aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch
Commit message (Collapse)AuthorAgeFilesLines
* Make `config.force_ssl` less dangerous to try and easier to disableJeremy Daer2015-09-071-164/+133
| | | | | | | | | | | | | | | | | | | | | | | | SSL redirect: * Move `:host` and `:port` options within `redirect: { … }`. Deprecate. * Introduce `:status` and `:body` to customize the redirect response. The 301 permanent default makes it difficult to test the redirect and back out of it since browsers remember the 301. Test with a 302 or 307 instead, then switch to 301 once you're confident that all is well. HTTP Strict Transport Security (HSTS): * Shorter max-age. Shorten the default max-age from 1 year to 180 days, the low end for https://www.ssllabs.com/ssltest/ grading and greater than the 18-week minimum to qualify for browser preload lists. * Disabling HSTS. Setting `hsts: false` now sets `hsts: { expires: 0 }` instead of omitting the header. Omitting does nothing to disable HSTS since browsers hang on to your previous settings until they expire. Sending `{ hsts: { expires: 0 }}` flushes out old browser settings and actually disables HSTS: http://tools.ietf.org/html/rfc6797#section-6.1.1 * HSTS Preload. Introduce `preload: true` to set the `preload` flag, indicating that your site may be included in browser preload lists, including Chrome, Firefox, Safari, IE11, and Edge. Submit your site: https://hstspreload.appspot.com
* Remove mocha from ActionPack testsMarcin Olichwirowicz2015-09-053-51/+76
|
* implement abstract store methodsAaron Patterson2015-09-042-3/+3
| | | | converts old ID methods to the new abstract store methods in Rack
* Fix bug where cookies mutated by request were not persistedeileencodes2015-09-011-0/+9
| | | | | | | | | | | | | | | With changes made in 8363b8 and ae29142 cookies that are mutated on the request like `cookies.signed = x` were not retained in subsequent tests, breaking cookie authentiation in controller tests. The test added demonstrates the issue. The reason we need to select from non-deleted cookies is because without checking the `@delete_cookies` the `cookie_jar` `@cookies` will send the wrong cookies to be updated. The code must check for `@deleted_cookies` before sending an `#update` with the requests cookie_jar cookies. This follows how the cookie_jar cookies from the request were updated before these changes.
* Merge pull request #19788 from cmdrclueless/actionpack_http_url_ipv6Rafael Mendonça França2015-09-011-0/+45
|\ | | | | Fix broken IPv6 addresses handling
| * Fix broken IPv6 addresses handlingBrian Weaver2015-04-161-0/+45
| |
* | Updating TestSession to access with indifferenceJeremy Friesen2015-08-261-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following Rails code failed (with a `KeyError` exception) under test: ```ruby class ApplicationController < ActionController::Base def user_strategy # At this point: # ```ruby # session == { # "user_strategy"=>"email", # "user_identifying_value"=>"hello@world.com" # } # ``` if session.key?(:user_strategy) session.fetch(:user_strategy) end end end ``` When I checked the session's keys (`session.keys`), I got an array of strings. If I accessed `session[:user_strategy]` I got the expected `'email'` value. However if I used `session.fetch(:user_strategy)` I got a `KeyError` exception. This appears to be a Rails 4.2.4 regression (as the code works under Rails 4.2.3). Closes #21383
* | Merge pull request #21368 from rodzyn/remove_mochaKasper Timm Hansen2015-08-252-41/+25
|\ \ | | | | | | Get rid of mocha tests in actionpack - part 2
| * | Get rid of mocha tests - part 2Marcin Olichwirowicz2015-08-252-41/+25
| | |
* | | Remove more unused block arguments amitkumarsuroliya2015-08-251-1/+1
| | |
* | | Remove unused block argumentsAnshul Sharma2015-08-251-1/+1
|/ /
* | Merge pull request #21321 from rodzyn/removing_mochaKasper Timm Hansen2015-08-245-26/+27
|\ \ | | | | | | Get rid of mocha tests in actionpack - part 1
| * | Get rid of mocha tests - part 1Marcin Olichwirowicz2015-08-245-26/+27
| | |
* | | use a request object in the session middlewareAaron Patterson2015-08-222-22/+24
|/ / | | | | | | | | This commit allows us to use one request object rather than allocating multiple request objects to deal with the session.
* | pass a request object to the headers objectAaron Patterson2015-08-211-1/+1
| |
* | move header allocation to a helper methodAaron Patterson2015-08-211-5/+9
| | | | | | | | | | I'm going to change the constructor, so it's easier to do it in one place.
* | point at rack masterAaron Patterson2015-08-201-1/+1
| |
* | make the routes reader privateAaron Patterson2015-08-181-1/+1
| | | | | | | | | | nobody should be touching the routes hash without going through the NamedRouteCollection object.
* | routes are always constructed with a hash for the conditionsAaron Patterson2015-08-171-2/+2
| |
* | pass pass the mapping object down the add_route stackAaron Patterson2015-08-141-1/+1
| | | | | | | | | | then we can let the mapping object derive stuff that the Route object needs.
* | pass the mapping object to build_routeAaron Patterson2015-08-141-16/+5
| | | | | | | | | | now that we aren't doing options manipulations, we can just pass the mapping object down and read values from it.
* | deprecate passing a string for both the beginning path and :path optionAaron Patterson2015-08-141-1/+4
| |
* | pass the path ast downAaron Patterson2015-08-141-1/+1
| | | | | | | | | | now we don't need to add it to a hash and delete it from the hash later just to pass it around
* | pull up path parsingAaron Patterson2015-08-141-1/+2
| | | | | | | | | | `add_route` needs the AST, so rather than shove it in a hash and delete later, lets move parsing up the stack so we can pass down later
* | use predicate methods instead of hard coding verb stringsAaron Patterson2015-08-141-1/+2
| | | | | | | | | | also change the feeler to subclass AD::Request so that it has all the methods that Request has
* | implement `requirements` in terms of routesAaron Patterson2015-08-141-1/+1
| |
* | implement the `asts` method in terms of paths / patternsAaron Patterson2015-08-141-12/+11
| | | | | | | | Eventually I want to eliminate the FakeSet test class
* | extract ast finding to a methodAaron Patterson2015-08-141-9/+13
| | | | | | | | | | I'm going to reimplement this using route objects, so it will be easier if we just change ast access to go through a method rather than hashes
* | stop adding path_info to the conditions hashAaron Patterson2015-08-141-9/+9
| | | | | | | | we don't need to keep adding it and deleting if from hashes.
* | pull up options_constrants extractionAaron Patterson2015-08-131-1/+1
| |
* | remove `as`Aaron Patterson2015-08-131-1/+1
| | | | | | | | the caller already has access to `as`, so we can stop passing it around.
* | remove anchor from mappingAaron Patterson2015-08-131-1/+1
| | | | | | | | | | | | the same value that is extracted from the options hash earlier is returned, so we don't need to pass it in in the first place. The caller already has the data, so stop passing it around.
* | pull `anchor` extraction upAaron Patterson2015-08-131-1/+1
| | | | | | | | | | this way we don't have to mutate the options hash so far away from where the user passed it in
* | raise if `anchor` is passed to `scope`Aaron Patterson2015-08-131-0/+9
| | | | | | | | | | | | The `anchor` parameter [is overridden](https://github.com/rails/rails/blob/b4b4a611d0eb9aa1c640c5f521c6a43bf2a65bab/actionpack/lib/action_dispatch/routing/mapper.rb#L1528) unless it is directly passed to `match`, so setting it in a scope must be a mistake.
* | pull `formatted` up the stackAaron Patterson2015-08-121-1/+10
| | | | | | | | this reduces the number of times we have to mutate the options hash.
* | add a regression test for scoped `format` paramsAaron Patterson2015-08-121-0/+11
| | | | | | | | This just ensures that `format` is applied to things inside the scope
* | add a regression test for adding arbitrary keys to `scope`Aaron Patterson2015-08-121-0/+15
| |
* | add a method to `Scope` for getting mapping optionsAaron Patterson2015-08-121-1/+2
| | | | | | | | | | Eventually we don't want to expose the "options" hash from scope, only read values from it. Lets start by adding a reader method.
* | pull `via` all the way out of `add_route`Aaron Patterson2015-08-121-0/+8
| |
* | add a test for adding "via" using `scope`Aaron Patterson2015-08-121-0/+9
| |
* | pull `via` extraction upAaron Patterson2015-08-121-2/+2
| | | | | | | | | | | | We're going to try pulling this up further, and check `via` validity sooner. This way we don't have to do a bunch of processing on `options` hashes only to find out that the route is incorrect
* | pull `to` upAaron Patterson2015-08-111-1/+1
| | | | | | | | | | this way we don't have to insert / delete it from the options hash so many times.
* | push option decomposition up a bit moreAaron Patterson2015-08-111-2/+2
| | | | | | | | | | I think we can find the original place where `action` is added to the options hash now.
* | pull up the "options.delete(:controller)" logicAaron Patterson2015-08-111-2/+2
| | | | | | | | | | | | we want to try to pull this logic up to where the user actually passed in "controller" so that it's close to the related call. That way when we're down the stack, we don't need to wonder "why are we doing this?"
* | Merge pull request #11352 from xaviershay/dispatcher-apiRafael Mendonça França2015-08-082-9/+10
|\ \ | | | | | | Allow a custom dispatcher to be provided to routing.
| * | Allow a custom dispatcher to be provided to routing.Xavier Shay2015-08-072-9/+10
| | |
* | | Fix deprecation warning in testseileencodes2015-08-081-1/+1
|/ / | | | | | | | | | | | | | | | | | | | | | | | | Using the string version of the class reference is now deprecated when referencing middleware. This should be written as a class not as a string. Deprecation warning that this change fixes: ``` DEPRECATION WARNING: Passing strings or symbols to the middleware builder is deprecated, please change them to actual class references. For example: "ActionDispatch::ShowExceptions" => ActionDispatch::ShowExceptions ```
* | finish deprecating handling strings and symbolsAaron Patterson2015-08-074-60/+19
| | | | | | | | | | since we only work with instances of classes, it greatly simplifies the `Middleware` implementation.
* | Using strings or symbols for middleware class names is deprecated.Aaron Patterson2015-08-072-23/+19
| | | | | | | | | | | | | | | | | | | | Convert things like this: middleware.use "Foo::Bar" to this: middleware.use Foo::Bar
* | simplify the Middleware constructorAaron Patterson2015-08-071-39/+24
| | | | | | | | | | | | We should do the hard work outside the constructor. Also fix the tests to not directly construct middleware objects, but to go through the stack object.