| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
Prevent static middleware from attempting to serve a request with a null byte
|
| | |
| |
| |
| |
| |
| | |
File paths cannot contain null byte characters and methods that do path
operations such as Rack::Utils#clean_path_info will raise unwanted
errors.
|
| | |
| |
| |
| |
| | |
This shouldn't generally come up: under a standard flow, we don't start
sending until after the commit. But application code always finds a way.
|
| | |
| |
| |
| |
| |
| |
| | |
- `CONTROLLER` argument can now be supplied in different ways (Rails::WelcomeController, Rails::Welcome, rails/welcome)
- If `CONTROLLER` argument was supplied but it does not exist, will warn the user that this controller does not exist
- If `CONTROLLER` argument was supplied and no routes could be found matching this filter, will warn the user that no routes were found matching the supplied filter
- If no routes were defined in the config/routes.rb file, will warn the user with the original message
|
| | |
| |
| |
| |
| |
| | |
- Removes following warning -
`rails/actionpack/test/dispatch/ssl_test.rb:203: warning: `*' interpreted as argument prefix`.
|
| |/
|
|
|
|
|
|
| |
- Earlier only Hash was allowed as params argument to url_helpers.
- Now ActionController::Parameters instances will also be allowed.
- If the params are not secured then it will raise an ArgumentError to
indicate that constructing URLs with non-secure params is not recommended.
- Fixes #22832.
|
| |\
| |
| | |
Configurable redirect and secure cookies for ActionDispatch::SSL
|
| | | |
|
| | | |
|
| |/
|
|
|
|
| |
is not a valid type
Closes #22747
|
| | |
|
| |
|
|
|
| |
This was causing bug #22738 to occur. Also added extra tests to make
sure everything is A-OK.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
I did this change but it is affecting how the request params end up
after being processed by the router.
To be in the safe side, I just take the format from the extension in the
URL when is not present in those params and it's being used only for the
`Request#formats` method
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We want to get rid of the `Live::Response` so we are consolidating methods
from `Live::Response` and `Response` by merging them together.
This adds an `#empty` method to the request so we don't need to
hard-code the empty array each time we call an empty
`ActionDispatch::Request`.
The work here is a continuation on combining controller and integration
test code bases into one.
|
| |
|
|
|
|
|
|
|
|
|
| |
There were two places where the tld_length default
was hard-coded to 1, both overriding the real default
value of ActionDispatch::Http::URL.tld_length in this
set of tests.
This commit removes both of those, relying on the
actual value of ActionDispatch::Http::URL.tld_length,
unless it's specifically overridden.
|
| |\
| |
| | |
Brush up errors of `ActionDispatch::Routing::Mapper#mount`
|
| | |
| |
| |
| |
| |
| | |
* Integrate to raise `ArgumentError`
* Detailed error message when `path` is not defined
* Add a test case, invalid rack app is passed
|
| |\ \
| | |
| | | |
In url_for, never append ? when the query string is empty anyway.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It used to behave like this:
url_for(controller: 'x', action: 'y', q: {})
# -> "/x/y?"
We previously avoided empty query strings in most cases by removing
nil values, then checking whether params was empty. But as you can
see above, even non-empty params can yield an empty query string. So
I changed the code to just directly check whether the query string
ended up empty.
(To make everything more consistent, the "removing nil values"
functionality should probably move to ActionPack's Hash#to_query, the
place where empty hashes and arrays get removed. However, this would
change a lot more behavior.)
|
| |\ \ \
| | | |
| | | | |
Add text template for source code
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When a request is made with AJAX and an error occurs, Rails will render
a text-template for the exception instead of the HTML error page
(#11960).
The `.text.erb` variant of the `_source` template is currently missing,
causing HTML to be rendered in the response. This commit adds the text
template.
To keep the page scannable we only only show the first three source
extracts.
Related to #14745.
Before:
```
~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H
'X-Requested-With: XMLHttpRequest'
RuntimeError in PostsController#index
<div class="source " id="frame-source-0">
<div class="info">
Extracted source (around line <strong>#3</strong>):
</div>
<div class="data">
<table cellpadding="0" cellspacing="0" class="lines">
<tr>
```
After:
```
~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H
'X-Requested-With: XMLHttpRequest'
RuntimeError in PostsController#index
Extracted source (around line #3):
*3 raise
```
|
| |\ \ \ \
| |_|_|/
|/| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The initial attempt was to remove the method at all in
https://github.com/sergey-alekseev/rails/commit/4926aa68c98673e7be88a2d2b57d72dc490bc71c.
The method overrides Rack's `#form_data?`
https://github.com/rack/rack/blob/6f8808d4201e68e4bd780441b3b7bb3ee6d1f43e/lib/rack/request.rb#L172-L184.
Which may have some incorrect implementation actually. `type.nil?` isn't possible I suppose. I'll check.
|
| | | | | |
|
| | |/ /
|/| | |
|
| | | | |
|
| |\ \ \
| |_|/
|/| | |
Add test for parsing application/vnd.api+json
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Prior to this change, given a route:
# config/routes.rb
get ':a' => "foo#bar"
If one pointed to http://example.com/%BE (param `a` has invalid encoding),
a `BadRequest` would be raised with the following non-informative message:
ActionController::BadRequest
From now on the message displayed is:
Invalid parameter encoding: hi => "\xBE"
Fixes #21923.
|
| |\ \ \
| | | |
| | | |
| | | | |
Add basic support for access control headers to ActionDispatch::Static
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Now ActionDispatch::Static can accept HTTP headers so that developers
will have control of returning arbitrary headers like
'Access-Control-Allow-Origin' when a response is delivered. They can
be configured through `#config.public_file_server.headers`:
config.public_file_server.headers = {
"Cache-Control" => "public, max-age=60",
"Access-Control-Allow-Origin" => "http://rubyonrails.org"
}
Also deprecate `config.static_cache_control` in favor of
`config.public_file_server.headers`.
|
| |\ \ \ \
| | | | |
| | | | | |
Change `Journey::Route#verb` to return string instead of regexp.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
By [this commit](https://github.com/rails/rails/commit/0b476de445faf330c58255e2ec3eea0f3a7c1bfc)
`Journey::Route#verb` need not to return verb as regexp.
The returned value is used by inspector, so change it to be a string.
Add inspect_with_multiple_verbs test case to keep the behavior of
inspector correctly.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Rails 4.x and earlier didn't support `Mime::Type[:FOO]`, so libraries
that support multiple Rails versions would've had to feature-detect
whether to use `Mime::Type[:FOO]` or `Mime::FOO`.
`Mime[:foo]` has been around for ages to look up registered MIME types
by symbol / extension, though, so libraries and plugins can safely
switch to that without breaking backward- or forward-compatibility.
Note: `Mime::ALL` isn't a real MIME type and isn't registered for lookup
by type or extension, so it's not available as `Mime[:all]`. We use it
internally as a wildcard for `respond_to` negotiation. If you use this
internal constant, continue to reference it with `Mime::ALL`.
Ref. efc6dd550ee49e7e443f9d72785caa0f240def53
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Just a slight refactor that delegates file sending to the response
object. This gives us the advantage that if a webserver (in the future)
provides a response object that knows how to do accelerated file
serving, it can implement this method.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Suppress warnings of `assigned but unused variable`
|
| | |/ / / / |
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Introduce `ActionDispatch::Http::Headers#add` to add a value to
a multivalued header.
* Move `Response#add_header` upstream: https://github.com/rack/rack/pull/957
* Match upstream `Response#have_header?` -> `#has_header?` name change.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
header.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
* first test is for `default_charset` i.e `ActionDispatch::Response.default_charset = “utf-8”`
* In below test we are passing `ActionDispatch::Response.default_charset = 'utf-16’` so name of the test is irrelevant — “read content type without charset”
|
| | | | | |
|
