aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | Fix `make_response!` when called by `serve` in `RouteSet`eileencodes2015-12-092-6/+40
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | All of our tests were testing the `ActionController::Live` behavior in a standalone environment, without going through the router or behaving like a real application. This resulted in `ActionController::Live` throwing the exception `undefined method 'request' for #<ActionDispatch::Request:0x00000003ad1148>` because `make_response!` was expecting a response instead of a request. The expectation of a response came from `set_response!` in non-router tests setting the response and passing it to `make_response!`. In the case of an application we would hit `serve` in `RouteSet` first which would send us to `make_response!` with a request sent instead of a response. The changes here remove `set_response!` so `make_response!` always receives a request. Thanks to KalabiYau for help with the investigation and solution. Fixes #22524 [Eileen M. Uchitelle & KalabiYau]
* | | | Change the `protect_from_forgery` prepend default to `false`eileencodes2015-12-073-9/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per this comment https://github.com/rails/rails/pull/18334#issuecomment-69234050 we want `protect_from_forgery` to default to `prepend: false`. `protect_from_forgery` will now be insterted into the callback chain at the point it is called in your application. This is useful for cases where you want to `protect_from_forgery` after you perform required authentication callbacks or other callbacks that are required to run after forgery protection. If you want `protect_from_forgery` callbacks to always run first, regardless of position they are called in your application, then you can add `prepend: true` to your `protect_from_forgery` call. Example: ```ruby protect_from_forgery prepend: true ```
* | | | Merge pull request #22475 from claudiob/missing-requireMatthew Draper2015-12-081-0/+1
|\ \ \ \ | | | | | | | | | | Add missing require to strong_parameters.rb
| * | | | Add missing require to strong_parameters.rbclaudiob2015-12-041-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | The file [references Rack::Test here](https://github.com/rails/rails/blame/master/actionpack/lib/action_controller/metal/strong_parameters.rb#L671) so it's better off requiring 'rack/test' in the first place.
* | | | | Merge pull request #22517 from Elektron1c97/masterRafael França2015-12-071-2/+1
|\ \ \ \ \ | | | | | | | | | | | | [ci skip] Add a dollar sign to each command in the READMEs
| * | | | | [ci skip] Add a dollar sign to each command in the READMEsElektron1c972015-12-061-2/+1
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | According to pr #22443 in the guides there's always a dollar sign before every command, so why is in the main README a `$` and in every submodule a `%`? Just eye candy..
* | | | | Only commit the cookie jar if it hasn't been committedeileencodes2015-12-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't want to commit the cookie jar more than once because then we will be attempting to modify a frozen hash. Fixes Railties test failure caused by 492b134.
* | | | | Stop violating law of demeter in response cookie_jareileencodes2015-12-063-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a new method to request and response so we don't need to violate the law of demeter. We are changing `Request` and `Response` so that they always have a `cookie_jar` This is a continuation on work to combine integration and controller test code bases in Rails.
* | | | | Push `before_sending` to super classeileencodes2015-12-0610-11/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We want to get rid of the `Live::Response` so we are consolidating methods from `Live::Response` and `Response` by merging them together. This adds an `#empty` method to the request so we don't need to hard-code the empty array each time we call an empty `ActionDispatch::Request`. The work here is a continuation on combining controller and integration test code bases into one.
* | | | | Merge pull request #22453 from wjessop/use_action_dispatch_default_tld_lengthEileen M. Uchitelle2015-12-061-26/+30
|\ \ \ \ \ | |_|/ / / |/| | | | Test against the real value of tld_length unless explicitly set
| * | | | Test against the real value of tld_length unless explicitly setWill Jessop2015-12-041-26/+30
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were two places where the tld_length default was hard-coded to 1, both overriding the real default value of ActionDispatch::Http::URL.tld_length in this set of tests. This commit removes both of those, relying on the actual value of ActionDispatch::Http::URL.tld_length, unless it's specifically overridden.
* | | | Merge pull request #19977 from ↵Arthur Nogueira Neves2015-12-052-1/+31
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | prathamesh-sonpatki/mention-redirect-path-in-assert-response Add redirection path in the error message of assert_response if response is :redirect
| * | | | Add redirection path in the error message of assert_response if response is ↵Prathamesh Sonpatki2015-12-042-1/+31
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | :redirect - If the assert_response is checking for any non-redirect response like :success and actual response is :redirect then, the error message displayed was - Expected response to be a <success>, but was <302> - This commit adds the redirect path to the error message of assert_response if the response is :redirect. So above message is changed to - Expected response to be a <success>, but was a redirect to <http://test.host/posts/lol>
* / / / Shrink a couple of deprecation warnings to one-linersMatthew Draper2015-12-061-18/+8
|/ / / | | | | | | | | | | | | The previous spelling seemed a bit too generous with the whitespace, and looked out of place when amongst others.
* | | Merge pull request #22373 from yui-knk/ad_constraintsYves Senn2015-11-301-1/+1
|\ \ \ | | | | | | | | Add `Routing` namespace to point appropriate constant
| * | | Add `Routing` namespace to point appropriate constantyui-knk2015-11-221-1/+1
| | | | | | | | | | | | | | | | Make it clear we use `ActionDispatch::Routing::Endpoint`
* | | | Merge pull request #22371 from yui-knk/better_mount_errorArthur Nogueira Neves2015-11-282-7/+22
|\ \ \ \ | | | | | | | | | | Brush up errors of `ActionDispatch::Routing::Mapper#mount`
| * | | | Brush up errors of `ActionDispatch::Routing::Mapper#mount`yui-knk2015-11-282-7/+22
| |/ / / | | | | | | | | | | | | | | | | | | | | * Integrate to raise `ArgumentError` * Detailed error message when `path` is not defined * Add a test case, invalid rack app is passed
* | | | [ci skip] Add author's name to CHANGELOGyui-knk2015-11-281-0/+2
| | | |
* | | | Merge pull request #21241 from pdg137/masterArthur Nogueira Neves2015-11-263-1/+13
|\ \ \ \ | | | | | | | | | | In url_for, never append ? when the query string is empty anyway.
| * | | | In url_for, never append ? when the query string is empty anyway.Paul Grayson2015-10-293-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It used to behave like this: url_for(controller: 'x', action: 'y', q: {}) # -> "/x/y?" We previously avoided empty query strings in most cases by removing nil values, then checking whether params was empty. But as you can see above, even non-empty params can yield an empty query string. So I changed the code to just directly check whether the query string ended up empty. (To make everything more consistent, the "removing nil values" functionality should probably move to ActionPack's Hash#to_query, the place where empty hashes and arrays get removed. However, this would change a lot more behavior.)
* | | | | Merge pull request #22263 from mastahyeti/csrf-origin-checkRafael França2015-11-263-4/+75
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Add option to verify Origin header in CSRF checks [Jeremy Daer + Rafael Mendonça França]
| * | | | | Add option to verify Origin header in CSRF checksBen Toews2015-11-253-4/+75
| | | | | |
* | | | | | Merge pull request #22172 from tijmenb/fix-source-in-show-exceptionRafael França2015-11-243-0/+16
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add text template for source code
| * | | | | | Add text template for source codeTijmen Brommet2015-11-033-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a request is made with AJAX and an error occurs, Rails will render a text-template for the exception instead of the HTML error page (#11960). The `.text.erb` variant of the `_source` template is currently missing, causing HTML to be rendered in the response. This commit adds the text template. To keep the page scannable we only only show the first three source extracts. Related to #14745. Before: ``` ~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H 'X-Requested-With: XMLHttpRequest' RuntimeError in PostsController#index <div class="source " id="frame-source-0"> <div class="info"> Extracted source (around line <strong>#3</strong>): </div> <div class="data"> <table cellpadding="0" cellspacing="0" class="lines"> <tr> ``` After: ``` ~/testing-exceptions ᐅ curl 'http://localhost:3000/' -H 'X-Requested-With: XMLHttpRequest' RuntimeError in PostsController#index Extracted source (around line #3): *3 raise ```
* | | | | | | Merge pull request #17928 from sergey-alekseev/remove-unused-form-data-methodSean Griffin2015-11-232-3/+29
|\ \ \ \ \ \ \
| * | | | | | | write a test for `#form_data?`Sergey Alekseev2015-03-312-1/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The initial attempt was to remove the method at all in https://github.com/sergey-alekseev/rails/commit/4926aa68c98673e7be88a2d2b57d72dc490bc71c. The method overrides Rack's `#form_data?` https://github.com/rack/rack/blob/6f8808d4201e68e4bd780441b3b7bb3ee6d1f43e/lib/rack/request.rb#L172-L184. Which may have some incorrect implementation actually. `type.nil?` isn't possible I suppose. I'll check.
* | | | | | | | Clearer comment and variable name on IP spoofingGrey Baker2015-11-221-7/+15
| |_|_|_|/ / / |/| | | | | |
* | | | | | | Merge pull request #22353 from Bounga/doc_for_cookies_encryptedClaudio B2015-11-201-0/+7
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add missing example for cookies.encrypted [ci skip]
| * | | | | | | Add missing example for cookies.encrypted [ci skip]Nicolas Cavigneaux2015-11-201-0/+7
| | |_|_|_|_|/ | |/| | | | |
* / | | | | | Remove arity check for `RouteSet#draw`yui-knk2015-11-212-10/+0
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | This code was added for migration from Rails 3.1 to upper, now we are developing Rails 5.
* | | | | | Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-11-151-5/+5
|\ \ \ \ \ \
| * | | | | | adding missing `.` Gaurav Sharma2015-11-151-5/+5
| | | | | | |
* | | | | | | [ci skip] Fix <tt> in docclaudiob2015-11-151-1/+1
| | | | | | |
* | | | | | | Merge pull request #22277 from jwworth/pull-request/fix-typo-1447344392Rafael França2015-11-121-1/+1
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix typo [ci skip]
| * | | | | | | Fix typo [ci skip]Jake Worth2015-11-121-1/+1
| | | | | | | |
* | | | | | | | Merge pull request #22259 from daisuko/remove_compiled_root_from_static_rbYves Senn2015-11-121-1/+0
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | remove unnecessary @compiled_root from static.rb
| * | | | | | | remove unnecessary @compiled_root from static.rbdaisuko2015-11-111-1/+0
| | |_|_|/ / / | |/| | | | |
* / | | | | | Show middleware classes on /rails/info/propertiesclaudiob2015-11-111-1/+5
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes #21230 by following the indication of @rafaelfranca: > I think the output change would be simpler. > What is really important to show is the class of the middleware, so we should change the output to show that.
* | | | | | Require only necessary concurrent-ruby classes.Jerry D'Antonio2015-11-042-2/+2
| | | | | |
* | | | | | tests, test should not care wether 9ms or 11ms have passed.Yves Senn2015-11-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This solves: ``` Expected /Completed 200 OK in [\d]ms/ to match "Completed 200 OK in 943ms". ```
* | | | | | Move `static_cache_contorl` deprecation changelog entry to Railties.Kasper Timm Hansen2015-11-041-5/+0
| |_|/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The configuration for `config.static_cache_control`, and its replacement `config.public_file_server.headers` are implemented in Railties. People would configure this in environment files, which is Railties domain too.
* | | | | Deprecate exception#original_exception in favor of exception#causeYuki Nishijima2015-11-0314-42/+85
| | | | |
* | | | | remove present? call; we do not need itAaron Patterson2015-11-021-1/+1
| | | | |
* | | | | Fix double word 'string' [ci skip]Jake Worth2015-11-011-1/+1
|/ / / /
* | | | Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-10-313-13/+13
|\ \ \ \
| * | | | Improved readability of Assertion docs, replaced ‘Assert’ -> ↵amitkumarsuroliya2015-10-093-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | ‘Asserts’ at all places [ci skip] Following commit https://github.com/rails/docrails/commit/495722a95687e25114ae75608dd3107ac5d6611b
| * | | | Fixed wording in Assertion docs, changed ‘Assert’ -> ‘Asserts’Ronak Jangir2015-10-071-1/+1
| | | | |
* | | | | Merge pull request #21251 from rodzyn/more_param_parser_testsSean Griffin2015-10-301-0/+14
|\ \ \ \ \ | |_|_|/ / |/| | | | Add test for parsing application/vnd.api+json
| * | | | Add test for parsing application/vnd.api+jsonMarcin Olichwirowicz2015-08-211-0/+14
| | | | |