kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/actionpack/test/dispatch
History
Chris Bisnett 1f767407cb Add request exclusion to Host Authorization 
In the same way that requests may need to be excluded from forced SSL,
requests may also need to be excluded from the Host Authorization
checks. By providing this additional flexibility more applications
will be able to enable Host Authorization while excluding requests
that may not conform. For example, AWS Classic Load Balancers don't
provide a Host header and cannot be configured to send one. This means
that Host Authorization must be disabled to use the health check
provided by the load balancer. This change will allow an application
to exclude the health check requests from the Host Authorization
requirements.

I've modified the `ActionDispatch::HostAuthorization` middleware to
accept arguments in a similar way to `ActionDispatch::SSL`. The hosts
configuration setting still exists separately as does the
hosts_response_app but I've tried to group the Host Authorization
settings like the ssl_options. It may make sense to deprecate the
global hosts_response_app if it's only used as part of the Host
Authorization failure response. I've also updated the existing tests
as the method signature changed and added new tests to verify the
exclusion functionality.
2020-11-02 20:16:29 +00:00
..
request Add ability to set per param encoding 2020-10-26 11:26:29 -07:00
routing Allow tests to run without a TTY 2019-08-14 10:52:21 -07:00
session Handle port-less $MEMCACHE_SERVERS in MemCacheStore tests 2020-10-20 22:32:22 -04:00
system_testing Load selenium/webdriver only if needed 2020-05-07 15:53:32 +03:00
actionable_exceptions_test.rb Only allow ActionableErrors if show_detailed_exceptions is enabled 2020-06-17 07:59:57 -07:00
callbacks_test.rb
content_disposition_test.rb Escape # in RFC 5987 pattern 2020-08-31 10:31:30 -04:00
content_security_policy_test.rb
cookies_test.rb Allow a proc to be used in addition to a static value for cookies_same_site_protection 2020-08-25 14:33:48 -04:00
debug_exceptions_test.rb Don't log backtrace for ActionDispatch::Http::MimeNegotiation::InvalidType 2020-10-07 17:30:07 +00:00
debug_locks_test.rb
exception_wrapper_test.rb Address all possible Performance/StartWith / Performance/EndWith violations 2019-11-14 03:20:29 +09:00
executor_test.rb
feature_policy_test.rb
header_test.rb
host_authorization_test.rb Add request exclusion to Host Authorization 2020-11-02 20:16:29 +00:00
live_response_test.rb allow for only no-store in cache-control header 2020-10-07 10:33:38 +08:00
mapper_test.rb
middleware_stack_test.rb Delayed middleware delete does not allow move operations 2020-01-08 11:30:02 +02:00
mime_type_test.rb allow parameter delimiter without space 2020-02-07 14:43:35 -08:00
mount_test.rb
prefix_generation_test.rb Fix Ruby 2.7 keyword arguments warning 2020-05-11 15:33:08 -05:00
rack_cache_test.rb
reloader_test.rb
request_id_test.rb Fix tests with Ruby 3 2020-10-30 02:20:04 +00:00
request_test.rb Remove deprecated ActionDispatch::Http::ParameterFilter 2020-10-30 00:25:10 +00:00
response_test.rb Change ActionDispatch::Response#content_type to return the full Content-Type header 2020-10-30 00:25:49 +00:00
routing_assertions_test.rb Fix assert_recognizes on mounted root routes. 2020-08-10 16:59:52 -04:00
routing_test.rb avoid calling custom_encoding_for when unused 2020-10-27 10:42:41 -07:00
runner_test.rb
show_exceptions_test.rb Raise more specific exception for invalid mime type from user-agent 2020-10-07 11:49:56 -04:00
ssl_test.rb Change default HTTP status to 308 for ActionDispatch::SSL. 2020-07-06 14:51:24 +08:00
static_test.rb Allow rails to serve brotli encoded assets 2020-06-01 08:57:02 -07:00
test_request_test.rb
test_response_test.rb
uploaded_file_test.rb
url_generation_test.rb Heed config.force_ssl when building URL 2020-04-05 18:19:31 -05:00