Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Revert "fix the Flash middleware loading the session on every request…

… (very dangerous especially with Rack::Cache), it should only be loaded when the flash method is called"

This reverts commits e3069c6 and 2b2983d.

Reason: This add a non-backward compatible change in the way that flash
works now (swept in every request).
  • Loading branch information...
commit 3cba6eee66a4c25b93839ea6fd1da08d7780f2de 1 parent f7cde3e
@rafaelfranca rafaelfranca authored
View
1  actionpack/lib/action_controller/test_case.rb
@@ -460,6 +460,7 @@ def process(action, parameters = nil, session = nil, flash = nil, http_method =
@request.session = ActionController::TestSession.new(session) if session
@request.session["flash"] = @request.flash.update(flash || {})
+ @request.session["flash"].sweep
@controller.request = @request
build_request_uri(action, parameters)
View
9 actionpack/lib/action_dispatch/middleware/flash.rb
@@ -4,7 +4,7 @@ class Request
# read a notice you put there or <tt>flash["notice"] = "hello"</tt>
# to put a new one.
def flash
- @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new).tap(&:sweep)
+ @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new)
end
end
@@ -235,6 +235,10 @@ def initialize(app)
end
def call(env)
+ if (session = env['rack.session']) && (flash = session['flash'])
+ flash.sweep
+ end
+
@app.call(env)
ensure
session = env['rack.session'] || {}
@@ -251,8 +255,7 @@ def call(env)
env[KEY] = new_hash
end
- if (!session.respond_to?(:loaded?) || session.loaded?) && # (reset_session uses {}, which doesn't implement #loaded?)
- session.key?('flash') && session['flash'].empty?
+ if session.key?('flash') && session['flash'].empty?
session.delete('flash')
end
end
View
20 railties/test/application/middleware/session_test.rb
@@ -26,25 +26,5 @@ def app
require "#{app_path}/config/environment"
assert app.config.session_options[:secure], "Expected session to be marked as secure"
end
-
- test "session is not loaded if it's not used" do
- make_basic_app
-
- class ::OmgController < ActionController::Base
- def index
- if params[:flash]
- flash[:notice] = "notice"
- end
-
- render :nothing => true
- end
- end
-
- get "/?flash=true"
- get "/"
-
- assert last_request.env["HTTP_COOKIE"]
- assert !last_response.headers["Set-Cookie"]
- end
end
end

6 comments on commit 3cba6ee

@willbryant

But that behavior was itself a backwards-incompatible behavior regression in 3.1!

@rafaelfranca

So it should be reverted in 3.1 too

@willbryant

What I mean is that this revert is putting it back to behavior that was itself a regression. It should never have been that way in the first place, it happened because of what was supposed to be refactoring (moving ActionController code to Rack middleware) accidentally changed the behavior.

@rafaelfranca

Wich behaviour? The flash behaviour was always this, swept in every request

@willbryant

Not true, go test on older versions of rails. It was only swept if the flash object was loaded.

There was even test coverage that was supposed to prove that it didn't do that. Unfortunately the actioncontroller test harness code did not behave the same way as the Rack middleware, so the test was passing even though it didn't have the same behavior any more.

@rafaelfranca

This is how it was working in 3.1 and 3.2.

f7cde3e

We can't change a behavior in a stable release so it was reverted in 3.2 and should be reverted in 3.1. I didn't reverted on master exactly because this behaviour you proposed can be the right.

Please sign in to comment.
Something went wrong with that request. Please try again.