aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/http/response.rb
blob: 3e3b47317822ad65fa5adee7acf8a3cdcd248722 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
require 'digest/md5'
require 'active_support/core_ext/module/delegation'

module ActionDispatch # :nodoc:
  # Represents an HTTP response generated by a controller action. One can use
  # an ActionDispatch::Response object to retrieve the current state
  # of the response, or customize the response. An Response object can
  # either represent a "real" HTTP response (i.e. one that is meant to be sent
  # back to the web browser) or a test response (i.e. one that is generated
  # from integration tests). See CgiResponse and TestResponse, respectively.
  #
  # Response is mostly a Ruby on Rails framework implement detail, and
  # should never be used directly in controllers. Controllers should use the
  # methods defined in ActionController::Base instead. For example, if you want
  # to set the HTTP response's content MIME type, then use
  # ActionControllerBase#headers instead of Response#headers.
  #
  # Nevertheless, integration tests may want to inspect controller responses in
  # more detail, and that's when Response can be useful for application
  # developers. Integration test methods such as
  # ActionDispatch::Integration::Session#get and
  # ActionDispatch::Integration::Session#post return objects of type
  # TestResponse (which are of course also of type Response).
  #
  # For example, the following demo integration "test" prints the body of the
  # controller response to the console:
  #
  #  class DemoControllerTest < ActionDispatch::IntegrationTest
  #    def test_print_root_path_to_console
  #      get('/')
  #      puts @response.body
  #    end
  #  end
  class Response < Rack::Response
    attr_accessor :request, :blank
    attr_reader :cache_control

    attr_writer :header, :sending_file
    alias_method :headers=, :header=

    def initialize
      @status = 200
      @header = {}
      @cache_control = {}

      @writer = lambda { |x| @body << x }
      @block = nil
      @length = 0

      @body, @cookie = [], []
      @sending_file = false

      yield self if block_given?
    end

    def cache_control
      @cache_control ||= {}
    end

    def write(str)
      s = str.to_s
      @writer.call s
      str
    end

    def status=(status)
      @status = status.to_i
    end

    # The response code of the request
    def response_code
      @status
    end

    # Returns a String to ensure compatibility with Net::HTTPResponse
    def code
      @status.to_s
    end

    def message
      StatusCodes::STATUS_CODES[@status]
    end
    alias_method :status_message, :message

    def body
      str = ''
      each { |part| str << part.to_s }
      str
    end

    EMPTY = " "

    def body=(body)
      @blank = true if body == EMPTY
      @body = body.respond_to?(:to_str) ? [body] : body
    end

    def body_parts
      @body
    end

    def location
      headers['Location']
    end
    alias_method :redirect_url, :location

    def location=(url)
      headers['Location'] = url
    end

    # Sets the HTTP response's content MIME type. For example, in the controller
    # you could write this:
    #
    #  response.content_type = "text/plain"
    #
    # If a character set has been defined for this response (see charset=) then
    # the character set information will also be included in the content type
    # information.
    attr_accessor :charset, :content_type

    def last_modified
      if last = headers['Last-Modified']
        Time.httpdate(last)
      end
    end

    def last_modified?
      headers.include?('Last-Modified')
    end

    def last_modified=(utc_time)
      headers['Last-Modified'] = utc_time.httpdate
    end

    def etag
      @etag
    end

    def etag?
      @etag
    end

    def etag=(etag)
      key = ActiveSupport::Cache.expand_cache_key(etag)
      @etag = %("#{Digest::MD5.hexdigest(key)}")
    end

    CONTENT_TYPE    = "Content-Type"

    cattr_accessor(:default_charset) { "utf-8" }

    def assign_default_content_type_and_charset!
      return if headers[CONTENT_TYPE].present?

      @content_type ||= Mime::HTML
      @charset      ||= self.class.default_charset

      type = @content_type.to_s.dup
      type << "; charset=#{@charset}" unless @sending_file

      headers[CONTENT_TYPE] = type
    end

    def to_a
      assign_default_content_type_and_charset!
      handle_conditional_get!
      self["Set-Cookie"] = @cookie.join("\n")
      self["ETag"]       = @etag if @etag
      super
    end

    alias prepare! to_a

    def each(&callback)
      if @body.respond_to?(:call)
        @writer = lambda { |x| callback.call(x) }
        @body.call(self, self)
      else
        @body.each { |part| callback.call(part.to_s) }
      end

      @writer = callback
      @block.call(self) if @block
    end

    def write(str)
      str = str.to_s
      @writer.call str
      str
    end

    # Returns the response cookies, converted to a Hash of (name => value) pairs
    #
    #   assert_equal 'AuthorOfNewPage', r.cookies['author']
    def cookies
      cookies = {}
      if header = @cookie
        header = header.split("\n") if header.respond_to?(:to_str)
        header.each do |cookie|
          if pair = cookie.split(';').first
            key, value = pair.split("=").map { |v| Rack::Utils.unescape(v) }
            cookies[key] = value
          end
        end
      end
      cookies
    end

    def set_cookie(key, value)
      case value
      when Hash
        domain  = "; domain="  + value[:domain]    if value[:domain]
        path    = "; path="    + value[:path]      if value[:path]
        # According to RFC 2109, we need dashes here.
        # N.B.: cgi.rb uses spaces...
        expires = "; expires=" + value[:expires].clone.gmtime.
          strftime("%a, %d-%b-%Y %H:%M:%S GMT")    if value[:expires]
        secure = "; secure"  if value[:secure]
        httponly = "; HttpOnly" if value[:httponly]
        value = value[:value]
      end
      value = [value]  unless Array === value
      cookie = Rack::Utils.escape(key) + "=" +
        value.map { |v| Rack::Utils.escape v }.join("&") +
        "#{domain}#{path}#{expires}#{secure}#{httponly}"

      @cookie << cookie
    end

    def delete_cookie(key, value={})
      @cookie.reject! { |cookie|
        cookie =~ /\A#{Rack::Utils.escape(key)}=/
      }

      set_cookie(key,
                 {:value => '', :path => nil, :domain => nil,
                   :expires => Time.at(0) }.merge(value))
    end

    private
      def handle_conditional_get!
        if etag? || last_modified? || !@cache_control.empty?
          set_conditional_cache_control!
        elsif nonempty_ok_response?
          self.etag = @body

          if request && request.etag_matches?(etag)
            self.status = 304
            self.body = []
          end

          set_conditional_cache_control!
        else
          headers["Cache-Control"] = "no-cache"
        end
      end

      def nonempty_ok_response?
        @status == 200 && string_body?
      end

      def string_body?
        !@blank && @body.respond_to?(:all?) && @body.all? { |part| part.is_a?(String) }
      end

      DEFAULT_CACHE_CONTROL = "max-age=0, private, must-revalidate"

      def set_conditional_cache_control!
        control = @cache_control

        if control.empty?
          headers["Cache-Control"] = DEFAULT_CACHE_CONTROL
        else
          extras  = control[:extras]
          max_age = control[:max_age]

          options = []
          options << "max-age=#{max_age}" if max_age
          options << (control[:public] ? "public" : "private")
          options << "must-revalidate" if control[:must_revalidate]
          options.concat(extras) if extras

          headers["Cache-Control"] = options.join(", ")
        end

      end
  end
end