| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
De-duplicate templates, introduce UnboundTemplate
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
This adds a bit of complexity, but is necessary for now to avoid holding
extra copies of templates which are resolved from ActionView::Digestor
after disabling cache on the lookup context.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously it's possible to have multiple copies of the "same" Template.
For example, if index.html.erb is found both the :en and :fr locale, it
will return a different Template object for each. The same can happen
with formats, variants, and handlers.
This commit de-duplicates templates, there will now only be one template
per file/virtual_path/locals tuple.
We need to consider virtual_path because both `render "index"`, and
`render "index.html"` can both find the same file but will have
different virtual_paths. IMO this is rare and should be
deprecated/removed, but it exists now so we need to consider it in order
to cache correctly.
This commit introduces a new UnboundTemplate class, which represents a
template with unknown locals. Template objects can be built from it by
using `#with_locals`. Currently, this is just a convenience around
caching templates, but I hope it's a helpful concept that could have
more utility in the future.
|
| |/ |
|
| |
|
|
| |
This is unnecessary now that we can just provide a file source
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mainly to help with knowning which template is reponsible for the
warning.
handler.class # => Class
handler.to_s # => Coffee::Rails::TemplateHandler
Before:
Change:
>> Class#call(template)
To:
>> Class#call(template, source)
After:
Change:
>> Coffee::Rails::TemplateHandler.call(template)
To:
>> Coffee::Rails::TemplateHandler.call(template, source)
|
| |\
| |
| | |
Make Resolver#find_all_anywhere equivalent to #find_all
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, when using `render file:`, it was possible to render files
not only at an absolute path or relative to the current directory, but
relative to ANY view paths. This was probably done for absolutely
maximum compatibility when addressing CVE-2016-0752, but I think is
unlikely to be used in practice.
Tihs commit removes the ability to `render file:` with a path relative
to a non-fallback view path.
Make FallbackResolver.new private
To ensure nobody is making FallbackResolvers other than "/" and "".
Make reject_files_external_... no-op for fallbacks
Because there are only two values used for path: "" and "/", and
File.join("", "") == File.join("/", "") == "/", this method was only
testing that the absolute paths started at "/" (which of course all do).
This commit doesn't change any behaviour, but it makes it explicit that
the FallbackFileSystemResolver works this way.
Remove outside_app_allowed argument
Deprecate find_all_anywhere
This is now equivalent to find_all
Remove outside_app argument
Deprecate find_file for find
Both LookupContext#find_file and PathSet#find_file are now equivalent to
their respective #find methods.
|
| | |
| |
| |
| | |
in #35826
|
| |/ |
|
| | |
|
| |\
| |
| | |
RFC: Introduce Template::File
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The previous behaviour of render file: was essentially the same as
render template:, except that templates can be specified as an absolute
path on the filesystem.
This makes sense for historic reasons, but now render file: is almost
exclusively used to render raw files (not .erb) like public/404.html. In
addition to complicating the code in template/resolver.rb, I think the
current behaviour is surprising to developers.
This commit deprecates the existing "lookup a template from anywhere"
behaviour and replaces it with "render this file exactly as it is on
disk". Handlers will no longer be used (it will render the same as if
the :raw handler was used), but formats (.html, .xml, etc) will still be
detected (and will default to :plain).
The existing render file: behaviour was the path through which Rails
apps were vulnerable in the recent CVE-2019-5418. Although the
vulnerability has been patched in a fully backwards-compatible way, I
think it's a strong hint that we should drop the existing
previously-vulnerable behaviour if it isn't a benefit to developers.
|
| | | |
|
| |\ \
| |/
|/|
| |
| | |
erose/better-error-reporting-for-syntax-errors-in-templates
Display a more helpful error message when an ERB template has a Ruby syntax error.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Custom glob patterns tie the implementation (Using Dir.glob) to the API
we provide.
It also doesn't really work. extract_handler_and_format_and_variant
expects the handler, format, and variant to be at the end of the
template path, and in the same order as they are in the default pattern.
This deprecates specifying a custom path for FileSystemResolver and
removes the pattern argument of OptimizedFileSystemResolver#initialize,
which does not work with a custom pattern.
|
| | | |
|
| |\ \
| | |
| | | |
Make Template::Resolver always cache
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
All actionview caches are already cleared at the start of each request
(when Resolver.caching is false) by PerExecutionDigestCacheExpiry, which
calls LookupContext::DetailsKey.clear (which clears all caches).
Because caches are always cleared per-request in dev, we shouldn't need
this extra logic to compare mtimes and conditionally reload templates.
This should make templates slightly faster in development (particularly
multiple renders of the same template)
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There was a recent change by @tenderlove to Action view which introduced
`ActionView::Base#run` [1].
We ran into an issue with our application because one of the core
concepts in our domain model is a `Run` which is exposed in most of our
views as a helper method, which now conflicts with this new method.
Although this is a public method it is not really meant to be part of
the public API.
In order to discourage public use of this method and to reduce the
chances of this method conflicting with helper methods we can prefix
this method with an underscore, renaming this method to `_run`.
[1] https://github.com/rails/rails/commit/c740ebdaf5
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| | |
Co-Authored-By: tenderlove <tenderlove@github.com>
|
| | |
| |
| |
| |
| |
| | |
`virtual_path` is calculated in the constructor when the Template object
is allocated. We don't actually need to set it in the `decorate`
method. That means we can remove the decorate method all together.
|
| | |
| |
| |
| |
| |
| |
| | |
This commit ensures that locals are passed in to the template objects
when they are constructed, then removes the `locals=` mutator on the
template object. This means we don't need to mutate Template objects
with locals in the `decorate` method.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Even if the template is constructed with a `nil` variant, the array it
constructs will never be `empty?`:
https://github.com/rails/rails/blob/56b030605b4d968077a4ddb96b4ab619e75fb999/actionview/lib/action_view/template.rb#L152
We get an array that is `[nil]`, which is not empty, so this conditional
is never true.
|
| | |
| |
| |
| |
| |
| |
| | |
Templates only have one format. Before this commit, templates would be
constructed with a single element array that contained the format. This
commit eliminates the single element array and just implements a
`format` method. This saves one array allocation per template.
|
| | |
| |
| |
| |
| | |
The format should always be exactly one symbol. Now we don't need to
check whether or not the format is a `Type` in the constructor.
|
| | |
| |
| |
| |
| | |
This means we can eliminate nil checks and remove some mutations from
the `decorate` method.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit adds a finalizer just to inline templates. We can't cache
compilation of inline templates because it's possible that people could
have render calls that look like this:
```ruby
loop do
render inline: "#{rand}"
end
```
and we would cache every one of these different inline templates. That
would cause a memory leak. OTOH, we don't need finalizers on regular
templates because we can cache, control, and detect changes to the
template source.
Fixes: #35372
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit passes the template format to the digestor in order to come
up with a key. Before this commit, the digestor would depend on the
side effect of the template renderer setting the rendered_format on the
lookup context. I would like to remove that mutation, so I've changed
this to pass the template format in to the digestor.
I've introduced a new instance variable that will be alive during a
template render. When the template is being rendered, it pushes the
current template on to a stack, setting `@current_template` to the
template currently being rendered. When the cache helper asks the
digestor for a key, it uses the format of the template currently on the
stack.
|
| |
|
|
|
|
|
|
|
|
|
| |
This commit keeps a stack of lookup contexts on the ActionView::Base
instance. If a format is passed to render, we instantiate a new lookup
context and push it on the stack, that way any child calls to "render"
will use the same format information as the parent. This also isolates
"sibling" calls to render (multiple calls to render in the same
template).
Fixes #35222 #34138
|
| |
|
|
| |
Refs: rails/jbuilder#452
|
| |
|
|
|
|
|
|
|
| |
This commit passes the mutated source to the template handler as a
parameter and deprecates the old handlers. Old handlers required that
templates contain a reference to mutated source code, but we would like
to make template objects "read only". This change lets the template
remain "read only" while still giving template handlers access to the
source code after mutations.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Every template that specifies a "virtual path" loses the template source
when the template gets compiled:
https://github.com/rails/rails/blob/eda0f574f129fcd5ad1fc58b55cb6d1db71ea95c/actionview/lib/action_view/template.rb#L275
The "refresh" method seems to think that the source code for a template
can be recovered if there is a virtual path:
https://github.com/rails/rails/blob/eda0f574f129fcd5ad1fc58b55cb6d1db71ea95c/actionview/lib/action_view/template.rb#L171-L188
Every call site that allocates a template object *and* provides a
"virtual path" reads the template contents from the filesystem:
https://github.com/rails/rails/blob/eda0f574f129fcd5ad1fc58b55cb6d1db71ea95c/actionview/lib/action_view/template/resolver.rb#L229-L231
Templates that are inline or literals don't provide a "virtual path":
https://github.com/rails/rails/blob/eda0f574f129fcd5ad1fc58b55cb6d1db71ea95c/actionview/lib/action_view/renderer/template_renderer.rb#L34
This commit introduces a `FileTemplate` type that subclasses `Template`.
The `FileTemplate` keeps a reference to the filename, and reads the
source from the filesystem. This effectively makes the template source
immutable.
Other classes depended on the source to be mutated while being compiled,
so this commit also introduces a temporary way to pass the mutated
source to the ERB (or whatever) compiler. See `LegacyTemplate`.
I think we should consider it an error to provide a virtual path on a
non file type template an non-file templates can't recover their source.
Here is an example:
https://github.com/rails/rails/blob/eda0f574f129fcd5ad1fc58b55cb6d1db71ea95c/actionview/lib/action_view/testing/resolvers.rb#L53
This provides a "virtual path" so the source code (a string literal) is
thrown away after compilation. Clearly we can't recover that string, so
I think this should be an error.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The AV::Base constructor was too complicated, and this commit tightens
up the parameters it will take. At runtime, AV::Base is most commonly
constructed here:
https://github.com/rails/rails/blob/94d54fa4ab641a0ddeb173409cb41cc5becc02a9/actionview/lib/action_view/rendering.rb#L72-L74
This provides an AV::Renderer instance, a hash of assignments, and a
controller instance. Since this is the common case for construction, we
should remove logic from the constructor that handles other cases. This
commit introduces special constructors for those other cases.
Interestingly, most code paths that construct AV::Base "strangely" are
tests.
|
| |
|
|
|
| |
Since everything goes through a `run` method, we can pull the buffer
assignment up.
|
| |
|
|
|
| |
Methods created by views should always be evaluated against an AV::Base
instance. This way we can extract and refactor things in to classes.
|
| |
|
|
|
|
| |
This pulls the "output buffer existence" conditional up. Instead of
evaling the same conditional over and over, we can pull it in to "only
compiled once" Ruby code.
|
| |
|
|
|
|
| |
since Ruby 2.5
https://bugs.ruby-lang.org/issues/14133
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since Rails 6.0 will support Ruby 2.4.1 or higher
`# frozen_string_literal: true` magic comment is enough to make string object frozen.
This magic comment is enabled by `Style/FrozenStringLiteralComment` cop.
* Exclude these files not to auto correct false positive `Regexp#freeze`
- 'actionpack/lib/action_dispatch/journey/router/utils.rb'
- 'activerecord/lib/active_record/connection_adapters/sqlite3_adapter.rb'
It has been fixed by https://github.com/rubocop-hq/rubocop/pull/6333
Once the newer version of RuboCop released and available at Code Climate these exclude entries should be removed.
* Replace `String#freeze` with `String#-@` manually if explicit frozen string objects are required
- 'actionpack/test/controller/test_case_test.rb'
- 'activemodel/test/cases/type/string_test.rb'
- 'activesupport/lib/active_support/core_ext/string/strip.rb'
- 'activesupport/test/core_ext/string_ext_test.rb'
- 'railties/test/generators/actions_test.rb'
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Ruby 2.3 or later, `String#+@` is available and `+@` is faster than `dup`.
```ruby
# frozen_string_literal: true
require "bundler/inline"
gemfile(true) do
source "https://rubygems.org"
gem "benchmark-ips"
end
Benchmark.ips do |x|
x.report('+@') { +"" }
x.report('dup') { "".dup }
x.compare!
end
```
```
$ ruby -v benchmark.rb
ruby 2.5.1p57 (2018-03-29 revision 63029) [x86_64-linux]
Warming up --------------------------------------
+@ 282.289k i/100ms
dup 187.638k i/100ms
Calculating -------------------------------------
+@ 6.775M (± 3.6%) i/s - 33.875M in 5.006253s
dup 3.320M (± 2.2%) i/s - 16.700M in 5.032125s
Comparison:
+@: 6775299.3 i/s
dup: 3320400.7 i/s - 2.04x slower
```
|
| | |
|
| | |
|
