kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Switch use of Rack::Request to ActionDispatch::Request

Browse source 
As mentioned in
https://gitlab.com/gitlab-org/gitlab-ee/issues/9035#note_129093444,
Rails 5 switched ActionDispatch::Request so that it no longer inherits
Rack::Request directly. A middleware that uses Rack::Request to
read the environment may see stale request parameters if
another middleware modifies the environment via ActionDispatch::Request.
To be safe, we should be using ActionDispatch::Request everywhere.
This commit is contained in:
Stan Hu 2019-01-07 00:35:53 -08:00
parent b83be50327
commit aff2b6e4eb
9 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/api/helpers.rb
View file

@ -512,7 +512,7 @@ module API
# `request`. We workaround this by defining methods that returns the right
# values.
def define_params_for_grape_middleware
self.define_singleton_method(:request) { Rack::Request.new(env) }
self.define_singleton_method(:request) { ActionDispatch::Request.new(env) }
self.define_singleton_method(:params) { request.params.symbolize_keys }
end

2
lib/gitlab/etag_caching/middleware.rb
View file

@ -8,7 +8,7 @@ module Gitlab
end
def call(env)
request = Rack::Request.new(env)
request = ActionDispatch::Request.new(env)
route = Gitlab::EtagCaching::Router.match(request.path_info)
return @app.call(env) unless route

2
lib/gitlab/middleware/basic_health_check.rb
View file

@ -24,7 +24,7 @@ module Gitlab
def call(env)
return @app.call(env) unless env['PATH_INFO'] == HEALTH_PATH
request = Rack::Request.new(env)
request = ActionDispatch::Request.new(env)
return OK_RESPONSE if client_ip_whitelisted?(request)

2
lib/gitlab/middleware/read_only/controller.rb
View file

@ -60,7 +60,7 @@ module Gitlab
end
def request
@env['rack.request'] ||= Rack::Request.new(@env)
@env['actionpack.request'] ||= ActionDispatch::Request.new(@env)
end
def last_visited_url

2
lib/gitlab/request_context.rb
View file

@ -13,7 +13,7 @@ module Gitlab
end
def call(env)
req = Rack::Request.new(env)
req = ActionDispatch::Request.new(env)
Gitlab::SafeRequestStore[:client_ip] = req.ip

2
spec/lib/gitlab/auth/user_auth_finders_spec.rb
View file

@ -9,7 +9,7 @@ describe Gitlab::Auth::UserAuthFinders do
'rack.input' => ''
}
end
let(:request) { Rack::Request.new(env) }
let(:request) { ActionDispatch::Request.new(env) }
def set_param(key, value)
request.update_param(key, value)

2
spec/lib/gitlab/request_context_spec.rb
View file

@ -15,7 +15,7 @@ describe Gitlab::RequestContext do
let(:ip) { '192.168.1.11' }
before do
allow_any_instance_of(Rack::Request).to receive(:ip).and_return(ip)
allow_any_instance_of(ActionDispatch::Request).to receive(:ip).and_return(ip)
described_class.new(app).call(env)
end

2
spec/lib/omni_auth/strategies/jwt_spec.rb
View file

@ -25,6 +25,8 @@ describe OmniAuth::Strategies::Jwt do
subject.options[:secret] = secret
subject.options[:algorithm] = algorithm
# We use Rack::Request instead of ActionDispatch::Request because
# Rack::Test::Methods enables testing of this module.
expect_next_instance_of(Rack::Request) do |rack_request|
expect(rack_request).to receive(:params).and_return('jwt' => payload)
end

4
spec/requests/git_http_spec.rb
View file

@ -387,7 +387,7 @@ describe 'Git HTTP requests' do
it "responds with status 401" do
expect(Rack::Attack::Allow2Ban).to receive(:filter).and_return(true)
allow_any_instance_of(Rack::Request).to receive(:ip).and_return('1.2.3.4')
allow_any_instance_of(ActionDispatch::Request).to receive(:ip).and_return('1.2.3.4')
clone_get(path, env)
@ -548,7 +548,7 @@ describe 'Git HTTP requests' do
maxretry = options[:maxretry] - 1
ip = '1.2.3.4'
allow_any_instance_of(Rack::Request).to receive(:ip).and_return(ip)
allow_any_instance_of(ActionDispatch::Request).to receive(:ip).and_return(ip)
Rack::Attack::Allow2Ban.reset(ip, options)
maxretry.times.each do