diff options
| author | Maxwell Salzberg <maxwell@joindiaspora.com> | 2012-04-04 10:54:20 +0400 |
|---|---|---|
| committer | Maxwell Salzberg <maxwell@joindiaspora.com> | 2012-05-15 08:53:16 +0400 |
| commit | ab2e740ca2e716bc0f48e6be1f82b3da9b8398dd (patch) | |
| tree | 75a01147433839be87825fa99efd5e58f45a47d3 | |
| parent | 4d58940e519036a3ce4471128396ece768bdea53 (diff) | |
upgrade to Rails 3.2.3
| -rw-r--r-- | Gemfile | 11 | ||||
| -rw-r--r-- | Gemfile.lock | 187 | ||||
| -rw-r--r-- | app/controllers/notifications_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/posts_controller.rb | 4 | ||||
| -rw-r--r-- | app/models/notification.rb | 6 | ||||
| -rw-r--r-- | app/models/post.rb | 1 | ||||
| -rw-r--r-- | app/views/admins/correlations.haml | 2 | ||||
| -rw-r--r-- | app/views/admins/stats.html.haml | 2 | ||||
| -rw-r--r-- | app/views/admins/user_search.html.haml | 2 | ||||
| -rw-r--r-- | app/views/admins/weekly_user_stats.haml | 2 | ||||
| -rw-r--r-- | app/views/home/show.mobile.haml | 2 | ||||
| -rw-r--r-- | app/views/publics/webfinger.erb | 2 | ||||
| -rw-r--r-- | config/environments/development.rb | 12 | ||||
| -rw-r--r-- | config/environments/test.rb | 5 | ||||
| -rw-r--r-- | config/initializers/omniauth.rb | 10 | ||||
| -rw-r--r-- | lib/diaspora/encryptable.rb | 2 | ||||
| -rw-r--r-- | lib/encryptor.rb | 8 | ||||
| -rw-r--r-- | lib/postzord/dispatcher.rb | 2 | ||||
| -rw-r--r-- | lib/rack/fixed_request.rb | 340 | ||||
| -rw-r--r-- | lib/salmon/salmon.rb | 2 | ||||
| -rw-r--r-- | spec/lib/diaspora/encryptable_spec.rb | 2 |
21 files changed, 139 insertions, 467 deletions
@@ -3,11 +3,12 @@ source 'http://rubygems.org' gem 'bundler', '> 1.1.0' ruby '1.9.3' if ENV['HEROKU'] -gem 'rails', '3.1.4' -gem 'rails_autolink' +gem 'rails', '3.2.3' + gem 'foreman', '0.41' gem 'whenever' +gem 'rails_autolink' gem 'thin', '~> 1.3.1', :require => false # cross-origin resource sharing @@ -21,7 +22,7 @@ gem 'jwt' gem 'oauth2-provider', '0.0.19' gem 'remotipart', '~> 1.0' -gem 'omniauth', '1.0.1' +gem 'omniauth', '1.0.3' gem 'omniauth-facebook' gem 'omniauth-tumblr' gem 'omniauth-twitter' @@ -112,8 +113,8 @@ gem 'gon' # assets group :assets do - gem 'sass-rails', '3.1.4' gem 'bootstrap-sass', '~> 2.0.2' + gem 'sass-rails', '3.2.5' # Windows and OSX have an execjs compatible runtime built-in, Linux users should # install Node.js or use 'therubyracer'. @@ -186,8 +187,6 @@ group :development do gem 'parallel_tests', :require => false gem 'yard', :require => false - # rails 3.2 goodness - gem 'active_reload' # for tracing AR object instantiation and memory usage per request gem 'oink' diff --git a/Gemfile.lock b/Gemfile.lock index bcdfb804a..00d21b963 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -15,9 +15,9 @@ GIT GIT remote: git://github.com/diaspora/diaspora-client.git - revision: 99dd3728172834b01e2acae0604fe3865456d969 + revision: 86bd398a60320e06d9b8f9c865955dfe2df851db specs: - diaspora-client (0.1.2) + diaspora-client (0.1.3.1) activerecord em-http-request em-synchrony @@ -29,10 +29,10 @@ GIT GIT remote: git://github.com/pivotal/jasmine-gem.git - revision: c72e8d248d49a1ebe53f31a09ac511194ad4edf1 + revision: 1e075fbf5a69812fcc914c453f002ecf5bed38ab specs: - jasmine (1.2.0.rc3) - jasmine-core (>= 1.2.0.rc3) + jasmine (1.2.0) + jasmine-core (>= 1.2.0) rack (~> 1.0) rspec (>= 1.3.1) selenium-webdriver (>= 0.1.3) @@ -41,41 +41,39 @@ GEM remote: http://rubygems.org/ specs: SystemTimer (1.2.3) - actionmailer (3.1.4) - actionpack (= 3.1.4) - mail (~> 2.3.0) - actionpack (3.1.4) - activemodel (= 3.1.4) - activesupport (= 3.1.4) + actionmailer (3.2.3) + actionpack (= 3.2.3) + mail (~> 2.4.4) + actionpack (3.2.3) + activemodel (= 3.2.3) + activesupport (= 3.2.3) builder (~> 3.0.0) erubis (~> 2.7.0) - i18n (~> 0.6) - rack (~> 1.3.6) - rack-cache (~> 1.1) - rack-mount (~> 0.8.2) + journey (~> 1.0.1) + rack (~> 1.4.0) + rack-cache (~> 1.2) rack-test (~> 0.6.1) - sprockets (~> 2.0.3) - active_reload (0.6.1) - activemodel (3.1.4) - activesupport (= 3.1.4) + sprockets (~> 2.1.2) + activemodel (3.2.3) + activesupport (= 3.2.3) builder (~> 3.0.0) - i18n (~> 0.6) - activerecord (3.1.4) - activemodel (= 3.1.4) - activesupport (= 3.1.4) - arel (~> 2.2.3) + activerecord (3.2.3) + activemodel (= 3.2.3) + activesupport (= 3.2.3) + arel (~> 3.0.2) tzinfo (~> 0.3.29) activerecord-import (0.2.9) activerecord (~> 3.0) activerecord (~> 3.0) - activeresource (3.1.4) - activemodel (= 3.1.4) - activesupport (= 3.1.4) - activesupport (3.1.4) + activeresource (3.2.3) + activemodel (= 3.2.3) + activesupport (= 3.2.3) + activesupport (3.2.3) + i18n (~> 0.6) multi_json (~> 1.0) acts-as-taggable-on (2.2.2) rails (~> 3.0) - acts_as_api (0.3.11) + acts_as_api (0.4) activemodel (>= 3.0.0) activesupport (>= 3.0.0) rack (>= 1.1.0) @@ -83,15 +81,15 @@ GEM airbrake (3.0.9) activesupport builder - arel (2.2.3) - asset_sync (0.3.1) + arel (3.0.2) + asset_sync (0.4.1) activemodel fog bbenezech-nested_form (0.0.6) bcrypt-ruby (3.0.1) bootstrap-sass (2.0.3) builder (3.0.0) - capistrano (2.9.0) + capistrano (2.12.0) highline net-scp (>= 1.0.0) net-sftp (>= 2.0.0) @@ -114,9 +112,9 @@ GEM ffi (~> 1.0.6) chronic (0.6.7) client_side_validations (3.1.4) - coffee-rails (3.1.1) + coffee-rails (3.2.2) coffee-script (>= 2.2.0) - railties (~> 3.1.0) + railties (~> 3.2.0) coffee-script (2.2.0) coffee-script-source execjs @@ -124,12 +122,11 @@ GEM columnize (0.3.6) cookiejar (0.3.0) crack (0.3.1) - cucumber (1.1.9) + cucumber (1.2.0) builder (>= 2.1.2) - diff-lcs (>= 1.1.2) - gherkin (~> 2.9.0) + diff-lcs (>= 1.1.3) + gherkin (~> 2.10.0) json (>= 1.4.6) - term-ansicolor (>= 1.0.6) cucumber-rails (1.3.0) capybara (>= 1.1.2) cucumber (>= 1.1.8) @@ -154,13 +151,13 @@ GEM em-socksify eventmachine (>= 1.0.0.beta.4) http_parser.rb (>= 0.5.3) - em-socksify (0.1.0) - eventmachine + em-socksify (0.2.0) + eventmachine (>= 1.0.0.beta.4) em-synchrony (1.0.0) eventmachine (>= 1.0.0.beta.1) erubis (2.7.0) eventmachine (1.0.0.beta.4) - excon (0.13.2) + excon (0.13.4) execjs (1.3.2) multi_json (~> 1.0) factory_girl (2.6.4) @@ -190,7 +187,7 @@ GEM net-ssh (>= 2.1.3) nokogiri (~> 1.5.0) ruby-hmac - foreigner (1.1.5) + foreigner (1.1.6) activerecord (>= 3.0.0) foreman (0.41.0) thor (>= 0.13.6) @@ -200,37 +197,41 @@ GEM rspec-instafail (~> 0.2.0) ruby-progressbar (~> 0.0.10) gem_plugin (0.2.3) - gherkin (2.9.3) + gherkin (2.10.0) json (>= 1.4.6) gon (3.0.2) actionpack (>= 2.3.0) json - guard (1.0.1) + guard (1.0.3) ffi (>= 0.5.0) - thor (~> 0.14.6) - guard-cucumber (0.7.5) - cucumber (>= 0.10) + thor (>= 0.14.6) + guard-cucumber (0.8.0) + cucumber (>= 1.2.0) guard (>= 0.8.3) - guard-rspec (0.7.0) + guard-rspec (0.7.2) guard (>= 0.10.0) - guard-spork (0.5.2) + guard-spork (0.8.0) guard (>= 0.10.0) spork (>= 0.8.4) haml (3.1.5) - handlebars_assets (0.4.1) + handlebars_assets (0.4.4) execjs (>= 1.2.9) sprockets (>= 2.0.3) tilt hashie (1.2.0) - heroku (2.23.0) + heroku (2.25.0) launchy (>= 0.3.2) netrc (~> 0.7.1) rest-client (~> 1.6.1) rubyzip - heroku_san (2.1.1) + heroku-api (0.1.6) + excon (~> 0.13.3) + heroku_san (3.0.0) + activesupport heroku (>= 2) + heroku-api (>= 0.1.2) rake - highline (1.6.11) + highline (1.6.12) hike (1.2.1) hodel_3000_compliant_logger (0.1.0) hpricot (0.8.6) @@ -243,9 +244,10 @@ GEM actionpack (~> 3.0) i18n-inflector (~> 2.6) railties (~> 3.0) - jasmine-core (1.2.0.rc3) - jquery-rails (1.0.19) - railties (~> 3.0) + jasmine-core (1.2.0) + journey (1.0.3) + jquery-rails (2.0.2) + railties (>= 3.2.0, < 5.0) thor (~> 0.14) jquery-ui-rails (0.2.2) jquery-rails @@ -263,7 +265,7 @@ GEM addressable linecache (0.46) rbx-require-relative (> 0.0.4) - mail (2.3.3) + mail (2.4.4) i18n (>= 0.4.0) mime-types (~> 1.16) treetop (~> 1.4.8) @@ -273,7 +275,7 @@ GEM mime-types (1.18) mini_magick (3.4) subexec (~> 0.2.1) - mobile-fu (1.0.0) + mobile-fu (1.1.0) rack-mobile-detect rails mock_redis (0.4.1) @@ -293,9 +295,9 @@ GEM net-ssh-gateway (1.1.0) net-ssh (>= 1.99.1) netrc (0.7.1) - newrelic_rpm (3.3.2.1) + newrelic_rpm (3.3.4.1) nokogiri (1.5.2) - oauth (0.4.5) + oauth (0.4.6) oauth2 (0.5.0) faraday (>= 0.6.1, < 0.8) multi_json (~> 1.0.0) @@ -305,7 +307,7 @@ GEM oink (0.9.3) activerecord hodel_3000_compliant_logger - omniauth (1.0.1) + omniauth (1.0.3) hashie (~> 1.2) rack omniauth-facebook (1.2.0) @@ -318,24 +320,22 @@ GEM omniauth (~> 1.0) omniauth-tumblr (1.0) omniauth-oauth (~> 1.0) - omniauth-twitter (0.0.8) + omniauth-twitter (0.0.9) omniauth-oauth (~> 1.0) orm_adapter (0.0.7) parallel (0.5.16) - parallel_tests (0.7.2) + parallel_tests (0.8.1) parallel pg (0.13.2) polyglot (0.3.3) - rack (1.3.6) + rack (1.4.1) rack-cache (1.2) rack (>= 0.4) - rack-cors (0.2.4) + rack-cors (0.2.6) rack rack-fiber_pool (0.9.2) rack-mobile-detect (0.3.0) rack - rack-mount (0.8.3) - rack (>= 1.0.0) rack-piwik (0.1.2) rack-pjax (0.5.9) hpricot (~> 0.8.6) @@ -347,14 +347,14 @@ GEM rack rack-test (0.6.1) rack (>= 1.0) - rails (3.1.4) - actionmailer (= 3.1.4) - actionpack (= 3.1.4) - activerecord (= 3.1.4) - activeresource (= 3.1.4) - activesupport (= 3.1.4) + rails (3.2.3) + actionmailer (= 3.2.3) + actionpack (= 3.2.3) + activerecord (= 3.2.3) + activeresource (= 3.2.3) + activesupport (= 3.2.3) bundler (~> 1.0) - railties (= 3.1.4) + railties (= 3.2.3) rails-i18n (0.6.3) i18n (~> 0.5) rails_admin (0.0.3) @@ -370,16 +370,16 @@ GEM rails (~> 3.1) remotipart (~> 1.0) sass-rails (~> 3.1) - rails_autolink (1.0.6) + rails_autolink (1.0.7) rails (~> 3.1) - railties (3.1.4) - actionpack (= 3.1.4) - activesupport (= 3.1.4) + railties (3.2.3) + actionpack (= 3.2.3) + activesupport (= 3.2.3) rack-ssl (~> 1.3.2) rake (>= 0.8.7) rdoc (~> 3.4) thor (~> 0.14.6) - raindrops (0.8.0) + raindrops (0.8.1) rake (0.9.2.2) rbx-require-relative (0.0.9) rdoc (3.12) @@ -398,7 +398,7 @@ GEM resque (~> 1.0) rest-client (1.6.7) mime-types (>= 1.16) - rpm_contrib (2.1.8) + rpm_contrib (2.1.9) newrelic_rpm (>= 3.1.1) newrelic_rpm (>= 3.1.1) rspec (2.9.0) @@ -425,31 +425,37 @@ GEM ruby-progressbar (0.0.10) rubyzip (0.9.8) sass (3.1.18) +<<<<<<< HEAD sass-rails (3.1.4) actionpack (~> 3.1.0) railties (~> 3.1.0) sass (>= 3.1.4) sprockets (~> 2.0.0) tilt (~> 1.3.2) +======= + sass-rails (3.2.5) + railties (~> 3.2.0) + sass (>= 3.1.10) + tilt (~> 1.3) +>>>>>>> upgrade to Rails 3.2.3 selenium-webdriver (2.22.0.rc1) childprocess (>= 0.2.5) ffi (~> 1.0) libwebsocket (~> 0.1.3) multi_json (~> 1.0) rubyzip - simple_oauth (0.1.5) + simple_oauth (0.1.8) sinatra (1.3.2) rack (~> 1.3, >= 1.3.6) rack-protection (~> 1.2) tilt (~> 1.3, >= 1.3.3) spork (1.0.0rc2) - sprockets (2.0.4) + sprockets (2.1.3) hike (~> 1.2) rack (~> 1.0) tilt (~> 1.1, != 1.3.0) - sqlite3 (1.3.5) - subexec (0.2.1) - term-ansicolor (1.0.7) + sqlite3 (1.3.6) + subexec (0.2.2) thin (1.3.1) daemons (>= 1.0.9) eventmachine (>= 0.12.6) @@ -477,7 +483,7 @@ GEM raindrops (~> 0.7) vegas (0.1.11) rack (>= 1.0.0) - warden (1.1.1) + warden (1.2.0) rack (>= 1.0) webmock (1.6.2) addressable (>= 2.2.2) @@ -488,14 +494,13 @@ GEM will_paginate (3.0.3) xpath (0.1.4) nokogiri (~> 1.3) - yard (0.7.5) + yard (0.8.1) PLATFORMS ruby DEPENDENCIES SystemTimer (= 1.2.3) - active_reload activerecord-import (~> 0.2.9) acts-as-taggable-on (~> 2.2.2) acts_as_api @@ -551,7 +556,7 @@ DEPENDENCIES nokogiri (= 1.5.2) oauth2-provider (= 0.0.19) oink - omniauth (= 1.0.1) + omniauth (= 1.0.3) omniauth-facebook omniauth-tumblr omniauth-twitter @@ -561,7 +566,7 @@ DEPENDENCIES rack-piwik rack-rewrite (~> 1.2.1) rack-ssl - rails (= 3.1.4) + rails (= 3.2.3) rails-i18n rails_admin (~> 0.0.3) rails_autolink @@ -578,7 +583,7 @@ DEPENDENCIES rspec-rails (~> 2.9.0) ruby-debug ruby-oembed (~> 0.8.7) - sass-rails (= 3.1.4) + sass-rails (= 3.2.5) selenium-webdriver (= 2.22.0.rc1) settingslogic! spork (~> 1.0rc2) diff --git a/app/controllers/notifications_controller.rb b/app/controllers/notifications_controller.rb index 7e0af8645..cfdf2be95 100644 --- a/app/controllers/notifications_controller.rb +++ b/app/controllers/notifications_controller.rb @@ -37,7 +37,7 @@ class NotificationsController < ApplicationController pager.replace(result) end @notifications.each do |n| - n[:note_html] = render_to_string( :partial => 'notify_popup_item', :locals => { :n => n } ) + n.note_html = render_to_string( :partial => 'notify_popup_item', :locals => { :n => n } ) end @group_days = @notifications.group_by{|note| I18n.l(note.created_at, :format => I18n.t('date.formats.fullmonth_day')) } diff --git a/app/controllers/posts_controller.rb b/app/controllers/posts_controller.rb index 761028768..2416e948b 100644 --- a/app/controllers/posts_controller.rb +++ b/app/controllers/posts_controller.rb @@ -77,9 +77,9 @@ class PostsController < ApplicationController current_user.retract(@post) respond_to do |format| - format.js { render 'destroy' } + format.js { render 'destroy',:layout => false, :format => :js } format.json { render :nothing => true, :status => 204 } - format.all { redirect_to stream_path } + format.any { redirect_to stream_path } end end diff --git a/app/models/notification.rb b/app/models/notification.rb index d01313b8d..a60d8cdb9 100644 --- a/app/models/notification.rb +++ b/app/models/notification.rb @@ -8,6 +8,8 @@ class Notification < ActiveRecord::Base has_many :actors, :class_name => 'Person', :through => :notification_actors, :source => :person belongs_to :target, :polymorphic => true + attr_accessor :note_html + def self.for(recipient, opts={}) self.where(opts.merge!(:recipient_id => recipient.id)).order('updated_at desc') end @@ -33,6 +35,10 @@ class Notification < ActiveRecord::Base end end + def as_json(opts={}) + super(opts.merge(:methods => :note_html)) + end + def email_the_user(target, actor) self.recipient.mail(self.mail_job, self.recipient_id, actor.id, target.id) end diff --git a/app/models/post.rb b/app/models/post.rb index 6e24533a7..6b64330ea 100644 --- a/app/models/post.rb +++ b/app/models/post.rb @@ -61,6 +61,7 @@ class Post < ActiveRecord::Base self.class.name end + def root; end def raw_message; ""; end def mentioned_people; []; end def photos; []; end diff --git a/app/views/admins/correlations.haml b/app/views/admins/correlations.haml index fb24f42c4..6d2bafbe9 100644 --- a/app/views/admins/correlations.haml +++ b/app/views/admins/correlations.haml @@ -1,5 +1,5 @@ .span-24 - = render :partial => 'admins/admin_bar.haml' + = render :partial => 'admins/admin_bar' %br %br diff --git a/app/views/admins/stats.html.haml b/app/views/admins/stats.html.haml index 66a87413c..9ef060a90 100644 --- a/app/views/admins/stats.html.haml +++ b/app/views/admins/stats.html.haml @@ -1,6 +1,6 @@ .span-24 - = render :partial => 'admins/admin_bar.haml' + = render :partial => 'admins/admin_bar' %br %br diff --git a/app/views/admins/user_search.html.haml b/app/views/admins/user_search.html.haml index 88ff6a80e..a667cf7bb 100644 --- a/app/views/admins/user_search.html.haml +++ b/app/views/admins/user_search.html.haml @@ -1,6 +1,6 @@ .span-24 - = render :partial => 'admins/admin_bar.haml' + = render :partial => 'admins/admin_bar' .span-24.prepend-4 %h3 diff --git a/app/views/admins/weekly_user_stats.haml b/app/views/admins/weekly_user_stats.haml index e93fdf0b0..a73cdc935 100644 --- a/app/views/admins/weekly_user_stats.haml +++ b/app/views/admins/weekly_user_stats.haml @@ -1,6 +1,6 @@ .span-24 - = render :partial => 'admins/admin_bar.haml' + = render :partial => 'admins/admin_bar' %br %br diff --git a/app/views/home/show.mobile.haml b/app/views/home/show.mobile.haml index a0624fcd4..86b60f6a5 100644 --- a/app/views/home/show.mobile.haml +++ b/app/views/home/show.mobile.haml @@ -3,4 +3,4 @@ -# the COPYRIGHT file. -=render :partial => 'home/show' rescue "put something in app/views/home/_show.html.haml" +=render :partial => 'home/show' rescue "put something in app/views/home/_show.html" diff --git a/app/views/publics/webfinger.erb b/app/views/publics/webfinger.erb index fd7a3b466..59c5e015f 100644 --- a/app/views/publics/webfinger.erb +++ b/app/views/publics/webfinger.erb @@ -9,5 +9,5 @@ <Link rel='http://webfinger.net/rel/profile-page' type='text/html' <%=person_href(@person, :absolute => true)%>/> <Link rel="http://schemas.google.com/g/2010#updates-from" type="application/atom+xml" href="<%=@person.public_url%>.atom"/> - <Link rel="diaspora-public-key" type = 'RSA' href="<%=Base64.encode64s(@person.exported_key)%>"/> + <Link rel="diaspora-public-key" type = 'RSA' href="<%=Base64.strict_encode64(@person.exported_key)%>"/> </XRD> diff --git a/config/environments/development.rb b/config/environments/development.rb index 8a3809250..1a7a780cf 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -29,7 +29,17 @@ Diaspora::Application.configure do # Don't care if the mailer can't send config.action_mailer.raise_delivery_errors = false config.active_support.deprecation = [:stderr, :log] + + + + # Raise exception on mass assignment protection for Active Record models + config.active_record.mass_assignment_sanitizer = :strict + + # Log the query plan for queries taking more than this (works + # with SQLite, MySQL, and PostgreSQL) + config.active_record.auto_explain_threshold_in_seconds = 0.5 #config.threadsafe! + # Monkeypatch around the nasty "2.5MB exception page" issue, caused by very large environment vars # This snippet via: http://stackoverflow.com/questions/3114993/exception-pages-in-development-mode-take-upwards-of-15-30-seconds-to-render-why # Relevant Rails ticket: https://rails.lighthouseapp.com/projects/8994/tickets/5027-_request_and_responseerb-and-diagnosticserb-take-an-increasingly-long-time-to-render-in-development-with-multiple-show-tables-calls @@ -39,7 +49,7 @@ Diaspora::Application.configure do "<#{self.class.name} - tooooo long>" end end - [ActionController::Base, ActionDispatch::RemoteIp::RemoteIpGetter, OmniAuth::Strategy, Warden::Proxy].each do |klazz| + [ActionController::Base, OmniAuth::Strategy, Warden::Proxy].each do |klazz| klazz.send(:include, SmallInspect) end end diff --git a/config/environments/test.rb b/config/environments/test.rb index 0a01b0369..612b0b6f5 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -30,6 +30,9 @@ Diaspora::Application.configure do config.action_mailer.delivery_method = :test config.active_support.deprecation = :stderr + # config.active_record.mass_assignment_sanitizer = :strict + + # Configure static asset server for tests with Cache-Control for performance config.serve_static_assets = true config.static_cache_control = "public, max-age=3600" @@ -37,8 +40,6 @@ Diaspora::Application.configure do config.assets.enabled = true config.assets.debug = false - # Allow pass debug_assets=true as a query parameter to load pages with unpackaged assets - config.assets.allow_debugging = true # fixes url helper issue in rspec #config.threadsafe! diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 084fbc4f8..d48c77d04 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -2,16 +2,6 @@ # licensed under the Affero General Public License version 3 or later. See # the COPYRIGHT file. -require_dependency "rack/fixed_request" -OmniAuth.config.full_host = lambda do |env| - request_url = Rack::FixedRequest.new(env).url - # Copied from OmniAuth::Strategy#full_host (omniauth-0.2.6) - uri = URI.parse(request_url.gsub(/\?.*$/,'')) - uri.path = '' - uri.query = nil - uri.to_s -end - Rails.application.config.middleware.use OmniAuth::Builder do if SERVICES['twitter'] && SERVICES['twitter']['consumer_key'] && SERVICES['twitter']['consumer_secret'] provider :twitter, SERVICES['twitter']['consumer_key'], SERVICES['twitter']['consumer_secret'] diff --git a/lib/diaspora/encryptable.rb b/lib/diaspora/encryptable.rb index 83ca2f54c..b1db82c7a 100644 --- a/lib/diaspora/encryptable.rb +++ b/lib/diaspora/encryptable.rb @@ -26,7 +26,7 @@ module Diaspora # @param [OpenSSL::PKey::RSA] key An RSA key # @return [String] A Base64 encoded signature of #signable_string with key def sign_with_key(key) - sig = Base64.encode64s(key.sign( OpenSSL::Digest::SHA256.new, signable_string )) + sig = Base64.strict_encode64(key.sign( OpenSSL::Digest::SHA256.new, signable_string )) log_hash = {:event => :sign_with_key, :status => :complete} log_hash.merge(:model_id => self.id) if self.respond_to?(:persisted?) Rails.logger.info(log_hash) diff --git a/lib/encryptor.rb b/lib/encryptor.rb index 165ab91f2..a81302b85 100644 --- a/lib/encryptor.rb +++ b/lib/encryptor.rb @@ -9,14 +9,14 @@ module Encryptor ciphertext = aes_encrypt(cleartext, aes_key) encrypted_key = encrypt_aes_key aes_key cipher_hash = {:aes_key => encrypted_key, :ciphertext => ciphertext} - Base64.encode64s( cipher_hash.to_json ) + Base64.strict_encode64( cipher_hash.to_json ) end def gen_aes_key cipher = OpenSSL::Cipher.new('AES-256-CBC') key = cipher.random_key iv = cipher.random_iv - {'key' => Base64.encode64s(key), 'iv' => Base64.encode64s(iv)} + {'key' => Base64.strict_encode64(key), 'iv' => Base64.strict_encode64(iv)} end def aes_encrypt(txt, key) @@ -27,11 +27,11 @@ module Encryptor ciphertext = '' ciphertext << cipher.update(txt) ciphertext << cipher.final - Base64.encode64s(ciphertext) + Base64.strict_encode64(ciphertext) end def encrypt_aes_key key - Base64.encode64s(public_key.public_encrypt( key.to_json )) + Base64.strict_encode64(public_key.public_encrypt( key.to_json )) end end diff --git a/lib/postzord/dispatcher.rb b/lib/postzord/dispatcher.rb index 6726c39d2..4174196c2 100644 --- a/lib/postzord/dispatcher.rb +++ b/lib/postzord/dispatcher.rb @@ -106,7 +106,7 @@ class Postzord::Dispatcher def queue_remote_delivery_job(remote_people) Resque.enqueue(Jobs::HttpMulti, @sender.id, - Base64.encode64s(@object.to_diaspora_xml), + Base64.strict_encode64(@object.to_diaspora_xml), remote_people.map{|p| p.id}, self.class.to_s) end diff --git a/lib/rack/fixed_request.rb b/lib/rack/fixed_request.rb deleted file mode 100644 index f1ceca3bd..000000000 --- a/lib/rack/fixed_request.rb +++ /dev/null @@ -1,340 +0,0 @@ -# Copied and renamed from https://github.com/rack/rack/blob/1.3.4/lib/rack/request.rb -require 'rack/utils' - -module Rack - # Rack::Request provides a convenient interface to a Rack - # environment. It is stateless, the environment +env+ passed to the - # constructor will be directly modified. - # - # req = Rack::Request.new(env) - # req.post? - # req.params["data"] - # - # The environment hash passed will store a reference to the Request object - # instantiated so that it will only instantiate if an instance of the Request - # object doesn't already exist. - - class FixedRequest - # The environment of the request. - attr_reader :env - - def initialize(env) - @env = env - end - - def body; @env["rack.input"] end - def script_name; @env["SCRIPT_NAME"].to_s end - def path_info; @env["PATH_INFO"].to_s end - def request_method; @env["REQUEST_METHOD"] end - def query_string; @env["QUERY_STRING"].to_s end - def content_length; @env['CONTENT_LENGTH'] end - - def content_type - content_type = @env['CONTENT_TYPE'] - content_type.nil? || content_type.empty? ? nil : content_type - end - - def session; @env['rack.session'] ||= {} end - def session_options; @env['rack.session.options'] ||= {} end - def logger; @env['rack.logger'] end - - # The media type (type/subtype) portion of the CONTENT_TYPE header - # without any media type parameters. e.g., when CONTENT_TYPE is - # "text/plain;charset=utf-8", the media-type is "text/plain". - # - # For more information on the use of media types in HTTP, see: - # http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7 - def media_type - content_type && content_type.split(/\s*[;,]\s*/, 2).first.downcase - end - - # The media type parameters provided in CONTENT_TYPE as a Hash, or - # an empty Hash if no CONTENT_TYPE or media-type parameters were - # provided. e.g., when the CONTENT_TYPE is "text/plain;charset=utf-8", - # this method responds with the following Hash: - # { 'charset' => 'utf-8' } - def media_type_params - return {} if content_type.nil? - Hash[*content_type.split(/\s*[;,]\s*/)[1..-1]. - collect { |s| s.split('=', 2) }. - map { |k,v| [k.downcase, v] }.flatten] - end - - # The character set of the request body if a "charset" media type - # parameter was given, or nil if no "charset" was specified. Note - # that, per RFC2616, text/* media types that specify no explicit - # charset are to be considered ISO-8859-1. - def content_charset - media_type_params['charset'] - end - - def scheme - if @env['HTTPS'] == 'on' - 'https' - elsif @env['HTTP_X_FORWARDED_SSL'] == 'on' - 'https' - elsif @env['HTTP_X_FORWARDED_PROTO'] - @env['HTTP_X_FORWARDED_PROTO'].split(',')[0] - else - @env["rack.url_scheme"] - end - end - - def ssl? - scheme == 'https' - end - - def host_with_port - if forwarded = @env["HTTP_X_FORWARDED_HOST"] - forwarded.split(/,\s?/).last - else - @env['HTTP_HOST'] || "#{@env['SERVER_NAME'] || @env['SERVER_ADDR']}:#{@env['SERVER_PORT']}" - end - end - - def port - if port = host_with_port.split(/:/)[1] - port.to_i - elsif port = @env['HTTP_X_FORWARDED_PORT'] - port.to_i - elsif ssl? - 443 - elsif @env.has_key?("HTTP_X_FORWARDED_HOST") - 80 - else - @env["SERVER_PORT"].to_i - end - end - - def host - # Remove port number. - host_with_port.to_s.gsub(/:\d+\z/, '') - end - - def script_name=(s); @env["SCRIPT_NAME"] = s.to_s end - def path_info=(s); @env["PATH_INFO"] = s.to_s end - - - # Checks the HTTP request method (or verb) to see if it was of type DELETE - def delete?; request_method == "DELETE" end - - # Checks the HTTP request method (or verb) to see if it was of type GET - def get?; request_method == "GET" end - - # Checks the HTTP request method (or verb) to see if it was of type HEAD - def head?; request_method == "HEAD" end - - # Checks the HTTP request method (or verb) to see if it was of type OPTIONS - def options?; request_method == "OPTIONS" end - - # Checks the HTTP request method (or verb) to see if it was of type PATCH - def patch?; request_method == "PATCH" end - - # Checks the HTTP request method (or verb) to see if it was of type POST - def post?; request_method == "POST" end - - # Checks the HTTP request method (or verb) to see if it was of type PUT - def put?; request_method == "PUT" end - - # Checks the HTTP request method (or verb) to see if it was of type TRACE - def trace?; request_method == "TRACE" end - - - # The set of form-data media-types. Requests that do not indicate - # one of the media types presents in this list will not be eligible - # for form-data / param parsing. - FORM_DATA_MEDIA_TYPES = [ - 'application/x-www-form-urlencoded', - 'multipart/form-data' - ] - - # The set of media-types. Requests that do not indicate - # one of the media types presents in this list will not be eligible - # for param parsing like soap attachments or generic multiparts - PARSEABLE_DATA_MEDIA_TYPES = [ - 'multipart/related', - 'multipart/mixed' - ] - - # Determine whether the request body contains form-data by checking - # the request Content-Type for one of the media-types: - # "application/x-www-form-urlencoded" or "multipart/form-data". The - # list of form-data media types can be modified through the - # +FORM_DATA_MEDIA_TYPES+ array. - # - # A request body is also assumed to contain form-data when no - # Content-Type header is provided and the request_method is POST. - def form_data? - type = media_type - meth = env["rack.methodoverride.original_method"] || env['REQUEST_METHOD'] - (meth == 'POST' && type.nil?) || FORM_DATA_MEDIA_TYPES.include?(type) - end - - # Determine whether the request body contains data by checking - # the request media_type against registered parse-data media-types - def parseable_data? - PARSEABLE_DATA_MEDIA_TYPES.include?(media_type) - end - - # Returns the data recieved in the query string. - def GET - if @env["rack.request.query_string"] == query_string - @env["rack.request.query_hash"] - else - @env["rack.request.query_string"] = query_string - @env["rack.request.query_hash"] = parse_query(query_string) - end - end - - # Returns the data recieved in the request body. - # - # This method support both application/x-www-form-urlencoded and - # multipart/form-data. - def POST - if @env["rack.input"].nil? - raise "Missing rack.input" - elsif @env["rack.request.form_input"].eql? @env["rack.input"] - @env["rack.request.form_hash"] - elsif form_data? || parseable_data? - @env["rack.request.form_input"] = @env["rack.input"] - unless @env["rack.request.form_hash"] = parse_multipart(env) - form_vars = @env["rack.input"].read - - # Fix for Safari Ajax postings that always append \0 - # form_vars.sub!(/\0\z/, '') # performance replacement: - form_vars.slice!(-1) if form_vars[-1] == ?\0 - - @env["rack.request.form_vars"] = form_vars - @env["rack.request.form_hash"] = parse_query(form_vars) - - @env["rack.input"].rewind - end - @env["rack.request.form_hash"] - else - {} - end - end - - # The union of GET and POST data. - def params - @params ||= self.GET.merge(self.POST) - rescue EOFError - self.GET - end - - # shortcut for request.params[key] - def [](key) - params[key.to_s] - end - - # shortcut for request.params[key] = value - def []=(key, value) - params[key.to_s] = value - end - - # like Hash#values_at - def values_at(*keys) - keys.map{|key| params[key] } - end - - # the referer of the client - def referer - @env['HTTP_REFERER'] - end - alias referrer referer - - def user_agent - @env['HTTP_USER_AGENT'] - end - - def cookies - hash = @env["rack.request.cookie_hash"] ||= {} - string = @env["HTTP_COOKIE"] - - return hash if string == @env["rack.request.cookie_string"] - hash.clear - - # According to RFC 2109: - # If multiple cookies satisfy the criteria above, they are ordered in - # the Cookie header such that those with more specific Path attributes - # precede those with less specific. Ordering with respect to other - # attributes (e.g., Domain) is unspecified. - Utils.parse_query(string, ';,').each { |k,v| hash[k] = Array === v ? v.first : v } - @env["rack.request.cookie_string"] = string - hash - rescue => error - raise error.class, "cannot parse Cookie header: #{error.message}" - end - - def xhr? - @env["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest" - end - - def base_url - url = scheme + "://" - url << host - - if scheme == "https" && port != 443 || - scheme == "http" && port != 80 - url << ":#{port}" - end - - url - end - - # Tries to return a remake of the original request URL as a string. - def url - base_url + fullpath - end - - def path - script_name + path_info - end - - def fullpath - query_string.empty? ? path : "#{path}?#{query_string}" - end - - def accept_encoding - @env["HTTP_ACCEPT_ENCODING"].to_s.split(/\s*,\s*/).map do |part| - encoding, parameters = part.split(/\s*;\s*/, 2) - quality = 1.0 - if parameters and /\Aq=([\d.]+)/ =~ parameters - quality = $1.to_f - end - [encoding, quality] - end - end - - def trusted_proxy?(ip) - ip =~ /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|^::1$|^fd[0-9a-f]{2}:.+|^localhost$/i - end - - def ip - remote_addrs = @env['REMOTE_ADDR'] ? @env['REMOTE_ADDR'].split(/[,\s]+/) : [] - remote_addrs.reject! { |addr| trusted_proxy?(addr) } - - return remote_addrs.first if remote_addrs.any? - - forwarded_ips = @env['HTTP_X_FORWARDED_FOR'] ? @env['HTTP_X_FORWARDED_FOR'].strip.split(/[,\s]+/) : [] - - if client_ip = @env['HTTP_CLIENT_IP'] - # If forwarded_ips doesn't include the client_ip, it might be an - # ip spoofing attempt, so we ignore HTTP_CLIENT_IP - return client_ip if forwarded_ips.include?(client_ip) - end - - return forwarded_ips.reject { |ip| trusted_proxy?(ip) }.last || @env["REMOTE_ADDR"] - end - - protected - def parse_query(qs) - Utils.parse_nested_query(qs) - end - - def parse_multipart(env) - Rack::Multipart.parse_multipart(env) - end - end -end - diff --git a/lib/salmon/salmon.rb b/lib/salmon/salmon.rb index 3d09404d2..28b5e4286 100644 --- a/lib/salmon/salmon.rb +++ b/lib/salmon/salmon.rb @@ -10,7 +10,7 @@ module Base64 # Alphabet'' in RFC 4648. # The alphabet uses '-' instead of '+' and '_' instead of '/'. def urlsafe_encode64(bin) - self.encode64s(bin).tr("+/", "-_") + self.strict_encode64(bin).tr("+/", "-_") end # Returns the Base64-decoded version of +str+. diff --git a/spec/lib/diaspora/encryptable_spec.rb b/spec/lib/diaspora/encryptable_spec.rb index dcf46cec7..eb62e5e90 100644 --- a/spec/lib/diaspora/encryptable_spec.rb +++ b/spec/lib/diaspora/encryptable_spec.rb @@ -22,7 +22,7 @@ describe Diaspora::Encryptable do end it 'does not verify the fallback after rollout window' do - sig = Base64.encode64s(bob.encryption_key.sign( "SHA", @comment.signable_string )) + sig = Base64.strict_encode64(bob.encryption_key.sign( "SHA", @comment.signable_string )) @comment.verify_signature(sig, bob.person).should be_false end end |