Class: ActionDispatch::Request

Inherits:
Rack::Request
  • Object
show all
Includes:
Http::Cache::Request, Http::FilterParameters, Http::MimeNegotiation, Http::Parameters, Http::URL, Http::Upload
Defined in:
actionpack/lib/action_dispatch/http/request.rb,
actionpack/lib/action_dispatch/middleware/flash.rb,
actionpack/lib/action_dispatch/middleware/cookies.rb

Direct Known Subclasses

TestRequest

Constant Summary collapse

LOCALHOST =
[/^127\.0\.0\.\d{1,3}$/, "::1", /^0:0:0:0:0:0:0:1(%.*)?$/].freeze
ENV_METHODS =
%w[ AUTH_TYPE GATEWAY_INTERFACE
PATH_TRANSLATED REMOTE_HOST
REMOTE_IDENT REMOTE_USER REMOTE_ADDR
SERVER_NAME SERVER_PROTOCOL

HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING
HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM
HTTP_NEGOTIATE HTTP_PRAGMA ].freeze
RFC2616 =

List of HTTP request methods from the following RFCs: Hypertext Transfer Protocol – HTTP/1.1 (www.ietf.org/rfc/rfc2616.txt) HTTP Extensions for Distributed Authoring – WEBDAV (www.ietf.org/rfc/rfc2518.txt) Versioning Extensions to WebDAV (www.ietf.org/rfc/rfc3253.txt) Ordered Collections Protocol (WebDAV) (www.ietf.org/rfc/rfc3648.txt) Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (www.ietf.org/rfc/rfc3744.txt) Web Distributed Authoring and Versioning (WebDAV) SEARCH (www.ietf.org/rfc/rfc5323.txt) PATCH Method for HTTP (www.ietf.org/rfc/rfc5789.txt)

%w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
RFC2518 =
%w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
RFC3253 =
%w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
RFC3648 =
%w(ORDERPATCH)
RFC3744 =
%w(ACL)
RFC5323 =
%w(SEARCH)
RFC5789 =
%w(PATCH)
HTTP_METHODS =
RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC5789
HTTP_METHOD_LOOKUP =
Hash.new { |h, m| h[m] = m.underscore.to_sym if HTTP_METHODS.include?(m) }
TRUSTED_PROXIES =

Which IP addresses are “trusted proxies” that can be stripped from the right-hand-side of X-Forwarded-For.

en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces.

%r{
  ^127\.0\.0\.1$                | # localhost
  ^(10                          | # private IP 10.x.x.x
    172\.(1[6-9]|2[0-9]|3[0-1]) | # private IP in the range 172.16.0.0 .. 172.31.255.255
    192\.168                      # private IP 192.168.x.x
   )\.
}x

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Http::URL

#domain, extract_domain, extract_subdomain, extract_subdomains, #host, #host_with_port, #optional_port, #port, #port_string, #protocol, #raw_host_with_port, #server_port, #standard_port, #standard_port?, #subdomain, #subdomains, #url, url_for

Methods included from Http::FilterParameters

#filtered_env, #filtered_parameters, #filtered_path

Methods included from ActiveSupport::Concern

#append_features, extended, #included

Methods included from Http::Parameters

#parameters, #path_parameters, #path_parameters=, #symbolized_path_parameters

Methods included from Http::MimeNegotiation

#accepts, #content_mime_type, #content_type, #format, #format=, #formats, #negotiate_mime

Methods included from Http::Cache::Request

#etag_matches?, #fresh?, #if_modified_since, #if_none_match, #not_modified?

Class Method Details

.new(env) ⇒ Object



38
39
40
41
42
43
44
# File 'actionpack/lib/action_dispatch/http/request.rb', line 38

def self.new(env)
  if request = env["action_dispatch.request"] && request.instance_of?(self)
    return request
  end

  super
end

Instance Method Details

#authorizationObject

Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.



250
251
252
253
254
255
# File 'actionpack/lib/action_dispatch/http/request.rb', line 250

def authorization
  @env['HTTP_AUTHORIZATION']   ||
  @env['X-HTTP_AUTHORIZATION'] ||
  @env['X_HTTP_AUTHORIZATION'] ||
  @env['REDIRECT_X_HTTP_AUTHORIZATION']
end

#bodyObject

The request body is an IO input stream. If the RAW_POST_DATA environment variable is already set, wrap it in a StringIO.



202
203
204
205
206
207
208
209
# File 'actionpack/lib/action_dispatch/http/request.rb', line 202

def body
  if raw_post = @env['RAW_POST_DATA']
    raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding)
    StringIO.new(raw_post)
  else
    @env['rack.input']
  end
end

#body_streamObject

:nodoc:



215
216
217
# File 'actionpack/lib/action_dispatch/http/request.rb', line 215

def body_stream #:nodoc:
  @env['rack.input']
end

#content_lengthObject

Returns the content length of the request as an integer.



147
148
149
# File 'actionpack/lib/action_dispatch/http/request.rb', line 147

def content_length
  super.to_i
end


5
6
7
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 5

def cookie_jar
  env['action_dispatch.cookies'] ||= Cookies::CookieJar.build(self)
end

#delete?Boolean

Is this a DELETE request? Equivalent to request.request_method == :delete.

Returns:

  • (Boolean)


116
117
118
# File 'actionpack/lib/action_dispatch/http/request.rb', line 116

def delete?
  HTTP_METHOD_LOOKUP[request_method] == :delete
end

#flashObject

Access the contents of the flash. Use flash["notice"] to read a notice you put there or flash["notice"] = "hello" to put a new one.



6
7
8
# File 'actionpack/lib/action_dispatch/middleware/flash.rb', line 6

def flash
  @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new)
end

#forgery_whitelisted?Boolean

Returns:

  • (Boolean)


137
138
139
# File 'actionpack/lib/action_dispatch/http/request.rb', line 137

def forgery_whitelisted?
  get?
end

#form_data?Boolean

Returns:

  • (Boolean)


211
212
213
# File 'actionpack/lib/action_dispatch/http/request.rb', line 211

def form_data?
  FORM_DATA_MEDIA_TYPES.include?(content_mime_type.to_s)
end

#fullpathObject



133
134
135
# File 'actionpack/lib/action_dispatch/http/request.rb', line 133

def fullpath
  @fullpath ||= super
end

#GETObject Also known as: query_parameters

Override Rack’s GET method to support indifferent access



236
237
238
# File 'actionpack/lib/action_dispatch/http/request.rb', line 236

def GET
  @env["action_dispatch.request.query_parameters"] ||= (normalize_parameters(super) || {})
end

#get?Boolean

Is this a GET (or HEAD) request? Equivalent to request.request_method == :get.

Returns:

  • (Boolean)


98
99
100
# File 'actionpack/lib/action_dispatch/http/request.rb', line 98

def get?
  HTTP_METHOD_LOOKUP[request_method] == :get
end

#head?Boolean

Is this a HEAD request? Equivalent to request.method == :head.

Returns:

  • (Boolean)


122
123
124
# File 'actionpack/lib/action_dispatch/http/request.rb', line 122

def head?
  HTTP_METHOD_LOOKUP[method] == :head
end

#headersObject

Provides access to the request’s HTTP headers, for example:

request.headers["Content-Type"] # => "text/plain"


129
130
131
# File 'actionpack/lib/action_dispatch/http/request.rb', line 129

def headers
  Http::Headers.new(@env)
end

#ipObject



159
160
161
# File 'actionpack/lib/action_dispatch/http/request.rb', line 159

def ip
  @ip ||= super
end

#key?(key) ⇒ Boolean

Returns:

  • (Boolean)


46
47
48
# File 'actionpack/lib/action_dispatch/http/request.rb', line 46

def key?(key)
  @env.key?(key)
end

#local?Boolean

True if the request came from localhost, 127.0.0.1.

Returns:

  • (Boolean)


258
259
260
# File 'actionpack/lib/action_dispatch/http/request.rb', line 258

def local?
  LOCALHOST.any? { |local_ip| local_ip === remote_addr && local_ip === remote_ip }
end

#media_typeObject



142
143
144
# File 'actionpack/lib/action_dispatch/http/request.rb', line 142

def media_type
  content_mime_type.to_s
end

#methodObject

Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware. See #request_method for more information.



87
88
89
# File 'actionpack/lib/action_dispatch/http/request.rb', line 87

def method
  @method ||= check_method(env["rack.methodoverride.original_method"] || env['REQUEST_METHOD'])
end

#method_symbolObject

Returns a symbol form of the #method



92
93
94
# File 'actionpack/lib/action_dispatch/http/request.rb', line 92

def method_symbol
  HTTP_METHOD_LOOKUP[method]
end

#POSTObject Also known as: request_parameters

Override Rack’s POST method to support indifferent access



242
243
244
# File 'actionpack/lib/action_dispatch/http/request.rb', line 242

def POST
  @env["action_dispatch.request.request_parameters"] ||= (normalize_parameters(super) || {})
end

#post?Boolean

Is this a POST request? Equivalent to request.request_method == :post.

Returns:

  • (Boolean)


104
105
106
# File 'actionpack/lib/action_dispatch/http/request.rb', line 104

def post?
  HTTP_METHOD_LOOKUP[request_method] == :post
end

#put?Boolean

Is this a PUT request? Equivalent to request.request_method == :put.

Returns:

  • (Boolean)


110
111
112
# File 'actionpack/lib/action_dispatch/http/request.rb', line 110

def put?
  HTTP_METHOD_LOOKUP[request_method] == :put
end

#raw_postObject

Read the request body. This is useful for web services that need to work with raw requests directly.



192
193
194
195
196
197
198
# File 'actionpack/lib/action_dispatch/http/request.rb', line 192

def raw_post
  unless @env.include? 'RAW_POST_DATA'
    @env['RAW_POST_DATA'] = body.read(@env['CONTENT_LENGTH'].to_i)
    body.rewind if body.respond_to?(:rewind)
  end
  @env['RAW_POST_DATA']
end

#remote_ipObject

Determines originating IP address. REMOTE_ADDR is the standard but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR are set by proxies so check for these if REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- delimited list in the case of multiple chained proxies; the last address which is not trusted is the originating IP.



181
182
183
# File 'actionpack/lib/action_dispatch/http/request.rb', line 181

def remote_ip
  @remote_ip ||= (@env["action_dispatch.remote_ip"] || ip).to_s
end

#request_methodObject

Returns the HTTP method that the application should see. In the case where the method was overridden by a middleware (for instance, if a HEAD request was converted to a GET, or if a _method parameter was used to determine the method the application should use), this method returns the overridden value, not the original.



75
76
77
# File 'actionpack/lib/action_dispatch/http/request.rb', line 75

def request_method
  @request_method ||= check_method(env["REQUEST_METHOD"])
end

#request_method_symbolObject

Returns a symbol form of the #request_method



80
81
82
# File 'actionpack/lib/action_dispatch/http/request.rb', line 80

def request_method_symbol
  HTTP_METHOD_LOOKUP[request_method]
end

#reset_sessionObject

TODO This should be broken apart into AD::Request::Session and probably be included by the session middleware.



221
222
223
224
225
# File 'actionpack/lib/action_dispatch/http/request.rb', line 221

def reset_session
  session.destroy if session && session.respond_to?(:destroy)
  self.session = {}
  @env['action_dispatch.request.flash_hash'] = nil
end

#server_softwareObject

Returns the lowercase name of the HTTP server software.



186
187
188
# File 'actionpack/lib/action_dispatch/http/request.rb', line 186

def server_software
  (@env['SERVER_SOFTWARE'] && /^([a-zA-Z]+)/ =~ @env['SERVER_SOFTWARE']) ? $1.downcase : nil
end

#session=(session) ⇒ Object

:nodoc:



227
228
229
# File 'actionpack/lib/action_dispatch/http/request.rb', line 227

def session=(session) #:nodoc:
  @env['rack.session'] = session
end

#session_options=(options) ⇒ Object



231
232
233
# File 'actionpack/lib/action_dispatch/http/request.rb', line 231

def session_options=(options)
  @env['rack.session.options'] = options
end

#xml_http_request?Boolean Also known as: xhr?

Returns true if the “X-Requested-With” header contains “XMLHttpRequest” (case-insensitive). All major JavaScript libraries send this header with every Ajax request.

Returns:

  • (Boolean)


154
155
156
# File 'actionpack/lib/action_dispatch/http/request.rb', line 154

def xml_http_request?
  @env['HTTP_X_REQUESTED_WITH'] =~ /XMLHttpRequest/i
end