| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit changes encrypted cookies from AES in CBC HMAC mode to
Authenticated Encryption using AES-GCM. It also provides a cookie jar
to transparently upgrade encrypted cookies to this new scheme. Some
other notable changes include:
- There is a new application configuration value:
+use_authenticated_cookie_encryption+. When enabled, AEAD encrypted
cookies will be used.
- +cookies.signed+ does not raise a +TypeError+ now if the name of an
encrypted cookie is used. Encrypted cookies using the same key as
signed cookies would be verified and serialization would then fail
due the message still be encrypted.
|
| | | |
| | |
| | |
| | |
| | | |
The app is booted by then, so there's no need to stash the code away in
some other script.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
singleton (#29180)
* Add ActiveSupport::CurrentAttributes to provide a thread-isolated attributes singleton
* Need to require first
* Move stubs into test namespace.
Thus they won't conflict with other Current and Person stubs.
* End of the line for you, whitespace!
* Support super in attribute methods.
Define instance level accessors in an included module such that
`super` in an overriden accessor works, akin to Active Model.
* Spare users the manual require.
Follow the example of concerns, autoload in the top level Active Support file.
* Add bidelegation support
* Rename #expose to #set. Simpler, clearer
* Automatically reset every instance.
Skips the need for users to actively embed something that resets
their CurrentAttributes instances.
* Fix test name; add tangible name value when blank.
* Try to ensure we run after a request as well.
* Delegate all missing methods to the instance
This allows regular `delegate` to serve, so we don't need bidelegate.
* Properly test resetting after execution cycle.
Also remove the stale puts debugging.
* Update documentation to match new autoreset
|
| | |/
| |
| |
| |
| |
| | |
".. with __dir__ we can restore order in the Universe." - by @fxn
Related to 5b8738c2df003a96f0e490c43559747618d10f5f
|
| | | |
|
| | |
| |
| |
| | |
Fixes #28988
|
| | |
| |
| |
| | |
Fix #28905
|
| | |\
| | |
| | | |
Added a shared section to config/database.yml that will be loaded for all envs
|
| | | |
| | |
| | |
| | | |
environments
|
| | | | |
|
| |/ / |
|
| |\ \
| | |
| | | |
Do not try to encoding the parameters when the controller is not defined
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When you have a route that points to an nonexistent controller we raise
an exception.
This exception was being caught by the DebugExceptions middleware in
development, but when trying to render the error page, we are reading
the request format[[1][]]. To determine the request format we are reading
the format parameters[[2][]], and to be able to read the parameters we need
to encode them[[3][]]. This was raising another exception that to encode the
parameter we try to load the controller to determine if we need to
encode the parameters are binary[[4][]]. This new exception inside the
DebugExceptions middleware makes Rails to render a generic error page.
To avoid this new exception now we only encode the parameters when the
controller can be loaded.
Fixes #28892
[1]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb#L80
[2]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/mime_negotiation.rb#L63
[3]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/parameters.rb#L58
[4]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/parameters.rb#L88
|
| |\ \
| |/
|/| |
Pass request params to ActionMailer::Preview
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
specified
Without this check, even if config is not specified, `ActionView::Helpers::FormHelper.form_with_generates_remote_forms`
always be set to nil and remote form not be generated.
Follow up to 128b804c6ce40fcbde744f294f8cb98654f6efec
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This configuration is not present in ActionView::Base so we can't let
the action_view.set_configs initializer set it.
Also add tests to make sure this config works.
Fixes #28824
|
| | |
| |
| |
| |
| | |
Raise error on the movement of migrations
when the current migration does not exist.
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
Clear active connections after initialization
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Any connections that were checked out during initialization should be
checked back in before the first request is processed, for two reasons:
- Returning the connection to the pool allows it to be health checked
before it's used again. If the connection dies before the first
request arrives, the health check will replace it with a new one.
- If the thread that initialized Rails is not the same thread that will
be performing work, checking in the connection will allow it to be
reused instead of being stuck to the initialization thread forever.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
With Rack::Test the headers needs to match the `HTTP_` format. The tests
were passing before because they are not asserting the response was a
cache hit.
|
| |\ \ \
| | | |
| | | | |
fix migrate with empty version
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add stronger assertions to rake migration tasks to make sure the user is providing a numeric VERSION
An empty string was getting converted to version = 0. This would in turn pass the presence check.
Address linting warning
Add test for rake task and refactor code to meet expectations
In particular passing VERSION=0 should not raise an error.
Addressed Comments for PR #28485. Trimmed empty lines + change of wording for error message
Adjust test for change of wording in error message
Change condition to follow rails idioms
|
| |/ / / |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
The code itself should not be in the ARGV vector.
Fixes #28515
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
These tests may be expansive so let's only allow users to run them
through `bin/rails test:system` or by passing a path to the `test`
command.
The same applies for `bin/rake test`.
Refs #28109.
|
| | |/
|/|
| |
| |
| |
| |
| |
| | |
If application has ajax, browser may begin request after rollback.
`teardown_fixtures` will be called after `super` on `after_teardown`
so we must call `Capybara.reset_sessions!` before `super`
https://github.com/rails/rails/blob/b61a56541aecd7ac685d4f19d943177a3f1b465a/activerecord/lib/active_record/fixtures.rb#L857
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Would have caught that the invoke changes broke rake delegation
behavior.
And we do ship the behavior so we should test it.
|
| | |
| |
| |
| |
| | |
Use a separate method called `resolve` for the custom polymorphic
mapping to clarify the API.
|
| | |
| |
| |
| |
| |
| | |
Using `undef_method` means that when a route is removed any other
implementations of that method in the ancestor chain are inaccessible
so instead use `remove_method` which restores access to the ancestor.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow the use of `direct` to specify custom mappings for polymorphic_url, e.g:
resource :basket
direct(class: "Basket") { [:basket] }
This will then generate the following:
>> link_to "Basket", @basket
=> <a href="/basket">Basket</a>
More importantly it will generate the correct url when used with `form_for`.
Fixes #1769.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow the definition of custom url helpers that will be available
automatically wherever standard url helpers are available. The
current solution is to create helper methods in ApplicationHelper
or some other helper module and this isn't a great solution since
the url helper module can be called directly or included in another
class which doesn't include the normal helper modules.
Reference #22512.
|
| |/
|
|
|
|
|
|
|
| |
```
Minitest.run_via[:rails] = true
```
👆 would break because a simple alias won't catch the second
true argument there.
|
| |
|
|
|
|
| |
These files are not using `strip_heredoc`.
Closes #27976
|
| |
|
|
|
|
|
| |
```
go get -u github.com/client9/misspell/cmd/misspell
misspell -w -error -source=text .
```
|
| |
|
|
|
|
|
| |
Replaces the rake_patterns instance variable with simple require, as
`autorun` will run tests from all eagerly required test files.
Fixes #27801
|
| |
|
|
|
|
|
|
| |
The raw_source method is documented as returning the exact value that
was used to create the body; mutating it breaks that contract.
Additionally, if the value used to create the body is blank, raw_source
returns a frozen string which causes the interceptor to raise an error.
|
| |\
| |
| | |
correctly check error message
|
| | |
| |
| |
| |
| |
| |
| | |
`assert_raise` does not check error message. However, in some tests,
it seems like expecting error message checking with `assert_raise`.
Instead of specifying an error message in `assert_raise`, modify to use
another assert to check the error message.
|
| |\ \
| | |
| | | |
add warnings option to test runner
|
| | | | |
|
| | |/
|/|
| |
| |
| |
| |
| |
| | |
This removes the following warnings.
```
test/application/bin_setup_test.rb:43: warning: ambiguous first argument; put parentheses or a space even after `/' operator
```
|
