| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
| |
This can still be added to the middleware stack, but is really not
necessary. I'll follow up with a commit that deprecates the constant
|
| |
|
|
|
|
| |
we don't actually need a param parser middleware instance since the
request object will take care of parsing parameters for us. For now,
we'll just configure the parameter parsers on the request in this class.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This changes the renderer class to store the controller and defaults as
an instance variable rather than allocating a new class. You can create
a new renderer with an new env by calling `Renderer#new` or use new
defaults by calling `Renderer#with_defaults` and saving the return value
somewhere.
Also I want to keep the `env` private since I would like to change the
keys in the future. This commit only translates particular keys that
the user requested.
|
| |
|
|
|
| |
this means the reader doesn't need to lock, but does have the added cost
of a new object created for every controller
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In c546a2b this was changed to mimic how the browser behaves in a real
situation but left out types that were registered.
When this was changed it didn't take `text/plain` or `text/html` content
types into account. This is a problem if you're manipulating the
`Content-Type` headers in your controller tests, and expect a certain
result.
The reason I changed this to use `to_sym` is because if the
`Content-Type` is not registered then the symbol will not exist. If it's
one of the special types we handle that specifically (:json, :xml, or
:url_encoded_form). If it's any registered type we handle it by setting
the `path_parameters` and then the `request_parameters`. If the `to_sym`
returns nil an error will be thrown.
If the controller test sets a `Content-Type` on the request that `Content-Type`
should remain in the header and pass along the filename.
For example:
If a test sets a content type on a post
```
@request.headers['CONTENT_TYPE'] = 'text/plain'
post :create, params: { name: 'foo.txt' }
```
Then `foo.txt` should be in the `request_parameters` and params related
to the path should be in the `path_parameters` and the `Content-Type`
header should match the one set in the `@request`. When c546a2b was
committed `text/plain` and `text/html` types were throwing a "Unknown
Content-Type" error which is misleading and incorrect.
Note: this does not affect how this is handled in the browser, just how
the controller tests handle setting `Content-Type`.
|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| | |
bernerdschaefer/bs-polymorphic-url_for-dups-arguments
`url_for` does not modify polymorphic options
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The `url_for` methods in `actionpack` and `actionview`
now make a copy of the provided options
before generating polymorphic paths or URLs.
The bug in the previous behavior
is most noticeable in a case like:
url_options = [:new, :post, param: 'value']
if current_page?(url_options)
css_class = "active"
end
link_to "New Post", url_options, class: css_class
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
SSL redirect:
* Move `:host` and `:port` options within `redirect: { … }`. Deprecate.
* Introduce `:status` and `:body` to customize the redirect response.
The 301 permanent default makes it difficult to test the redirect and
back out of it since browsers remember the 301. Test with a 302 or 307
instead, then switch to 301 once you're confident that all is well.
HTTP Strict Transport Security (HSTS):
* Shorter max-age. Shorten the default max-age from 1 year to 180 days,
the low end for https://www.ssllabs.com/ssltest/ grading and greater
than the 18-week minimum to qualify for browser preload lists.
* Disabling HSTS. Setting `hsts: false` now sets `hsts: { expires: 0 }`
instead of omitting the header. Omitting does nothing to disable HSTS
since browsers hang on to your previous settings until they expire.
Sending `{ hsts: { expires: 0 }}` flushes out old browser settings and
actually disables HSTS:
http://tools.ietf.org/html/rfc6797#section-6.1.1
* HSTS Preload. Introduce `preload: true` to set the `preload` flag,
indicating that your site may be included in browser preload lists,
including Chrome, Firefox, Safari, IE11, and Edge. Submit your site:
https://hstspreload.appspot.com
|
| | | |
|
| |/
|
|
| |
converts old ID methods to the new abstract store methods in Rack
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit bff61ba, while reducing allocations, caused a regression when an empty
format is passed to a route.
This can happen in cases where you're using an anchor tag, for example:
`https://example.com/parent/575256966.#child_1032289285`.
Because of this change `format` was getting sent in
`parameterized_parts` when previously it was not included. This resulted
in blank `format`'s being returned as `.` when if there was an extension
included it would be `.extension`. Since there was no extension this
caused incorrect URL's.
The test shows this would result in `/posts/show/1.` instead of
`/posts/show/1` which causes bad urls since the format is not present.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With changes made in 8363b8 and ae29142 cookies that are mutated on the
request like `cookies.signed = x` were not retained in subsequent tests,
breaking cookie authentiation in controller tests.
The test added demonstrates the issue.
The reason we need to select from non-deleted cookies is because without
checking the `@delete_cookies` the `cookie_jar` `@cookies` will send the
wrong cookies to be updated. The code must check for `@deleted_cookies`
before sending an `#update` with the requests cookie_jar cookies.
This follows how the cookie_jar cookies from the request were updated
before these changes.
|
| |\
| |
| | |
Fix broken IPv6 addresses handling
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
In this commit, we set the content-type to `text/html` in AbstractController if the `options[:html]` is true so that we don't include ActionView::Rendering into ActionController::Metal to set it properly.
I removed the if `options[:plain]` statement because `AbstractController#rendered_format` returns `Mime::TEXT` by default.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* A string in the example lacked quotes.
* The tests asserted stuff about :last_name, whereas
test params do not have that key.
* But, the first one passed, why? After hitting my head against
the wall and doing some obscure rituals realized the new
#require had an important typo, wanted to iterate over the
array argument (key), but it ran over its own hash keys
(method #keys).
* Modified the test to prevent the same typo to happen again.
* The second test assigned to an unused variable safe_params
that has been therefore removed.
* Grammar of the second test description.
* Since I was on it, reworded both test descriptions.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This PR adds ability to accept arrays which allows you to require multiple values in one method. so instead of this:
```ruby
params.require(:person).require(:first_name)
params.require(:person).require(:last_name)
```
Here it will be one line for each params, so say if I require 10params, it will be 10lines of repeated code which is not dry. So I have added new method which does this in one line:
```ruby
params.require(:person).require([:first_name, :last_name])
```
Comments welcome
|
| |\ \
| | |
| | |
| | |
| | | |
jeremyf/updating-ActionController-TestSession-to-behave-as-a-hash-with-indifferent
Updating TestSession to access with indifference
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The following Rails code failed (with a `KeyError` exception) under
test:
```ruby
class ApplicationController < ActionController::Base
def user_strategy
# At this point:
# ```ruby
# session == {
# "user_strategy"=>"email",
# "user_identifying_value"=>"hello@world.com"
# }
# ```
if session.key?(:user_strategy)
session.fetch(:user_strategy)
end
end
end
```
When I checked the session's keys (`session.keys`), I got an array of
strings. If I accessed `session[:user_strategy]` I got the expected
`'email'` value. However if I used `session.fetch(:user_strategy)` I
got a `KeyError` exception.
This appears to be a Rails 4.2.4 regression (as the code works under
Rails 4.2.3).
Closes #21383
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Since all controller instances are required to have a request and
response object, RackDelegation is no longer needed (we always have to
delegate to the response)
|
| | | |
| | |
| | |
| | | |
without this module, the content type is not set correctly
|
| |/ /
| |
| |
| | |
method_call_assertions
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Controllers should always have a request and response when responding.
Since we make this The Rule(tm), then controllers don't need to be
somewhere in limbo between "asking a response object for a rack
response" or "I, myself contain a rack response". This duality leads to
conditionals spread through the codebase that we can delete:
* https://github.com/rails/rails/blob/85a78d9358aa728298cd020cdc842b55c16f9549/actionpack/lib/action_controller/metal.rb#L221-L223
|
| | | |
|
| | |
| |
| |
| | |
collect the body and make assert against the collected body
|
| | |
| |
| |
| | |
This saves a lambda and request allocation on each request.
|
| |\ \
| | |
| | | |
Get rid of mocha tests in actionpack - part 2
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Remove more unused block arguments
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
Trim out least needed controllers from AP test suite
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
add missing test for action regexp for routing
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | | |
We should keep the route set generation logic in one place
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If we subclass and augment the superclass, then we don't need to have
setters for particular things on the superclass.
|
| | | | | |
| | | | |
| | | | | |
`:nail_care:`
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
controller class resolution has been moved to the request object, so we
should override that method instead of relying on the RouteSet to
generate the controller class.
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Remove unused variables
|
| | | |/ /
| |/| | |
|
| |\ \ \ \
| |/ / /
|/| | | |
Get rid of mocha tests in actionpack - part 1
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
This commit allows us to use one request object rather than allocating
multiple request objects to deal with the session.
|
