aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch
Commit message (Collapse)AuthorAgeFilesLines
...
* | | Deep Munge the parameters for GET and POSTMichael Koziarski2013-12-021-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | The previous implementation of this functionality could be accidentally subverted by instantiating a raw Rack::Request before the first Rails::Request was constructed. Fixes CVE-2013-6417
* | | Merge pull request #12123 from aredondo/masterCarlos Antonio da Silva2013-12-021-0/+8
|\ \ \ | | | | | | | | | | | | | | | | Add regression test for IpSpoofAttackError issue Closes #10780
| * | | Add regression test for IpSpoofAttackError issueAlvaro Redondo2013-09-031-0/+8
| | | | | | | | | | | | | | | | See #10780
* | | | Try to escape each part of a path redirect route correctlyAndrew White2013-12-021-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A path redirect may contain any and all parts of a url which have different escaping rules for each part. This commit tries to escape each part correctly by splitting the string into three chunks - path (which may also include a host), query and fragment; then it applies the correct escape pattern to each part. Whilst using `URI.parse` would be better, unfortunately the possible presence of %{name} parameters in the path redirect string prevents us from using it so we have to use a regular expression instead. Fixes #13110.
* | | | Build fix for Routing InspectorArun Agrawal2013-11-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Broken by 6701b4cf41f6f3d9cfc6a93715acbf852d1e468e
* | | | Fix for routes taskSıtkı Bağdat2013-11-211-16/+16
| | | | | | | | | | | | | | | | This commit fixes formatting issue for `rake routes` task, when a section is shorter than a header.
* | | | `skiping` => `skipping`Kuldeep Aggarwal2013-11-191-1/+1
| | | |
* | | | Skip test which is broken on jrubyGaurish Sharma2013-11-091-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | This test is broken from quite a while & is expected to remain broken as encoding issues are hardest to fix in JRuby. so lets skip this test for now
* | | | Revert "Merge pull request #9660 from ↵Guillermo Iguaran2013-11-021-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | sebasoga/change_strong_parameters_require_behaviour" This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90. See: https://github.com/rails/rails/pull/9660#issuecomment-27627493
* | | | Merge pull request #9660 from ↵Guillermo Iguaran2013-11-011-0/+6
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | sebasoga/change_strong_parameters_require_behaviour Change ActionController::Parameters#require behavior when value is empty
| * | | | Change ActionController::Parameters#require behavior when value is emptySebastian Sogamoso2013-03-111-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading. With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty.
* | | | | session#fetch doesn't behave exactly like Hash#fetch.Damien Mathieu2013-10-301-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mention it in the changelog and add a test checking for regressions. Hash#fetch isn't adding the defaultly returned value. However, in the session, saving it is the behavior we should expect. See discussion in #12692
* | | | | add the fetch method to sessionsDamien Mathieu2013-10-291-0/+13
| |_|/ / |/| | |
* | | | Respect `SCRIPT_NAME` when using `redirect` with a relative pathAndrew White2013-10-101-0/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Example: # application routes.rb mount BlogEngine => '/blog' # engine routes.rb get '/admin' => redirect('admin/dashboard') This now redirects to the path `/blog/admin/dashboard`, whereas before it would've generated an invalid url because there would be no slash between the host name and the path. It also allows redirects to work where the application is deployed to a subdirectory of a website. Fixes #7977
* | | | add test_scoped_root_as_nameSam Ruby2013-09-241-0/+13
| |/ / |/| | | | | | | | test for regression introduced by https://github.com/rails/rails/pull/9155
* | | Merge pull request #11912 from jonkessler/respond-to-signature-fixesRafael Mendonça França2013-08-311-0/+5
|\ \ \ | | | | | | | | Update Rails::Railtie::Configuration and ActionDispatch::Response#respond_to? to accept include_private argument
| * | | update Rails::Railtie::Configuration and ↵Jon Kessler2013-08-161-0/+5
| | | | | | | | | | | | | | | | ActionDispatch::Response#respond_to? to accept include_private argument
* | | | Display exceptions in text format for xhr requestKir Shatrov2013-08-221-0/+41
|/ / /
* | | Allow overriding of all headers from passed environment hashAndrew White2013-07-251-0/+30
| | | | | | | | | | | | | | | | | | | | | Allow REMOTE_ADDR, HTTP_HOST and HTTP_USER_AGENT to be overridden from the environment passed into `ActionDispatch::TestRequest.new`. Fixes #11590
* | | Skip Rack applications and redirects when generating urlsAndrew White2013-07-161-0/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When generating an unnamed url (i.e. using `url_for` with an options hash) we should skip anything other than standard Rails routes otherwise it will match the first mounted application or redirect and generate a url with query parameters rather than raising an error if the options hash doesn't match any defined routes. Fixes #8018
* | | Use Request#raw_post instead Request#bodyPaul Nikitochkin2013-07-081-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | In order to get raw_post to be not empty after ParamsParser#parse_formatted_parameters, added rewinding of body stream input on parsing json params. Closes #11345
* | | Merge pull request #11313 from gsamokovarov/url-encoded-params-testRafael Mendonça França2013-07-061-25/+27
|\ \ \ | | | | | | | | Cleanup ul_encoded_params_parsing_test
| * | | Cleanup ul_encoded_params_parsing_testGenadi Samokovarov2013-07-051-25/+27
| | | |
* | | | Space is not required for Set-Cookie headerYamagishi Kazutoshi2013-07-051-0/+29
|/ / /
* | / use bytesize rather than force encodingAaron Patterson2013-06-281-2/+1
| |/ |/|
* | test-case => failingYves Senn2013-06-251-0/+13
| |
* | Merge pull request #11069 from ykzts/actiondispatch-ssl-secure-flag-igonore-caseGuillermo Iguaran2013-06-241-0/+14
|\ \ | | | | | | Flag cookies as secure with ignore case in ActionDispatch::SSL
| * | Flag cookies as secure with ignore case in ActionDispatch::SSLYamagishi Kazutoshi2013-06-241-0/+14
| | |
* | | ActionDispatch:SSL: don't include STS header in non-https responsesGeoff Buesing2013-06-231-0/+5
|/ /
* | Don't remove trailing slash from PATH_INFO for mounted appsPiotr Sarnacki2013-06-211-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously when app was mounted as following: class Foo def call(env) [200, {}, [env['PATH_INFO']]] end end RackMountRailsBug::Application.routes.draw do mount RackTest.new => "/foo" end trailing slash was removed from PATH_INFO. For example requesting GET /foo/bar/ on routes defined above would result in a response containing "/foo/bar" instead of "/foo/bar/". This commit fixes the issue. (closes #3215)
* | Don't set X-UA-Compatible header by defaultGuillermo Iguaran2013-06-131-3/+1
| | | | | | | | | | | | We are setting this header to chrome=1 for Chrome Frame and this will be retired soon. Check http://blog.chromium.org/2013/06/retiring-chrome-frame.html for details
* | Remove Mime::Type#verify_request? and Mime::Type.browser_generated_types ↵kennyj2013-06-022-21/+0
| | | | | | | | were deprecated.
* | `RoutesInspector` deals with routes using regexp as `:controller` optionYves Senn2013-05-301-0/+9
| |
* | Add has_named_route? to the mapper APIJosé Valim2013-05-201-0/+13
| |
* | Fix named routing regression from 3.2.13schneems2013-05-161-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When named route that is nested is used in 3.2.13 Example `routes.rb`: ``` resources :nested do resources :builder, :controller => 'nested/builder' end ``` In 3.2.12 and 3.2.12 this named route would work: ``` nested_builder_path(:last_step, :nested_id => "foo") ``` Generating a url that looks like `/nested/foo/builder/last_step`. This PR fixes the regression when building urls via the optimized helper. Any explicit keys set in the options are removed from the list of implicitly mapped keys. Not sure if this is exactly how the original version worked, but this fixes this use case regression.
* | Replace multi_json with jsonErik Michaels-Ober2013-05-111-1/+1
| |
* | Fix failing AP testCarlos Antonio da Silva2013-05-011-1/+1
| |
* | Merge pull request #9857 from yyyc514/bad_params_should_400Aaron Patterson2013-04-301-0/+6
|\ \ | | | | | | failure to parse params should trigger a 400 Bad Request
| * | failure to parse params should trigger a 400 Bad RequestJosh Goebel2013-03-211-0/+6
| | |
* | | Add test for `format: false` with resources - closes #10323Andrew White2013-04-241-0/+29
| | |
* | | Return a 405 response for unknown HTTP methodsLewis Marshall2013-04-222-0/+12
| | |
* | | Refactor ActionDispatch::Http::URL.build_host_urlAndrew White2013-04-181-0/+41
| | | | | | | | | | | | | | | Add support for extracting the port from the :host option and for removing the subdomain by using nil, false or ''.
* | | Add url generation tests for #10185Andrew White2013-04-181-0/+2
| | |
* | | Passing subdomain: '' to url_for removes the subdomain (instead of adding a ↵Derek Watson2013-04-181-0/+20
| | | | | | | | | | | | | | | | | | leading .) Adding a boolean route constraint checks for presence/absence of request property
* | | Merge pull request #10074 from ↵Rafael Mendonça França2013-04-032-2/+0
|\ \ \ | | | | | | | | | | | | | | | | trevorturk/remove-fixme-comments-about-legacy-key-generator Remove comments about removing LegacyKeyGenerator in 4.1
| * | | Remove comments about removing LegacyKeyGenerator in 4.1Trevor Turk2013-04-032-2/+0
| | | |
* | | | Merge pull request #9932 from senny/9913_routing_problemAndrew White2013-04-031-0/+29
|\ \ \ \ | | | | | | | | | | routing bugfixes when matching multiple paths
| * | | | routing shorthand syntax works with multiple pathsYves Senn2013-03-261-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes #9913. We need to expand the match shorthand syntax for every path.
| * | | | bugfix, when matching multiple paths with `get`, `post`, ...Yves Senn2013-03-261-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This problem was introduced with: https://github.com/rails/rails/commit/d03aa104e069be4e301efa8cefb90a2a785a7bff
* | | | | fix regression in Mapper when `format:` was used in a `scope`.Yves Senn2013-04-031-0/+22
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | Closes #10071 `#normalize_path!` depends on the options so we need to call `#normalize_options!` first to make sure everything is set correctly.