| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
|
| |
Currently a misleading "missing required keys" error is thrown when a param
fails to match the constraints of a particular route. This commit ensures that
these params are recognised as unmatching rather than missing.
Note: this means that a different error message will be provided between
optimized and non-optimized path helpers, due to the fact that the former does
not check constraints when matching routes.
Fixes #26470.
|
|\
| |
| | |
Fix memoization bug on ActionDispatch::TestRequest#request_method=
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
TestRequest have been overrriding request_method setter since 2009,
but the actual implementation in Request (not TestRequest) has been
changed since that. Now it's also using @request_method instance
variable to keep the state.
The override in TestRequest have not been calling `super`, which caused
a bug that after accessing #requst_method the value was memoized and
then we've never been able to change it anymore:
```
req = ActionDispatch::TestRequest.create
puts "was: #{req.request_method}" # memoized here
req.request_method = "POST"
puts "became: #{req.request_method}"
```
output:
```
was: GET
became: GET
```
Since the whole purpose of overriding the setter in TestRequest is to
upcase it, I'm changing it to `super(method.to_s.upcase)`
|
|/
|
|
|
|
| |
assert [1, 3].includes?(2) fails with unhelpful "Asserting failed" message
assert_includes [1, 3], 2 fails with "Expected [1, 3] to include 2" which makes it easier to debug and more obvious what went wrong
|
|
|
|
|
|
|
|
|
| |
This removes the following warning.
```
./test/dispatch/routing_test.rb:3696: warning: method redefined; discarding old test_namespaced_roots
./test/dispatch/routing_test.rb:1632: warning: previous definition of test_namespaced_roots was here
```
|
| |
|
|
|
|
| |
key length
|
|
|
|
|
|
|
|
|
| |
Since keys are truncated, ruby 2.4 doesn't accept keys greater than their lenghts.
keys of same value but different lenght and greater than key size of cipher, produce the same results
as reproduced at https://gist.github.com/rhenium/b81355fe816dcfae459cc5eadfc4f6f9
Since our default cipher is 'aes-256-cbc', key length for which is 32 bytes, limit the length of key being passed to Encryptor to 32 bytes.
This continues to support backwards compat with any existing signed data, already encrupted and signed with 32+ byte keys.
Also fixes the passing of this value in multiple tests.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PR #20940 enabled the use of multiple roots with different constraints
at the top level but unfortunately didn't work when those roots were inside
a namespace and also broke the use of root inside a namespace after a top
level root was defined because the check for the existence of the named route
used the global :root name and not the namespaced name.
This is fixed by using the name_for_action method to expand the :root name to
the full namespaced name. We can pass nil for the second argument as we're not
dealing with resource definitions so don't need to handle the cases for edit
and new routes.
Fixes #26148.
|
|
|
|
|
|
| |
It should not throw a NameError, but should throw a KeyError.
Fixes #26278
|
|\
| |
| |
| |
| | |
samphippen/allow-early-setting-of-integration-session
Allow the `integration_sesion` to be set early on ActionDispatch::Integration::Runner.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
ActionDispatch::Integration::Runner.
In commit fa63448420d3385dbd043aca22dba973b45b8bb2, @tenderlove changed
the behaviour of the way `integration_session` is set up in this object.
It used to be the case that the first time it was accessed, it was
memoized with nil, however, this means that if it had already been set
it was not replaced. After that commit, it is now always set to `nil` in
the execution of `before_setup`.
In RSpec, users are able to invoke `host!` in `before(:all)` blocks,
which execute well before `before_setup` is ever invoked (which happens
in what is equivalent to a `before(:each)` block, for each test. `host!`
causes the integration session to be set up to correctly change the
host, but after fa63448420d3385dbd043aca22dba973b45b8bb2 the
`integration_session` gets overwritten, meaning that users lose their
`host!` configuration (see https://github.com/rspec/rspec-rails/issues/1662).
This commit changes the behaviour back to memoizing with `nil`, as
opposed to directly overwriting with `nil`. This causes the correct
behaviour to occur in RSpec, and unless I'm mistaken will also ensure
that users who want to modify their integration sessions early in rails
will also be able to do so.
|
|/
|
|
|
|
|
|
|
|
|
| |
When `config.force_ssl` is set to `true`, any POST/PUT/DELETE requests coming in to non-secure url are being redirected with a 301 status.
However, when that happens, the request is converted to a GET request and ends up hitting a different action on the controller.
Since we can not do non-GET redirects, we can instead redirect with a 307 status code instead to indicate to the caller that a fresh request should be tried preserving the original request method.
`rack-ssl` gem which was used to achieve this before we had this middleware directly baked into Rails also used to do the same, ref: https://github.com/josh/rack-ssl/blob/master/lib/rack/ssl.rb#L54
This would be specially important for any apps switching from older version of Rails or apps which expose an API through Rails.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since e852daa6976cc6b6b28ad0c80a188c06e226df3c only the verb methods
where extracting the defaults options. It was merged a fix for the
`root` method in 31fbbb7faccba25b2e3b5e10b8fca1468579d629 but `match`
was still broken since `:defaults` where not extracted.
This was causing routes defined using `match` and having the `:defaults`
keys to not be recognized.
To fix this it was extracted a new private method with the actual
content of `match` and the `:defaults` extracting was moved to `match`.
|
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|\
| |
| |
| | |
Fix keyed defaults with root
|
|/
|
|
|
|
|
|
|
| |
The merging of the 'defaults' option was moved up the stack in e852daa
This allows us to see where these options originate from the standard
HttpHelpers (get, post, patch, put, delete)
Unfortunately this move didn't incorporate the 'root' method, which has
always allowed the same 'defaults' option before.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For those tests that use start we don't need to assert the actual order
of mime types that are returned.
This happen because this order is more about the order the mime type was
registered than the order that it is expected to it resolve.
We need to sort because we remove the json mime type in
json_params_parsing_test and add it to the end of the mime types set so
if that file runs before those tests we will have a failing test.
[Rafael Mendonça França + Lucas Hosseini]
|
|
|
|
|
|
|
|
| |
Check for any non-UTF8 characters in path parameters at the point they're
set in `env`. Previously they were checked for when used to get a controller
class, but this meant routes that went directly to a Rack app, or skipped
controller instantiation for some other reason, had to defend against
non-UTF8 characters themselves.
|
|\
| |
| |
| |
| | |
greysteil/dont-raise-unknown-http-method-low-in-stack
Don't raise ActionController::UnknownHttpMethod from ActionDispatch::Static
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The `ActionDispatch::Static` middleware is used low down in the stack to serve
static assets before doing much processing. Since it's called from so low in
the stack, we don't have access to the request ID at this point, and generally
won't have any exception handling defined (by default `ShowExceptions` is added
to the stack quite a bit higher and relies on logging and request ID).
Before https://github.com/rails/rails/commit/8f27d6036a2ddc3cb7a7ad98afa2666ec163c2c3
this middleware would ignore unknown HTTP methods, and an exception about these
would be raised higher in the stack. After that commit, however, that exception
will be raised here.
If we want to keep `ActionDispatch::Static` so low in the stack (I think we do)
we should suppress the `ActionController::UnknownHttpMethod` exception here,
and instead let it be raised higher up the stack, once we've had a chance to
define exception handling behaviour.
This PR updates `ActionDispatch::Static` so it passes `Rack::Request` objects to
`ActionDispatch::FileHandler`, which won't raise an
`ActionController::UnknownHttpMethod` error. If an unknown method is
passed, it should exception higher in the stack instead, once we've had a
chance to define exception handling behaviour.`
|
|\ \
| |/
|/| |
Let TestResponse assign a parser.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously we'd only assign a response parser when a request came through
Action Dispatch integration tests. This made calls to `parsed_body` when a TestResponse
was manually instantiated — though own doing or perhaps from a framework — unintentionally
blow up because no parser was set at that time.
The response can lookup a parser entirely through its own ivars. Extract request encoder to
its own file and assume that a viable content type is present at TestResponse instantiation.
Since the default response parser is a no-op, making `parsed_body` equal to `body`, no
exceptions will be thrown.
|
|/
|
|
|
|
|
|
|
|
|
|
| |
Rack [recently](https://github.com/rack/rack/commit/7e7a3890449b5cf5b86929c79373506e5f1909fb)
moved the namespace of its `ParameterTypeError` and `InvalidParameterError`
errors. Whilst an alias for the old name was added, the logic in
`ActionDispatch::ExceptionWrapper` was still broken by this change, since it
relies on the class name.
This PR updates `ActionDispatch::ExceptionWrapper` to handle the Rack 2.0
namespaced errors correctly. We no longer need to worry about the old names,
since Rails specifies Rack ~> 2.0.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In response_test.rb, we haven't had a test to make sure that
1) these responses don't have a message-body as described in RFC7231[1]
2) 1xx and 204 responses must not have a Content-Length header field
as described in RFC7230-section3.3.2[2]
[1] https://tools.ietf.org/html/rfc7231
[2] https://tools.ietf.org/html/rfc7230#section-3.3.2
Even though our implementation doesn't allow users to send
a Content-Length header field in a 304 response, sending the
header field is valid as mentioned in RFC7230-section3.3.2[2].
So I've decided not to test whether or not a 304 response has
the header.
The citation from the section is as follows;
```
A server MAY send a Content-Length header field in a 304 (Not
Modified) response to a conditional GET request (Section 4.1 of
[RFC7232]); a server MUST NOT send Content-Length in such a response
unless its field-value equals the decimal number of octets that would
have been sent in the payload body of a 200 (OK) response to the same
request.
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Rails 4 these kind of routes used to work:
```ruby
scope '/*id', controller: :builds, as: :build do
get action: :show
end
```
But since 1a830cbd830c7f80936dff7e3c8b26f60dcc371d, routes are only created for
paths specified as strings or symbols. Implicit `nil` paths are just ignored,
with no deprecation warnings or errors. Routes are simply not created. This come
as a surprise for people migrating to Rails 5, since the lack of logs or errors
makes hard to understand where the problem is.
This commit introduces a deprecation warning in case of path as `nil`, while
still allowing the route definition.
|
| |
|
|
|
|
|
|
| |
Fixes #25488
97d7dc4 introduced a regression that resulted in ArgumentError when to
was in options of the scope and not of particular route.
|
|\
| |
| | |
Modifies mime-registration test not to interfere with real mime types
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The tests introduced in
https://github.com/rails/rails/pull/23816/files#diff-384a5a15d8d53de799fb6541688ea5f9R153
register the JSON API media type `application/vnd.api+json` with
`Mime[:json]`. The JSON API media type should not be registered
with `Mime[:json]`, as discussed in #23712. Moreover,
since the actual mime type used in the test is
incidental, I've changed this to a valid, but fictional
`applcation/vnd.rails+json`.
These tests were causing failures in
https://github.com/rails/rails/pull/25050#issuecomment-221092934 where
`Mime[:jsonapi]` is being added, so that JSON API request params are parsed
with the JSONAPI gem.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Forgotten followup to #23669 :grimacing:
If you went to an internal route (e.g. `/rails/info/routes`), you would
previously see the following in your logger:
```bash
Processing by Rails::InfoController#routes as HTML
Parameters: {"internal"=>true}
Rendering /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application
Rendered collection of /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_route.html.erb [2 times] (10.5ms)
Rendered /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb (2.5ms)
Rendered /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application (23.5ms)
Completed 200 OK in 50ms (Views: 35.1ms | ActiveRecord: 0.0ms)
```
Now, with this change, you would see:
```bash
Processing by Rails::InfoController#routes as HTML
Rendering /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application
Rendered collection of /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_route.html.erb [2 times] (1.6ms)
Rendered /Users/jon/code/rails/rails/actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb (10.2ms)
Rendered /Users/jon/code/rails/rails/railties/lib/rails/templates/rails/info/routes.html.erb within layouts/application (17.4ms)
Completed 200 OK in 44ms (Views: 28.0ms | ActiveRecord: 0.0ms)
```
|
|\ \
| | |
| | | |
fix typo [ci skip]
|
| |/ |
|
|/
|
|
|
| |
- Remove dead classes / dead code
- Move class definitions to where they are used, don't define in a
shared space
|
| |
|
|\
| |
| | |
Improve documentation and tests for raw_host_with_port and host_with_…
|
| | |
|
|\ \
| | |
| | | |
API only apps: Preserve request format for HTML requests too
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Earlier we were responding with JSON format for HTML requests in a API
app.
- Now we will respond with HTML format for such requests in API apps.
- Also earlier we were not testing the API app's JSON requests
properly. We were actually sending HTML requests. Now we send correct
JSON requests. Also added more test coverage.
- Based on the discussion from this commit -
https://github.com/rails/rails/commit/05d89410bf97d0778e78558db3c9fed275f8a614.
[Prathamesh Sonpatki, Jorge Bejar]
|
|\ \ \
| | | |
| | | | |
BoomerAPI is not used anywhere, so removed it!
|
| |/ /
| | |
| | |
| | |
| | | |
- It was originally added in 83b4e9073f0852afc065 and partially
removed in 05d89410bf97d0778e7.
|
|\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | | |
rthbound/dont-call-each-when-calling-body-on-response
Dont call each when calling body on response to fix #23964
Fixes #23964
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Adds #each_chunk to ActionDispatch::Response. it's a method which
will be called by ActionDispatch::Response#each.
- Make Response#each a proper method instead of delegating to @stream
- In Live, instead of overriding #each, override #each_chunk.
- `#each` should just spit out @str_body if it's already set
- Adds #test_set_header_after_read_body_during_action
to prove this fixes #23964
- Adds #test_each_isnt_called_if_str_body_is_written to
ensure #each_chunk is not called when @str_body is available
- Call `@response.sent!` in AC::TestCase's #perform so a test response
acts a bit more like a real response. Makes test that call `#assert_stream_closed`
pass again.
- Additionally assert `#committed?` in `#assert_stream_closed`
- Make test that was calling @response.stream.each pass again by
calling @response.each instead.
|