Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
d0a74604
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
未验证
提交
d0a74604
编写于
5月 07, 2019
作者:
E
Eileen M. Uchitelle
提交者:
GitHub
5月 07, 2019
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #36196 from st0012/fix-29947
Hide malformed parameters from error page
上级
ffefb6d4
7b003081
变更
8
隐藏空白更改
内联
并排
Showing
8 changed file
with
53 addition
and
4 deletion
+53
-4
actionpack/CHANGELOG.md
actionpack/CHANGELOG.md
+4
-0
actionpack/lib/action_dispatch/middleware/debug_view.rb
actionpack/lib/action_dispatch/middleware/debug_view.rb
+8
-0
actionpack/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb
...ddleware/templates/rescues/_request_and_response.html.erb
+3
-1
actionpack/lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb
...ddleware/templates/rescues/_request_and_response.text.erb
+1
-1
actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb
...ispatch/middleware/templates/rescues/diagnostics.html.erb
+1
-1
actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb
...ispatch/middleware/templates/rescues/diagnostics.text.erb
+1
-1
actionpack/test/dispatch/debug_exceptions_test.rb
actionpack/test/dispatch/debug_exceptions_test.rb
+19
-0
railties/test/application/middleware/exceptions_test.rb
railties/test/application/middleware/exceptions_test.rb
+16
-0
未找到文件。
actionpack/CHANGELOG.md
浏览文件 @
d0a74604
*
Fix a bug where DebugExceptions throws an error when malformed query parameters are provided
*Yuki Nishijima*, *Stan Lo*
## Rails 6.0.0.rc1 (April 24, 2019) ##
*
Make system tests take a failed screenshot in a
`before_teardown`
hook
...
...
actionpack/lib/action_dispatch/middleware/debug_view.rb
浏览文件 @
d0a74604
...
...
@@ -56,5 +56,13 @@ def render(*)
def
protect_against_forgery?
false
end
def
params_valid?
begin
@request
.
parameters
rescue
ActionController
::
BadRequest
false
end
end
end
end
actionpack/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb
浏览文件 @
d0a74604
...
...
@@ -6,7 +6,9 @@
<%
end
%>
<h2
style=
"margin-top: 30px"
>
Request
</h2>
<p><b>
Parameters
</b>
:
</p>
<pre>
<%=
debug_params
(
@request
.
filtered_parameters
)
%>
</pre>
<%
if
params_valid?
%>
<p><b>
Parameters
</b>
:
</p>
<pre>
<%=
debug_params
(
@request
.
filtered_parameters
)
%>
</pre>
<%
end
%>
<div
class=
"details"
>
<div
class=
"summary"
><a
href=
"#"
onclick=
"return toggleSessionDump()"
>
Toggle session dump
</a></div>
...
...
actionpack/lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb
浏览文件 @
d0a74604
<%
clean_params
=
@request
.
filtered_parameters
.
clone
clean_params
=
params_valid?
?
@request
.
filtered_parameters
.
clone
:
{}
clean_params
.
delete
(
"action"
)
clean_params
.
delete
(
"controller"
)
...
...
actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb
浏览文件 @
d0a74604
<header>
<h1>
<%=
@exception
.
class
.
to_s
%>
<%
if
@request
.
parameters
[
'controller'
]
%>
<%
if
params_valid?
&&
@request
.
parameters
[
'controller'
]
%>
in
<%=
@request
.
parameters
[
'controller'
].
camelize
%>
Controller
<%
if
@request
.
parameters
[
'action'
]
%>
#
<%=
@request
.
parameters
[
'action'
]
%><%
end
%>
<%
end
%>
</h1>
...
...
actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb
浏览文件 @
d0a74604
<%=
@exception
.
class
.
to_s
%><%
if
@request
.
parameters
[
'controller'
]
if
params_valid?
&&
@request
.
parameters
[
'controller'
]
%>
in
<%=
@request
.
parameters
[
'controller'
].
camelize
%>
Controller
<%
if
@request
.
parameters
[
'action'
]
%>
#
<%=
@request
.
parameters
[
'action'
]
%><%
end
%>
<%
end
%>
...
...
actionpack/test/dispatch/debug_exceptions_test.rb
浏览文件 @
d0a74604
...
...
@@ -620,4 +620,23 @@ def call(env)
assert_select
'input[value="Action 2"]'
end
end
test
"debug exceptions app shows diagnostics when malformed query parameters are provided"
do
@app
=
DevelopmentApp
get
"/bad_request?x[y]=1&x[y][][w]=2"
assert_response
400
assert_match
"ActionController::BadRequest"
,
body
end
test
"debug exceptions app shows diagnostics when malformed query parameters are provided by XHR"
do
@app
=
DevelopmentApp
xhr_request_env
=
{
"action_dispatch.show_exceptions"
=>
true
,
"HTTP_X_REQUESTED_WITH"
=>
"XMLHttpRequest"
}
get
"/bad_request?x[y]=1&x[y][][w]=2"
,
headers:
xhr_request_env
assert_response
400
assert_match
"ActionController::BadRequest"
,
body
end
end
railties/test/application/middleware/exceptions_test.rb
浏览文件 @
d0a74604
...
...
@@ -136,5 +136,21 @@ def index
assert_match
(
/boooom/
,
last_response
.
body
)
assert_match
(
/測試テスト시험/
,
last_response
.
body
)
end
test
"displays diagnostics message when malformed query parameters are provided"
do
controller
:foo
,
<<-
RUBY
class FooController < ActionController::Base
def index
end
end
RUBY
app
.
config
.
action_dispatch
.
show_exceptions
=
true
app
.
config
.
consider_all_requests_local
=
true
get
"/foo?x[y]=1&x[y][][w]=2"
assert_equal
400
,
last_response
.
status
assert_match
"Invalid query parameters"
,
last_response
.
body
end
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录