Class: ActionDispatch::Request
- Includes:
- Http::Cache::Request, Http::FilterParameters, Http::MimeNegotiation, Http::Parameters, Http::URL, Http::Upload
- Defined in:
- actionpack/lib/action_dispatch/http/request.rb,
actionpack/lib/action_dispatch/middleware/flash.rb,
actionpack/lib/action_dispatch/middleware/cookies.rb
Direct Known Subclasses
Constant Summary collapse
- LOCALHOST =
[/^127\.0\.0\.\d{1,3}$/, "::1", /^0:0:0:0:0:0:0:1(%.*)?$/].freeze
- ENV_METHODS =
%w[ AUTH_TYPE GATEWAY_INTERFACE PATH_TRANSLATED REMOTE_HOST REMOTE_IDENT REMOTE_USER REMOTE_ADDR SERVER_NAME SERVER_PROTOCOL HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM HTTP_NEGOTIATE HTTP_PRAGMA ].freeze
- RFC2616 =
List of HTTP request methods from the following RFCs: Hypertext Transfer Protocol – HTTP/1.1 (www.ietf.org/rfc/rfc2616.txt) HTTP Extensions for Distributed Authoring – WEBDAV (www.ietf.org/rfc/rfc2518.txt) Versioning Extensions to WebDAV (www.ietf.org/rfc/rfc3253.txt) Ordered Collections Protocol (WebDAV) (www.ietf.org/rfc/rfc3648.txt) Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (www.ietf.org/rfc/rfc3744.txt) Web Distributed Authoring and Versioning (WebDAV) SEARCH (www.ietf.org/rfc/rfc5323.txt) PATCH Method for HTTP (www.ietf.org/rfc/rfc5789.txt)
%w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
- RFC2518 =
%w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
- RFC3253 =
%w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
- RFC3648 =
%w(ORDERPATCH)
- RFC3744 =
%w(ACL)
- RFC5323 =
%w(SEARCH)
- RFC5789 =
%w(PATCH)
- HTTP_METHODS =
RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC5789
- HTTP_METHOD_LOOKUP =
Hash.new { |h, m| h[m] = m.underscore.to_sym if HTTP_METHODS.include?(m) }
- TRUSTED_PROXIES =
Which IP addresses are “trusted proxies” that can be stripped from the right-hand-side of X-Forwarded-For.
en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces.
%r{ ^127\.0\.0\.1$ | # localhost ^(10 | # private IP 10.x.x.x 172\.(1[6-9]|2[0-9]|3[0-1]) | # private IP in the range 172.16.0.0 .. 172.31.255.255 192\.168 # private IP 192.168.x.x )\. }x
Class Method Summary collapse
Instance Method Summary collapse
-
#authorization ⇒ Object
Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.
-
#body ⇒ Object
The request body is an IO input stream.
-
#body_stream ⇒ Object
:nodoc:.
-
#content_length ⇒ Object
Returns the content length of the request as an integer.
- #cookie_jar ⇒ Object
-
#delete? ⇒ Boolean
Is this a DELETE request? Equivalent to
request.request_method == :delete
. -
#flash ⇒ Object
Access the contents of the flash.
- #forgery_whitelisted? ⇒ Boolean
- #form_data? ⇒ Boolean
- #fullpath ⇒ Object
-
#GET ⇒ Object
(also: #query_parameters)
Override Rack’s GET method to support indifferent access.
-
#get? ⇒ Boolean
Is this a GET (or HEAD) request? Equivalent to
request.request_method == :get
. -
#head? ⇒ Boolean
Is this a HEAD request? Equivalent to
request.method == :head
. -
#headers ⇒ Object
Provides access to the request’s HTTP headers, for example:.
- #ip ⇒ Object
- #key?(key) ⇒ Boolean
-
#local? ⇒ Boolean
True if the request came from localhost, 127.0.0.1.
- #media_type ⇒ Object
-
#method ⇒ Object
Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware.
-
#method_symbol ⇒ Object
Returns a symbol form of the #method.
-
#POST ⇒ Object
(also: #request_parameters)
Override Rack’s POST method to support indifferent access.
-
#post? ⇒ Boolean
Is this a POST request? Equivalent to
request.request_method == :post
. -
#put? ⇒ Boolean
Is this a PUT request? Equivalent to
request.request_method == :put
. -
#raw_post ⇒ Object
Read the request body.
-
#remote_ip ⇒ Object
Determines originating IP address.
-
#request_method ⇒ Object
Returns the HTTP method that the application should see.
-
#request_method_symbol ⇒ Object
Returns a symbol form of the #request_method.
-
#reset_session ⇒ Object
TODO This should be broken apart into AD::Request::Session and probably be included by the session middleware.
-
#server_software ⇒ Object
Returns the lowercase name of the HTTP server software.
-
#session=(session) ⇒ Object
:nodoc:.
- #session_options=(options) ⇒ Object
-
#xml_http_request? ⇒ Boolean
(also: #xhr?)
Returns true if the “X-Requested-With” header contains “XMLHttpRequest” (case-insensitive).
Methods included from Http::URL
#domain, extract_domain, extract_subdomain, extract_subdomains, #host, #host_with_port, #optional_port, #port, #port_string, #protocol, #raw_host_with_port, #server_port, #standard_port, #standard_port?, #subdomain, #subdomains, #url, url_for
Methods included from Http::FilterParameters
#filtered_env, #filtered_parameters, #filtered_path
Methods included from ActiveSupport::Concern
#append_features, extended, #included
Methods included from Http::Parameters
#parameters, #path_parameters, #path_parameters=, #symbolized_path_parameters
Methods included from Http::MimeNegotiation
#accepts, #content_mime_type, #content_type, #format, #format=, #formats, #negotiate_mime
Methods included from Http::Cache::Request
#etag_matches?, #fresh?, #if_modified_since, #if_none_match, #not_modified?
Class Method Details
.new(env) ⇒ Object
38 39 40 41 42 43 44 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 38 def self.new(env) if request = env["action_dispatch.request"] && request.instance_of?(self) return request end super end |
Instance Method Details
#authorization ⇒ Object
Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.
250 251 252 253 254 255 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 250 def @env['HTTP_AUTHORIZATION'] || @env['X-HTTP_AUTHORIZATION'] || @env['X_HTTP_AUTHORIZATION'] || @env['REDIRECT_X_HTTP_AUTHORIZATION'] end |
#body ⇒ Object
The request body is an IO input stream. If the RAW_POST_DATA environment variable is already set, wrap it in a StringIO.
202 203 204 205 206 207 208 209 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 202 def body if raw_post = @env['RAW_POST_DATA'] raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding) StringIO.new(raw_post) else @env['rack.input'] end end |
#body_stream ⇒ Object
:nodoc:
215 216 217 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 215 def body_stream #:nodoc: @env['rack.input'] end |
#content_length ⇒ Object
Returns the content length of the request as an integer.
147 148 149 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 147 def content_length super.to_i end |
#cookie_jar ⇒ Object
5 6 7 |
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 5 def env['action_dispatch.cookies'] ||= Cookies::CookieJar.build(self) end |
#delete? ⇒ Boolean
Is this a DELETE request? Equivalent to request.request_method == :delete
.
116 117 118 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 116 def delete? HTTP_METHOD_LOOKUP[request_method] == :delete end |
#flash ⇒ Object
Access the contents of the flash. Use flash["notice"]
to read a notice you put there or flash["notice"] = "hello"
to put a new one.
6 7 8 |
# File 'actionpack/lib/action_dispatch/middleware/flash.rb', line 6 def flash @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new) end |
#forgery_whitelisted? ⇒ Boolean
137 138 139 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 137 def forgery_whitelisted? get? end |
#form_data? ⇒ Boolean
211 212 213 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 211 def form_data? FORM_DATA_MEDIA_TYPES.include?(content_mime_type.to_s) end |
#fullpath ⇒ Object
133 134 135 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 133 def fullpath @fullpath ||= super end |
#GET ⇒ Object Also known as: query_parameters
Override Rack’s GET method to support indifferent access
236 237 238 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 236 def GET @env["action_dispatch.request.query_parameters"] ||= (normalize_parameters(super) || {}) end |
#get? ⇒ Boolean
Is this a GET (or HEAD) request? Equivalent to request.request_method == :get
.
98 99 100 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 98 def get? HTTP_METHOD_LOOKUP[request_method] == :get end |
#head? ⇒ Boolean
Is this a HEAD request? Equivalent to request.method == :head
.
122 123 124 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 122 def head? HTTP_METHOD_LOOKUP[method] == :head end |
#headers ⇒ Object
Provides access to the request’s HTTP headers, for example:
request.headers["Content-Type"] # => "text/plain"
129 130 131 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 129 def headers Http::Headers.new(@env) end |
#ip ⇒ Object
159 160 161 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 159 def ip @ip ||= super end |
#key?(key) ⇒ Boolean
46 47 48 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 46 def key?(key) @env.key?(key) end |
#local? ⇒ Boolean
True if the request came from localhost, 127.0.0.1.
258 259 260 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 258 def local? LOCALHOST.any? { |local_ip| local_ip === remote_addr && local_ip === remote_ip } end |
#media_type ⇒ Object
142 143 144 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 142 def media_type content_mime_type.to_s end |
#method ⇒ Object
Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware. See #request_method for more information.
87 88 89 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 87 def method @method ||= check_method(env["rack.methodoverride.original_method"] || env['REQUEST_METHOD']) end |
#method_symbol ⇒ Object
Returns a symbol form of the #method
92 93 94 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 92 def method_symbol HTTP_METHOD_LOOKUP[method] end |
#POST ⇒ Object Also known as: request_parameters
Override Rack’s POST method to support indifferent access
242 243 244 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 242 def POST @env["action_dispatch.request.request_parameters"] ||= (normalize_parameters(super) || {}) end |
#post? ⇒ Boolean
Is this a POST request? Equivalent to request.request_method == :post
.
104 105 106 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 104 def post? HTTP_METHOD_LOOKUP[request_method] == :post end |
#put? ⇒ Boolean
Is this a PUT request? Equivalent to request.request_method == :put
.
110 111 112 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 110 def put? HTTP_METHOD_LOOKUP[request_method] == :put end |
#raw_post ⇒ Object
Read the request body. This is useful for web services that need to work with raw requests directly.
192 193 194 195 196 197 198 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 192 def raw_post unless @env.include? 'RAW_POST_DATA' @env['RAW_POST_DATA'] = body.read(@env['CONTENT_LENGTH'].to_i) body.rewind if body.respond_to?(:rewind) end @env['RAW_POST_DATA'] end |
#remote_ip ⇒ Object
Determines originating IP address. REMOTE_ADDR is the standard but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR are set by proxies so check for these if REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- delimited list in the case of multiple chained proxies; the last address which is not trusted is the originating IP.
181 182 183 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 181 def remote_ip @remote_ip ||= (@env["action_dispatch.remote_ip"] || ip).to_s end |
#request_method ⇒ Object
Returns the HTTP method that the application should see. In the case where the method was overridden by a middleware (for instance, if a HEAD request was converted to a GET, or if a _method parameter was used to determine the method the application should use), this method returns the overridden value, not the original.
75 76 77 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 75 def request_method @request_method ||= check_method(env["REQUEST_METHOD"]) end |
#request_method_symbol ⇒ Object
Returns a symbol form of the #request_method
80 81 82 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 80 def request_method_symbol HTTP_METHOD_LOOKUP[request_method] end |
#reset_session ⇒ Object
TODO This should be broken apart into AD::Request::Session and probably be included by the session middleware.
221 222 223 224 225 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 221 def reset_session session.destroy if session && session.respond_to?(:destroy) self.session = {} @env['action_dispatch.request.flash_hash'] = nil end |
#server_software ⇒ Object
Returns the lowercase name of the HTTP server software.
186 187 188 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 186 def server_software (@env['SERVER_SOFTWARE'] && /^([a-zA-Z]+)/ =~ @env['SERVER_SOFTWARE']) ? $1.downcase : nil end |
#session=(session) ⇒ Object
:nodoc:
227 228 229 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 227 def session=(session) #:nodoc: @env['rack.session'] = session end |
#session_options=(options) ⇒ Object
231 232 233 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 231 def () @env['rack.session.options'] = end |
#xml_http_request? ⇒ Boolean Also known as: xhr?
Returns true if the “X-Requested-With” header contains “XMLHttpRequest” (case-insensitive). All major JavaScript libraries send this header with every Ajax request.
154 155 156 |
# File 'actionpack/lib/action_dispatch/http/request.rb', line 154 def xml_http_request? @env['HTTP_X_REQUESTED_WITH'] =~ /XMLHttpRequest/i end |