Route object needs.
* | | pass the mapping object to build_routeAaron Patterson2015-08-141-16/+5
| | | | | | | | | | | | | | | now that we aren't doing options manipulations, we can just pass the mapping object down and read values from it.
* | | deprecate passing a string for both the beginning path and :path optionAaron Patterson2015-08-141-1/+4
| | |