2004-11-23 20:04:44 -05:00
|
|
|
require 'action_controller/cgi_ext/cgi_ext'
|
2004-12-29 16:07:50 -05:00
|
|
|
require 'action_controller/cgi_ext/cookie_performance_fix'
|
2005-01-25 06:15:26 -05:00
|
|
|
require 'action_controller/cgi_ext/raw_post_data_fix'
|
2004-11-23 20:04:44 -05:00
|
|
|
require 'action_controller/session/drb_store'
|
2005-01-10 19:29:55 -05:00
|
|
|
require 'action_controller/session/mem_cache_store'
|
2005-07-04 14:30:22 -04:00
|
|
|
if Object.const_defined?(:ActiveRecord)
|
|
|
|
|
require 'action_controller/session/active_record_store'
|
|
|
|
|
end
|
2004-11-23 20:04:44 -05:00
|
|
|
|
|
|
|
|
module ActionController #:nodoc:
|
|
|
|
|
class Base
|
|
|
|
|
# Process a request extracted from an CGI object and return a response. Pass false as <tt>session_options</tt> to disable
|
|
|
|
|
# sessions (large performance increase if sessions are not needed). The <tt>session_options</tt> are the same as for CGI::Session:
|
|
|
|
|
#
|
|
|
|
|
# * <tt>:database_manager</tt> - standard options are CGI::Session::FileStore, CGI::Session::MemoryStore, and CGI::Session::PStore
|
|
|
|
|
# (default). Additionally, there is CGI::Session::DRbStore and CGI::Session::ActiveRecordStore. Read more about these in
|
|
|
|
|
# lib/action_controller/session.
|
|
|
|
|
# * <tt>:session_key</tt> - the parameter name used for the session id. Defaults to '_session_id'.
|
|
|
|
|
# * <tt>:session_id</tt> - the session id to use. If not provided, then it is retrieved from the +session_key+ parameter
|
|
|
|
|
# of the request, or automatically generated for a new session.
|
|
|
|
|
# * <tt>:new_session</tt> - if true, force creation of a new session. If not set, a new session is only created if none currently
|
|
|
|
|
# exists. If false, a new session is never created, and if none currently exists and the +session_id+ option is not set,
|
|
|
|
|
# an ArgumentError is raised.
|
|
|
|
|
# * <tt>:session_expires</tt> - the time the current session expires, as a +Time+ object. If not set, the session will continue
|
|
|
|
|
# indefinitely.
|
|
|
|
|
# * <tt>:session_domain</tt> - the hostname domain for which this session is valid. If not set, defaults to the hostname of the
|
|
|
|
|
# server.
|
|
|
|
|
# * <tt>:session_secure</tt> - if +true+, this session will only work over HTTPS.
|
|
|
|
|
# * <tt>:session_path</tt> - the path for which this session applies. Defaults to the directory of the CGI script.
|
|
|
|
|
def self.process_cgi(cgi = CGI.new, session_options = {})
|
|
|
|
|
new.process_cgi(cgi, session_options)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def process_cgi(cgi, session_options = {}) #:nodoc:
|
|
|
|
|
process(CgiRequest.new(cgi, session_options), CgiResponse.new(cgi)).out
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
class CgiRequest < AbstractRequest #:nodoc:
|
|
|
|
|
attr_accessor :cgi
|
|
|
|
|
|
2005-07-04 14:30:22 -04:00
|
|
|
DEFAULT_SESSION_OPTIONS = {
|
|
|
|
|
:database_manager => CGI::Session::PStore,
|
|
|
|
|
:prefix => "ruby_sess.",
|
|
|
|
|
:session_path => "/"
|
|
|
|
|
} unless const_defined?(:DEFAULT_SESSION_OPTIONS)
|
2004-11-23 20:04:44 -05:00
|
|
|
|
|
|
|
|
def initialize(cgi, session_options = {})
|
|
|
|
|
@cgi = cgi
|
|
|
|
|
@session_options = session_options
|
|
|
|
|
super()
|
|
|
|
|
end
|
|
|
|
|
|
2005-02-14 20:45:35 -05:00
|
|
|
def query_string
|
|
|
|
|
return @cgi.query_string unless @cgi.query_string.nil? || @cgi.query_string.empty?
|
2005-04-18 11:43:07 -04:00
|
|
|
unless env['REQUEST_URI'].nil?
|
|
|
|
|
parts = env['REQUEST_URI'].split('?')
|
|
|
|
|
else
|
|
|
|
|
return env['QUERY_STRING'] || ''
|
|
|
|
|
end
|
2005-02-14 20:45:35 -05:00
|
|
|
parts.shift
|
|
|
|
|
return parts.join('?')
|
|
|
|
|
end
|
|
|
|
|
|
2004-11-23 20:04:44 -05:00
|
|
|
def query_parameters
|
2005-02-14 20:45:35 -05:00
|
|
|
qs = self.query_string
|
|
|
|
|
qs.empty? ? {} : CGIMethods.parse_query_parameters(query_string)
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def request_parameters
|
2005-05-20 14:32:04 -04:00
|
|
|
if formatted_post?
|
|
|
|
|
CGIMethods.parse_formatted_request_parameters(post_format, env['RAW_POST_DATA'])
|
2005-05-14 04:36:19 -04:00
|
|
|
else
|
|
|
|
|
CGIMethods.parse_request_parameters(@cgi.params)
|
|
|
|
|
end
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def env
|
|
|
|
|
@cgi.send(:env_table)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def cookies
|
|
|
|
|
@cgi.cookies.freeze
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def host
|
2005-01-10 19:15:02 -05:00
|
|
|
env["HTTP_X_FORWARDED_HOST"] || @cgi.host.to_s.split(":").first
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def session
|
|
|
|
|
return @session unless @session.nil?
|
|
|
|
|
begin
|
2004-12-12 07:43:48 -05:00
|
|
|
@session = (@session_options == false ? {} : CGI::Session.new(@cgi, session_options_with_string_keys))
|
2004-11-23 20:04:44 -05:00
|
|
|
@session["__valid_session"]
|
|
|
|
|
return @session
|
|
|
|
|
rescue ArgumentError => e
|
|
|
|
|
@session.delete if @session
|
|
|
|
|
raise(
|
|
|
|
|
ActionController::SessionRestoreError,
|
|
|
|
|
"Session contained objects where the class definition wasn't available. " +
|
|
|
|
|
"Remember to require classes for all objects kept in the session. " +
|
2005-03-03 18:05:16 -05:00
|
|
|
"The session has been deleted. (Original exception: #{e.message} [#{e.class}])"
|
2004-11-23 20:04:44 -05:00
|
|
|
)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def reset_session
|
|
|
|
|
@session.delete
|
|
|
|
|
@session = (@session_options == false ? {} : new_session)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def method_missing(method_id, *arguments)
|
|
|
|
|
@cgi.send(method_id, *arguments) rescue super
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
def new_session
|
2004-12-21 05:47:02 -05:00
|
|
|
CGI::Session.new(@cgi, session_options_with_string_keys.merge("new_session" => true))
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
2004-12-12 07:43:48 -05:00
|
|
|
|
|
|
|
|
def session_options_with_string_keys
|
|
|
|
|
DEFAULT_SESSION_OPTIONS.merge(@session_options).inject({}) { |options, pair| options[pair.first.to_s] = pair.last; options }
|
|
|
|
|
end
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
class CgiResponse < AbstractResponse #:nodoc:
|
|
|
|
|
def initialize(cgi)
|
|
|
|
|
@cgi = cgi
|
|
|
|
|
super()
|
|
|
|
|
end
|
|
|
|
|
|
2005-06-22 08:59:36 -04:00
|
|
|
def out(output = $stdout)
|
2004-11-23 20:04:44 -05:00
|
|
|
convert_content_type!(@headers)
|
2005-06-22 08:59:36 -04:00
|
|
|
output.binmode if output.respond_to?(:binmode)
|
|
|
|
|
output.sync = false if output.respond_to?(:sync=)
|
2005-03-03 18:12:57 -05:00
|
|
|
|
|
|
|
|
begin
|
2005-06-22 08:59:36 -04:00
|
|
|
output.write(@cgi.header(@headers))
|
2004-12-07 05:50:26 -05:00
|
|
|
|
2005-03-03 18:12:57 -05:00
|
|
|
if @cgi.send(:env_table)['REQUEST_METHOD'] == 'HEAD'
|
|
|
|
|
return
|
|
|
|
|
elsif @body.respond_to?(:call)
|
|
|
|
|
@body.call(self)
|
|
|
|
|
else
|
2005-06-22 08:59:36 -04:00
|
|
|
output.write(@body)
|
2005-03-03 18:12:57 -05:00
|
|
|
end
|
2005-06-27 05:35:09 -04:00
|
|
|
|
|
|
|
|
output.flush if output.respond_to?(:flush)
|
2005-03-03 18:12:57 -05:00
|
|
|
rescue Errno::EPIPE => e
|
|
|
|
|
# lost connection to the FCGI process -- ignore the output, then
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
def convert_content_type!(headers)
|
2004-12-07 05:50:26 -05:00
|
|
|
%w( Content-Type Content-type content-type ).each do |ct|
|
|
|
|
|
if headers[ct]
|
|
|
|
|
headers["type"] = headers[ct]
|
|
|
|
|
headers.delete(ct)
|
|
|
|
|
end
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
