1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/actionpack/test/fixtures/public
schneems 0b1a87f73c Refactor out Dir.glob from ActionDispatch::Static
Dir.glob can be a security concern. The original use was to provide logic of fallback files. Example a request to `/` should render the file from `/public/index.html`. We can replace the dir glob with the specific logic it represents. The glob {,index,index.html} will look for the current path, then in the directory of the path with index file and then in the directory of the path with index.html. This PR replaces the glob logic by manually checking each potential match. Best case scenario this results in one less file API request, worst case, this has one more file API request.

Related to #16464

Update: added a test for when a file of a given name (`public/bar.html` and a directory `public/bar` both exist in the same root directory. Changed logic to accommodate this scenario.
2014-08-27 13:03:08 -05:00
..
bar Refactor out Dir.glob from ActionDispatch::Static 2014-08-27 13:03:08 -05:00
foo Respect absolute paths in compute_source_path. 2012-06-16 18:06:15 +02:00
gzip Address comments on Gzip implementation 2014-08-24 15:58:16 -05:00
400.html failure to parse params should trigger a 400 Bad Request 2013-03-21 14:23:46 -04:00
404.html
500.da.html Added localized rescue (404.da.html) [#1835 state:committed] 2009-02-02 17:56:22 +01:00
500.html
bar.html Refactor out Dir.glob from ActionDispatch::Static 2014-08-27 13:03:08 -05:00
index.html Move Rails::Static into ActionDispatch 2009-09-26 11:37:42 -05:00