Class: ActionDispatch::Request
Relationships & Source Files | |
Extension / Inclusion / Inheritance Descendants | |
Subclasses:
|
|
Super Chains via Extension / Inclusion / Inheritance | |
Instance Chain:
self,
Flash::RequestMethods ,
Rack::Request::Env,
PermissionsPolicy::Request ,
ContentSecurityPolicy::Request ,
Http::URL ,
Http::FilterParameters ,
Http::Parameters ,
Http::MimeNegotiation ,
Http::Cache::Request ,
Rack::Request::Helpers
|
|
Inherits: | Object |
Defined in: | actionpack/lib/action_dispatch/http/request.rb, actionpack/lib/action_dispatch/middleware/cookies.rb, actionpack/lib/action_dispatch/middleware/flash.rb, actionpack/lib/action_dispatch/request/session.rb, actionpack/lib/action_dispatch/request/utils.rb |
Constant Summary
-
ENV_METHODS =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 34%w[ AUTH_TYPE GATEWAY_INTERFACE PATH_TRANSLATED REMOTE_HOST REMOTE_IDENT REMOTE_USER REMOTE_ADDR SERVER_NAME SERVER_PROTOCOL ORIGINAL_SCRIPT_NAME HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM HTTP_NEGOTIATE HTTP_PRAGMA HTTP_CLIENT_IP HTTP_X_FORWARDED_FOR HTTP_ORIGIN HTTP_VERSION HTTP_X_CSRF_TOKEN HTTP_X_REQUEST_ID HTTP_X_FORWARDED_HOST SERVER_ADDR ].freeze
-
HTTP_METHODS =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 131RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC4791 + RFC5789
-
HTTP_METHOD_LOOKUP =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 133{}
-
LOCALHOST =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 32Regexp.union [/^127\.\d{1,3}\.\d{1,3}\.\d{1,3}$/, /^::1$/, /^0:0:0:0:0:0:0:1(%.*)?$/]
-
RFC2518 =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 123%w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
-
RFC2616 =
List of HTTP request methods from the following RFCs: Hypertext Transfer Protocol – HTTP/1.1 (www.ietf.org/rfc/rfc2616.txt) HTTP Extensions for Distributed Authoring – WEBDAV (www.ietf.org/rfc/rfc2518.txt) Versioning Extensions to WebDAV (www.ietf.org/rfc/rfc3253.txt) Ordered Collections Protocol (WebDAV) (www.ietf.org/rfc/rfc3648.txt) Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (www.ietf.org/rfc/rfc3744.txt) Web Distributed Authoring and Versioning (WebDAV) SEARCH (www.ietf.org/rfc/rfc5323.txt) Calendar Extensions to WebDAV (www.ietf.org/rfc/rfc4791.txt) PATCH Method for HTTP (www.ietf.org/rfc/rfc5789.txt)
%w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
-
RFC3253 =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 124%w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
-
RFC3648 =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 125%w(ORDERPATCH)
-
RFC3744 =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 126%w(ACL)
-
RFC4791 =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 128%w(MKCALENDAR)
-
RFC5323 =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 127%w(SEARCH)
-
RFC5789 =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 129%w(PATCH)
Http::Cache::Request
- Included
HTTP_IF_MODIFIED_SINCE, HTTP_IF_NONE_MATCH
Http::MimeNegotiation
- Included
BROWSER_LIKE_ACCEPTS, RESCUABLE_MIME_FORMAT_ERRORS
Http::Parameters
- Included
DEFAULT_PARSERS, PARAMETERS_KEY
Http::URL
- Included
HOST_REGEXP, IP_HOST_REGEXP, PROTOCOL_REGEXP
ContentSecurityPolicy::Request
- Included
NONCE, NONCE_DIRECTIVES, NONCE_GENERATOR, POLICY, POLICY_REPORT_ONLY
PermissionsPolicy::Request
- Included
Http::MimeNegotiation
- Attributes & Methods
- .ignore_accept_header (also: #ignore_accept_header) rw
- #ignore_accept_header rw
Http::Parameters
- Attributes & Methods
-
.parameter_parsers
readonly
Returns the parameter parsers.
Class Method Summary
- .empty
- .new(env) ⇒ Request constructor
Instance Attribute Summary
- #cookie_jar rw
-
#form_data? ⇒ Boolean
readonly
Determine whether the request body contains form-data by checking the request Content-Type for one of the media-types: “application/x-www-form-urlencoded” or “multipart/form-data”.
-
#local? ⇒ Boolean
readonly
True if the request came from localhost, 127.0.0.1, or ::1.
- #remote_ip rw
- #remote_ip=(remote_ip) rw
-
#request_id
(also: #uuid)
rw
Returns the unique request id, which is based on either the X-Request-Id header that can be generated by a firewall, load balancer, or web server or by the
RequestId
middleware (which sets the action_dispatch.request_id environment variable). -
#request_method
rw
Returns the HTTP method that the application should see.
-
#request_parameters
rw
Alias for #POST.
- #request_parameters=(params) rw
- #session_options=(options) writeonly
- #ssl? ⇒ Boolean readonly
-
#uuid
readonly
Alias for #request_id.
-
#xhr?
readonly
Alias for #xml_http_request?.
-
#xml_http_request? ⇒ Boolean
(also: #xhr?)
readonly
Returns true if the “X-Requested-With” header contains “XMLHttpRequest” (case-insensitive), which may need to be manually added depending on the choice of JavaScript libraries and frameworks.
Flash::RequestMethods
- Included
PermissionsPolicy::Request
- Included
ContentSecurityPolicy::Request
- Included
Http::URL
- Included
#secure_protocol, | |
#standard_port | Returns the standard port number for this request’s protocol. |
#standard_port? | Returns whether this request is using the standard port. |
#tld_length |
Http::Parameters
- Included
#path_parameters | Returns a hash with the parameters used to form the path of the request. |
Http::MimeNegotiation
- Included
#formats, | |
#formats= | Sets the formats by string extensions. |
#should_apply_vary_header?, #variant, | |
#variant= | Sets the variant for template. |
#params_readable? |
Instance Method Summary
-
#authorization
Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.
-
#body
The request body is an
::IO
input stream. - #commit_flash
-
#content_length
Returns the content length of the request as an integer.
- #controller_class
- #controller_class_for(name)
-
#fullpath
Returns the
::String
full path including params of the last URL requested. -
GET
(also: #query_parameters)
Override Rack’s #GET method to support indifferent access.
-
#headers
Provides access to the request’s HTTP headers, for example:
- #http_auth_salt
-
#ip
Returns the IP address of client as a
::String
. -
#key?(key) ⇒ Boolean
Returns true if the request has a header matching the given key parameter.
- #logger
-
#media_type
The
::String
MIME type of the request. -
#method
Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware.
-
#method_symbol
Returns a symbol form of the #method.
-
#original_fullpath
Returns a
::String
with the last requested path including their params. -
#original_url
Returns the original request URL as a
::String
. -
POST
(also: #request_parameters)
Override Rack’s #POST method to support indifferent access.
-
#query_parameters
Alias for #GET.
-
#raw_post
Read the request body.
-
#request_method_symbol
Returns a symbol form of the #request_method.
-
#reset_session
TODO This should be broken apart into
AD::Request::Session
and probably be included by the session middleware. -
#send_early_hints(links)
Early Hints is an HTTP/2 status code that indicates hints to help a client start making preparations for processing the final response.
-
#server_software
Returns the lowercase name of the HTTP server software.
ContentSecurityPolicy::Request
- Included
Http::URL
- Included
#domain | Returns the domain part of a host, such as “rubyonrails.org” in “www.rubyonrails.org”. |
#host | Returns the host for this request, such as “example.com”. |
#host_with_port | Returns a host:port string for this request, such as “example.com” or “example.com:8080”. |
#initialize, | |
#optional_port | Returns a number port suffix like 8080 if the port number of this request is not the default HTTP port 80 or HTTPS port 443. |
#port | Returns the port number of this request as an integer. |
#port_string | Returns a string port suffix, including colon, like “:8080” if the port number of this request is not the default HTTP port 80 or HTTPS port 443. |
#protocol | Returns ‘https://’ if this is an |
#raw_host_with_port | Returns the host and port for this request, such as “example.com:8080”. |
#server_port | Returns the requested port, such as 8080, based on SERVER_PORT. |
#subdomain | Returns all the subdomains as a string, so |
#subdomains | Returns all the subdomains as an array, so |
#url | Returns the complete URL used for this request. |
Http::FilterParameters
- Included
#filtered_env | Returns a hash of request.env with all sensitive data replaced. |
#filtered_parameters | Returns a hash of parameters with all sensitive data replaced. |
#filtered_path | Reconstructs a path with all sensitive #GET parameters replaced. |
#initialize, #env_filter, #filtered_query_string, #parameter_filter, #parameter_filter_for |
Http::Parameters
- Included
#parameters | |
#params | Alias for Http::Parameters#parameters. |
Http::MimeNegotiation
- Included
#accepts | Returns the accepted MIME type for the request. |
#content_mime_type | The MIME type of the HTTP request, such as Mime. |
#content_type, | |
#format | Returns the MIME type for the format used in the request. |
#format= | Sets the format by string extension, which can be used to force custom formats that are not controlled by the extension. |
#negotiate_mime | Returns the first MIME type that matches the provided array of MIME types. |
#format_from_path_extension, #use_accept_header, #valid_accept_header |
Http::Cache::Request
- Included
#etag_matches?, | |
#fresh? | Check response freshness (Last-Modified and ETag) against request If-Modified-Since and If-None-Match conditions. |
#if_modified_since, #if_none_match, #if_none_match_etags, #not_modified? |
Constructor Details
.new(env) ⇒ Request
# File 'actionpack/lib/action_dispatch/http/request.rb', line 63
def initialize(env) super @method = nil @request_method = nil @remote_ip = nil @original_fullpath = nil @fullpath = nil @ip = nil end
Class Attribute Details
.ignore_accept_header (rw) Also known as: #ignore_accept_header
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/mime_negotiation.rb', line 18
mattr_accessor :ignore_accept_header, default: false
.parameter_parsers (readonly)
Returns the parameter parsers.
# File 'actionpack/lib/action_dispatch/http/parameters.rb', line 28
attr_reader :parameter_parsers
Class Method Details
.empty
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 59
def self.empty new({}) end
Instance Attribute Details
#cookie_jar (rw)
[ GitHub ]
#form_data? ⇒ Boolean
(readonly)
Determine whether the request body contains form-data by checking the request Content-Type for one of the media-types: “application/x-www-form-urlencoded” or “multipart/form-data”. The list of form-data media types can be modified through the FORM_DATA_MEDIA_TYPES
array.
A request body is not assumed to contain form-data when no Content-Type header is provided and the request_method is #POST.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 354
def form_data? FORM_DATA_MEDIA_TYPES.include?(media_type) end
#ignore_accept_header (rw)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/mime_negotiation.rb', line 18
mattr_accessor :ignore_accept_header, default: false
#local? ⇒ Boolean
(readonly)
True if the request came from localhost, 127.0.0.1, or ::1.
#remote_ip (rw)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 292
def remote_ip @remote_ip ||= (get_header("action_dispatch.remote_ip") || ip).to_s end
#remote_ip=(remote_ip) (rw)
[ GitHub ]#request_id (rw) Also known as: #uuid
Returns the unique request id, which is based on either the X-Request-Id header that can be generated by a firewall, load balancer, or web server or by the RequestId
middleware (which sets the action_dispatch.request_id environment variable).
This unique ID is useful for tracing a request from end-to-end as part of logging or debugging. This relies on the ::Rack
variable set by the RequestId
middleware.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 309
def request_id get_header ACTION_DISPATCH_REQUEST_ID end
#request_method (rw)
Returns the HTTP method that the application should see. In the case where the method was overridden by a middleware (for instance, if a HEAD request was converted to a #GET, or if a _method parameter was used to determine the method the application should use), this method returns the overridden value, not the original.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 148
def request_method @request_method ||= check_method(super) end
#request_parameters (rw)
Alias for #POST.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 409
alias :request_parameters :POST
#request_parameters=(params) (rw)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 425
def request_parameters=(params) raise if params.nil? set_header("action_dispatch.request.request_parameters", params) end
#session_options=(options) (writeonly)
[ GitHub ]
#ssl? ⇒ Boolean
(readonly)
[ GitHub ]
# File 'actionpack/lib/action_dispatch/http/request.rb', line 437
def ssl? super || scheme == "wss" end
#uuid (readonly)
Alias for #request_id.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 317
alias_method :uuid, :request_id
#xhr? (readonly)
Alias for #xml_http_request?.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 283
alias :xhr? :xml_http_request?
#xml_http_request? ⇒ Boolean
(readonly)
Also known as: #xhr?
Returns true if the “X-Requested-With” header contains “XMLHttpRequest” (case-insensitive), which may need to be manually added depending on the choice of JavaScript libraries and frameworks.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 280
def xml_http_request? /XMLHttpRequest/i.match?(get_header("HTTP_X_REQUESTED_WITH")) end
Instance Method Details
#authorization
Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 413
def get_header("HTTP_AUTHORIZATION") || get_header("X-HTTP_AUTHORIZATION") || get_header("X_HTTP_AUTHORIZATION") || get_header("REDIRECT_X_HTTP_AUTHORIZATION") end
#body
The request body is an ::IO
input stream. If the RAW_POST_DATA environment variable is already set, wrap it in a StringIO.
#commit_flash
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 434
def commit_flash end
#content_length
Returns the content length of the request as an integer.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 273
def content_length super.to_i end
#controller_class
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 82
def controller_class params = path_parameters params[:action] ||= "index" controller_class_for(params[:controller]) end
#controller_class_for(name)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 88
def controller_class_for(name) if name controller_param = name.underscore const_name = controller_param.camelize << "Controller" begin ActiveSupport::Dependencies.constantize(const_name) rescue NameError => error if error.missing_name == const_name || const_name.start_with?("#{error.missing_name}::") raise MissingController.new(error., error.name) else raise end end else PASS_NOT_FOUND end end
#fullpath
Returns the ::String
full path including params of the last URL requested.
# get "/articles"
request.fullpath # => "/articles"
# get "/articles?page=2"
request.fullpath # => "/articles?page=2"
# File 'actionpack/lib/action_dispatch/http/request.rb', line 252
def fullpath @fullpath ||= super end
GET Also known as: #query_parameters
Override Rack’s GET
method to support indifferent access.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 381
def GET fetch_header("action_dispatch.request.query_parameters") do |k| rack_query_params = super || {} controller = path_parameters[:controller] action = path_parameters[:action] rack_query_params = Request::Utils.set_binary_encoding(self, rack_query_params, controller, action) # Check for non UTF-8 parameter values, which would cause errors later Request::Utils.check_param_encoding(rack_query_params) set_header k, Request::Utils.normalize_encode_params(rack_query_params) end rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e raise ActionController::BadRequest.new("Invalid query parameters: #{e.}") end
#headers
Provides access to the request’s HTTP headers, for example:
request.headers["Content-Type"] # => "text/plain"
#http_auth_salt
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 182
def http_auth_salt get_header "action_dispatch.http_auth_salt" end
#ip
Returns the IP address of client as a ::String
.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 286
def ip @ip ||= super end
#key?(key) ⇒ Boolean
Returns true if the request has a header matching the given key parameter.
request.key? :ip_spoofing_check # => true
# File 'actionpack/lib/action_dispatch/http/request.rb', line 109
def key?(key) has_header? key end
#logger
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 430
def logger get_header("action_dispatch.logger") end
#media_type
The ::String
MIME type of the request.
# get "/articles"
request.media_type # => "application/x-www-form-urlencoded"
# File 'actionpack/lib/action_dispatch/http/request.rb', line 268
def media_type content_mime_type.to_s end
#method
Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware. See #request_method for more information.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 201
def method @method ||= check_method(get_header("rack.methodoverride.original_method") || get_header("REQUEST_METHOD")) end
#method_symbol
Returns a symbol form of the #method.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 206
def method_symbol HTTP_METHOD_LOOKUP[method] end
#original_fullpath
Returns a ::String
with the last requested path including their params.
# get '/foo'
request.original_fullpath # => '/foo'
# get '/foo?bar'
request.original_fullpath # => '/foo?bar'
# File 'actionpack/lib/action_dispatch/http/request.rb', line 241
def original_fullpath @original_fullpath ||= (get_header("ORIGINAL_FULLPATH") || fullpath) end
#original_url
Returns the original request URL as a ::String
.
# get "/articles?page=2"
request.original_url # => "http://www.example.com/articles?page=2"
# File 'actionpack/lib/action_dispatch/http/request.rb', line 260
def original_url base_url + original_fullpath end
POST Also known as: #request_parameters
Override Rack’s POST
method to support indifferent access.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 397
def POST fetch_header("action_dispatch.request.request_parameters") do pr = parse_formatted_parameters(params_parsers) do |params| super || {} end pr = Request::Utils.set_binary_encoding(self, pr, path_parameters[:controller], path_parameters[:action]) Request::Utils.check_param_encoding(pr) self.request_parameters = Request::Utils.normalize_encode_params(pr) end rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e raise ActionController::BadRequest.new("Invalid request parameters: #{e.}") end
#query_parameters
Alias for #GET.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 394
alias :query_parameters :GET
#raw_post
Read the request body. This is useful for web services that need to work with raw requests directly.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 326
def raw_post unless has_header? "RAW_POST_DATA" raw_post_body = body set_header("RAW_POST_DATA", raw_post_body.read(content_length)) raw_post_body.rewind if raw_post_body.respond_to?(:rewind) end get_header "RAW_POST_DATA" end
#request_method_symbol
Returns a symbol form of the #request_method.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 194
def request_method_symbol HTTP_METHOD_LOOKUP[request_method] end
#reset_session
TODO This should be broken apart into AD::Request::Session
and probably be included by the session middleware.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 364
def reset_session if session && session.respond_to?(:destroy) session.destroy else self.session = {} end end
#send_early_hints(links)
Early Hints is an HTTP/2 status code that indicates hints to help a client start making preparations for processing the final response.
If the env contains rack.early_hints
then the server accepts HTTP2 push for Link headers.
The send_early_hints
method accepts a hash of links as follows:
send_early_hints("Link" => "</style.css>; rel=preload; as=style\n</script.js>; rel=preload")
If you are using javascript_include_tag
or stylesheet_link_tag
the Early Hints headers are included by default if supported.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 228
def send_early_hints(links) return unless env["rack.early_hints"] env["rack.early_hints"].call(links) end
#server_software
Returns the lowercase name of the HTTP server software.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 320
def server_software (get_header("SERVER_SOFTWARE") && /^([a-zA-Z]+)/ =~ get_header("SERVER_SOFTWARE")) ? $1.downcase : nil end