kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity
rails--rails/actionmailbox
History
Brad Trick 880a1bedb9 Allow skip_forgery_protection if no protection set 
Calling `skip_forgery_protection` without first calling
`protect_from_forgery`--either manually or through default
settings--raises an `ArgumentError` because `verify_authenticity_token`
has not been defined as a callback.

Since Rails 7.0 adds `skip_forgery_protection` to the
`Rails::WelcomeController` (PR #42864), this behavior means that setting
`default_protect_from_forgery` to false and visiting the Rails Welcome
page (`/`) raises an error.

This behavior also created an issue for `ActionMailbox` that was
previously fixed in the Mailbox controller by running
`skip_forgery_protection` only if `default_protect_from_forgery` was
true (PR #35935).

This PR addresses the underlying issue by setting the `raise` option for
`skip_before_action` to default to false inside
`skip_forgery_protection`.

The fix is implemented in `request_forgery_protection.rb`. The change to
`ActionMailbox`'s `base_controller.rb` removes the now-unnecessary
check of `default_protect_from_forgery`.

The tests added in `request_forgery_protection_test.rb` and
`routing_test.rb` both raise an error when run against the current
codebase and pass with the changes noted above.
 		2022-02-27 21:58:42 -05:00
..
app Allow skip_forgery_protection if no protection set 2022-02-27 21:58:42 -05:00
bin
config Implement ActionMailbox incinerate in conductor 2021-06-24 15:35:56 -03:00
db/migrate
lib Cross-link API docs [ci-skip] 2022-02-21 11:45:25 -06:00
test Use dynamic Rails version in framework dummy apps 2021-12-08 11:31:49 -06:00
.gitignore Remove redundant .gitignore entries 2020-02-07 14:05:23 -06:00
CHANGELOG.md Start Rails 7.1 development 2021-12-07 15:52:30 +00:00
MIT-LICENSE Bump license years to 2022 [ci-skip] 2022-01-01 15:22:15 +09:00
README.md
Rakefile
actionmailbox.gemspec Temporarily add net-gems as dependencies of frameworks that use mail 2022-01-05 17:42:40 +00:00

README.md

Action Mailbox

Action Mailbox routes incoming emails to controller-like mailboxes for processing in Rails. It ships with ingresses for Mailgun, Mandrill, Postmark, and SendGrid. You can also handle inbound mails directly via the built-in Exim, Postfix, and Qmail ingresses.

The inbound emails are turned into InboundEmail records using Active Record and feature lifecycle tracking, storage of the original email on cloud storage via Active Storage, and responsible data handling with on-by-default incineration.

These inbound emails are routed asynchronously using Active Job to one or several dedicated mailboxes, which are capable of interacting directly with the rest of your domain model.

You can read more about Action Mailbox in the Action Mailbox Basics guide.

License

Action Mailbox is released under the MIT License.