Class: ActionDispatch::Request
Relationships & Source Files | |
Extension / Inclusion / Inheritance Descendants | |
Subclasses:
|
|
Super Chains via Extension / Inclusion / Inheritance | |
Instance Chain:
self,
Flash::RequestMethods ,
Rack::Request::Env,
PermissionsPolicy::Request ,
ContentSecurityPolicy::Request ,
Http::URL ,
Http::FilterParameters ,
Http::Parameters ,
Http::MimeNegotiation ,
Http::Cache::Request ,
Rack::Request::Helpers
|
|
Inherits: | Object |
Defined in: | actionpack/lib/action_dispatch/http/request.rb, actionpack/lib/action_dispatch/middleware/flash.rb, actionpack/lib/action_dispatch/request/session.rb, actionpack/lib/action_dispatch/request/utils.rb |
Constant Summary
-
ENV_METHODS =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 36%w[ AUTH_TYPE GATEWAY_INTERFACE PATH_TRANSLATED REMOTE_HOST REMOTE_IDENT REMOTE_USER REMOTE_ADDR SERVER_NAME SERVER_PROTOCOL ORIGINAL_SCRIPT_NAME HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM HTTP_NEGOTIATE HTTP_PRAGMA HTTP_CLIENT_IP HTTP_X_FORWARDED_FOR HTTP_ORIGIN HTTP_VERSION HTTP_X_CSRF_TOKEN HTTP_X_REQUEST_ID HTTP_X_FORWARDED_HOST ].freeze
-
HTTP_METHODS =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 136RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC4791 + RFC5789
-
HTTP_METHOD_LOOKUP =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 138{}
-
LOCALHOST =
# File 'actionpack/lib/action_dispatch/http/request.rb', line 34Regexp.union [/^127\.\d{1,3}\.\d{1,3}\.\d{1,3}$/, /^::1$/, /^0:0:0:0:0:0:0:1(%.*)?$/]
-
RFC2518 =
HTTP methods from [RFC 2518: HTTP Extensions for Distributed Authoring – WEBDAV](www.ietf.org/rfc/rfc2518.txt)
%w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
-
RFC2616 =
HTTP methods from [RFC 2616: Hypertext Transfer Protocol – HTTP/1.1](www.ietf.org/rfc/rfc2616.txt)
%w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
-
RFC3253 =
HTTP methods from [RFC 3253: Versioning Extensions to WebDAV](www.ietf.org/rfc/rfc3253.txt)
%w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
-
RFC3648 =
HTTP methods from [RFC 3648: WebDAV Ordered Collections Protocol](www.ietf.org/rfc/rfc3648.txt)
%w(ORDERPATCH)
-
RFC3744 =
HTTP methods from [RFC 3744: WebDAV Access Control Protocol](www.ietf.org/rfc/rfc3744.txt)
%w(ACL)
-
RFC4791 =
HTTP methods from [RFC 4791: Calendaring Extensions to WebDAV](www.ietf.org/rfc/rfc4791.txt)
%w(MKCALENDAR)
-
RFC5323 =
HTTP methods from [RFC 5323: WebDAV SEARCH](www.ietf.org/rfc/rfc5323.txt)
%w(SEARCH)
-
RFC5789 =
HTTP methods from [RFC 5789: PATCH Method for HTTP](www.ietf.org/rfc/rfc5789.txt)
%w(PATCH)
Http::Cache::Request
- Included
HTTP_IF_MODIFIED_SINCE, HTTP_IF_NONE_MATCH
Http::MimeNegotiation
- Included
BROWSER_LIKE_ACCEPTS, RESCUABLE_MIME_FORMAT_ERRORS
Http::Parameters
- Included
DEFAULT_PARSERS, PARAMETERS_KEY
Http::URL
- Included
HOST_REGEXP, IP_HOST_REGEXP, PROTOCOL_REGEXP
ContentSecurityPolicy::Request
- Included
NONCE, NONCE_DIRECTIVES, NONCE_GENERATOR, POLICY, POLICY_REPORT_ONLY
PermissionsPolicy::Request
- Included
Http::MimeNegotiation
- Attributes & Methods
- .ignore_accept_header (also: #ignore_accept_header) rw
- #ignore_accept_header rw
Http::Parameters
- Attributes & Methods
-
.parameter_parsers
readonly
Returns the parameter parsers.
Class Method Summary
- .empty
- .new(env) ⇒ Request constructor
Instance Attribute Summary
-
#form_data? ⇒ Boolean
readonly
Determine whether the request body contains form-data by checking the request
Content-Type
for one of the media-types:application/x-www-form-urlencoded
ormultipart/form-data
. -
#local? ⇒ Boolean
readonly
True if the request came from localhost, 127.0.0.1, or ::1.
- #rack_request readonly
- #remote_ip rw
- #remote_ip=(remote_ip) rw
-
#request_id
(also: #uuid)
rw
Returns the unique request id, which is based on either the
X-Request-Id
header that can be generated by a firewall, load balancer, or web server, or by theRequestId
middleware (which sets theaction_dispatch.request_id
environment variable). -
#request_method
rw
Returns the HTTP method that the application should see.
-
#request_parameters
rw
Alias for #POST.
- #request_parameters=(params) rw
-
#route_uri_pattern
rw
Returns the URI pattern of the matched route for the request, using the same format as ‘bin/rails routes`:
- #session_options=(options) writeonly
-
#uuid
readonly
Alias for #request_id.
-
#xhr?
readonly
Alias for #xml_http_request?.
-
#xml_http_request? ⇒ Boolean
(also: #xhr?)
readonly
Returns true if the
X-Requested-With
header contains “XMLHttpRequest” (case-insensitive), which may need to be manually added depending on the choice of JavaScript libraries and frameworks.
Flash::RequestMethods
- Included
PermissionsPolicy::Request
- Included
ContentSecurityPolicy::Request
- Included
Http::URL
- Included
#secure_protocol, | |
#standard_port | Returns the standard port number for this request’s protocol. |
#standard_port? | Returns whether this request is using the standard port. |
#tld_length |
Http::Parameters
- Included
#path_parameters | Returns a hash with the parameters used to form the path of the request. |
Http::MimeNegotiation
- Included
#formats, | |
#formats= | Sets the formats by string extensions. |
#should_apply_vary_header?, #variant, | |
#variant= | Sets the variant for template. |
Http::Cache::Request
- Included
Instance Method Summary
-
#authorization
Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.
-
#body
The request body is an
::IO
input stream. - #commit_csrf_token
- #commit_flash
-
#content_length
Returns the content length of the request as an integer.
- #controller_class
- #controller_class_for(name)
-
#fullpath
Returns the
::String
full path including params of the last URL requested. -
GET
(also: #query_parameters)
Override Rack’s #GET method to support indifferent access.
-
#headers
Provides access to the request’s HTTP headers, for example:
- #http_auth_salt
-
#ip
Returns the IP address of client as a
::String
. -
#key?(key) ⇒ Boolean
Returns true if the request has a header matching the given key parameter.
- #logger
-
#media_type
The
::String
MIME type of the request. -
#method(*args)
Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware.
-
#method_symbol
Returns a symbol form of the #method.
-
#original_fullpath
Returns a
::String
with the last requested path including their params. -
#original_url
Returns the original request URL as a
::String
. -
POST
(also: #request_parameters)
Override Rack’s #POST method to support indifferent access.
-
#query_parameters
Alias for #GET.
-
#raw_post
Read the request body.
-
#request_method_symbol
Returns a symbol form of the #request_method.
- #request_parameters_list
- #reset_csrf_token
- #reset_session
-
#send_early_hints(links)
Early Hints is an HTTP/2 status code that indicates hints to help a client start making preparations for processing the final response.
-
#server_software
Returns the lowercase name of the HTTP server software.
ContentSecurityPolicy::Request
- Included
Http::URL
- Included
#domain | Returns the domain part of a host, such as “rubyonrails.org” in “www.rubyonrails.org”. |
#host | Returns the host for this request, such as “example.com”. |
#host_with_port | Returns a host:port string for this request, such as “example.com” or “example.com:8080”. |
#initialize, | |
#optional_port | Returns a number port suffix like 8080 if the port number of this request is not the default HTTP port 80 or HTTPS port 443. |
#port | Returns the port number of this request as an integer. |
#port_string | Returns a string port suffix, including colon, like “:8080” if the port number of this request is not the default HTTP port 80 or HTTPS port 443. |
#protocol | Returns ‘https://’ if this is an |
#raw_host_with_port | Returns the host and port for this request, such as “example.com:8080”. |
#server_port | Returns the requested port, such as 8080, based on SERVER_PORT. |
#subdomain | Returns all the subdomains as a string, so |
#subdomains | Returns all the subdomains as an array, so |
#url | Returns the complete URL used for this request. |
Http::FilterParameters
- Included
#filtered_env | Returns a hash of request.env with all sensitive data replaced. |
#filtered_parameters | Returns a hash of parameters with all sensitive data replaced. |
#filtered_path | Reconstructs a path with all sensitive #GET parameters replaced. |
#initialize, | |
#parameter_filter | Returns the |
#env_filter, #filtered_query_string, #parameter_filter_for |
Http::Parameters
- Included
#parameters | |
#params | Alias for Http::Parameters#parameters. |
Http::MimeNegotiation
- Included
#accepts | Returns the accepted MIME type for the request. |
#content_mime_type | The MIME type of the HTTP request, such as [Mime](:xml). |
#format | Returns the MIME type for the format used in the request. |
#format= | Sets the format by string extension, which can be used to force custom formats that are not controlled by the extension. |
#negotiate_mime | Returns the first MIME type that matches the provided array of MIME types. |
Http::Cache::Request
- Included
#etag_matches?, | |
#fresh? | Check response freshness (‘Last-Modified` and |
#if_modified_since, #if_none_match, #if_none_match_etags, #not_modified? |
Constructor Details
.new(env) ⇒ Request
# File 'actionpack/lib/action_dispatch/http/request.rb', line 64
def initialize(env) super @rack_request = Rack::Request.new(env) @method = nil @request_method = nil @remote_ip = nil @original_fullpath = nil @fullpath = nil @ip = nil end
Class Attribute Details
.ignore_accept_header (rw) Also known as: #ignore_accept_header
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/mime_negotiation.rb', line 20
mattr_accessor :ignore_accept_header, default: false
.parameter_parsers (readonly)
Returns the parameter parsers.
# File 'actionpack/lib/action_dispatch/http/parameters.rb', line 30
attr_reader :parameter_parsers
Class Method Details
.empty
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 60
def self.empty new({}) end
Instance Attribute Details
#form_data? ⇒ Boolean
(readonly)
Determine whether the request body contains form-data by checking the request Content-Type
for one of the media-types: application/x-www-form-urlencoded
or multipart/form-data
. The list of form-data media types can be modified through the FORM_DATA_MEDIA_TYPES
array.
A request body is not assumed to contain form-data when no Content-Type
header is provided and the request_method is #POST.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 372
def form_data? FORM_DATA_MEDIA_TYPES.include?(media_type) end
#ignore_accept_header (rw)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/mime_negotiation.rb', line 20
mattr_accessor :ignore_accept_header, default: false
#local? ⇒ Boolean
(readonly)
True if the request came from localhost, 127.0.0.1, or ::1.
#rack_request (readonly)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 77
attr_reader :rack_request
#remote_ip (rw)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 311
def remote_ip @remote_ip ||= (get_header("action_dispatch.remote_ip") || ip).to_s end
#remote_ip=(remote_ip) (rw)
[ GitHub ]#request_id (rw) Also known as: #uuid
Returns the unique request id, which is based on either the X-Request-Id
header that can be generated by a firewall, load balancer, or web server, or by the RequestId
middleware (which sets the action_dispatch.request_id
environment variable).
This unique ID is useful for tracing a request from end-to-end as part of logging or debugging. This relies on the ::Rack
variable set by the RequestId
middleware.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 330
def request_id get_header ACTION_DISPATCH_REQUEST_ID end
#request_method (rw)
Returns the HTTP method that the application should see. In the case where the method was overridden by a middleware (for instance, if a HEAD request was converted to a #GET, or if a _method parameter was used to determine the method the application should use), this method returns the overridden value, not the original.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 152
def request_method @request_method ||= check_method(super) end
#request_parameters (rw)
Alias for #POST.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 434
alias :request_parameters :POST
#request_parameters=(params) (rw)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 471
def request_parameters=(params) raise if params.nil? set_header("action_dispatch.request.request_parameters", params) end
#route_uri_pattern (rw)
Returns the URI pattern of the matched route for the request, using the same format as ‘bin/rails routes`:
request.route_uri_pattern # => "/:controller(/:action(/:id))(.:format)"
# File 'actionpack/lib/action_dispatch/http/request.rb', line 160
def route_uri_pattern get_header("action_dispatch.route_uri_pattern") end
#session_options=(options) (writeonly)
[ GitHub ]#uuid (readonly)
Alias for #request_id.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 338
alias_method :uuid, :request_id
#xhr? (readonly)
Alias for #xml_http_request?.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 302
alias :xhr? :xml_http_request?
#xml_http_request? ⇒ Boolean
(readonly)
Also known as: #xhr?
Returns true if the X-Requested-With
header contains “XMLHttpRequest” (case-insensitive), which may need to be manually added depending on the choice of JavaScript libraries and frameworks.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 299
def xml_http_request? /XMLHttpRequest/i.match?(get_header("HTTP_X_REQUESTED_WITH")) end
Instance Method Details
#authorization
Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 459
def get_header("HTTP_AUTHORIZATION") || get_header("X-HTTP_AUTHORIZATION") || get_header("X_HTTP_AUTHORIZATION") || get_header("REDIRECT_X_HTTP_AUTHORIZATION") end
#body
The request body is an ::IO
input stream. If the RAW_POST_DATA environment variable is already set, wrap it in a StringIO.
#commit_csrf_token
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 491
def commit_csrf_token controller_instance.commit_csrf_token(self) if controller_instance.respond_to?(:commit_csrf_token) end
#commit_flash
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 480
def commit_flash end
#content_length
Returns the content length of the request as an integer.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 291
def content_length return raw_post.bytesize if has_header?(TRANSFER_ENCODING) super.to_i end
#controller_class
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 88
def controller_class params = path_parameters params[:action] ||= "index" controller_class_for(params[:controller]) end
#controller_class_for(name)
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 94
def controller_class_for(name) if name controller_param = name.underscore const_name = controller_param.camelize << "Controller" begin const_name.constantize rescue NameError => error if error.missing_name == const_name || const_name.start_with?("#{error.missing_name}::") raise MissingController.new(error., error.name) else raise end end else PASS_NOT_FOUND end end
#fullpath
Returns the ::String
full path including params of the last URL requested.
# get "/articles"
request.fullpath # => "/articles"
# get "/articles?page=2"
request.fullpath # => "/articles?page=2"
# File 'actionpack/lib/action_dispatch/http/request.rb', line 270
def fullpath @fullpath ||= super end
GET Also known as: #query_parameters
Override Rack’s GET
method to support indifferent access.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 394
def GET fetch_header("action_dispatch.request.query_parameters") do |k| encoding_template = Request::Utils::CustomParamEncoder.action_encoding_template(self, path_parameters[:controller], path_parameters[:action]) rack_query_params = ActionDispatch::ParamBuilder.from_query_string(rack_request.query_string, encoding_template: encoding_template) set_header k, rack_query_params end rescue ActionDispatch::ParamError => e raise ActionController::BadRequest.new("Invalid query parameters: #{e.}") end
#headers
Provides access to the request’s HTTP headers, for example:
request.headers["Content-Type"] # => "text/plain"
#http_auth_salt
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 198
def http_auth_salt get_header "action_dispatch.http_auth_salt" end
#ip
Returns the IP address of client as a ::String
.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 305
def ip @ip ||= super end
#key?(key) ⇒ Boolean
Returns true if the request has a header matching the given key parameter.
request.key? :ip_spoofing_check # => true
# File 'actionpack/lib/action_dispatch/http/request.rb', line 115
def key?(key) has_header? key end
#logger
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 476
def logger get_header("action_dispatch.logger") end
#media_type
The ::String
MIME type of the request.
# get "/articles"
request.media_type # => "application/x-www-form-urlencoded"
# File 'actionpack/lib/action_dispatch/http/request.rb', line 286
def media_type content_mime_type&.to_s end
#method(*args)
Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware. See #request_method for more information.
For debugging purposes, when called with arguments this method will fall back to Object#method
# File 'actionpack/lib/action_dispatch/http/request.rb', line 212
def method(*args) if args.empty? @method ||= check_method( get_header("rack.methodoverride.original_method") || get_header("REQUEST_METHOD") ) else super end end
#method_symbol
Returns a symbol form of the #method.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 225
def method_symbol HTTP_METHOD_LOOKUP[method] end
#original_fullpath
Returns a ::String
with the last requested path including their params.
# get '/foo'
request.original_fullpath # => '/foo'
# get '/foo?bar'
request.original_fullpath # => '/foo?bar'
# File 'actionpack/lib/action_dispatch/http/request.rb', line 259
def original_fullpath @original_fullpath ||= (get_header("ORIGINAL_FULLPATH") || fullpath) end
#original_url
Returns the original request URL as a ::String
.
# get "/articles?page=2"
request.original_url # => "http://www.example.com/articles?page=2"
# File 'actionpack/lib/action_dispatch/http/request.rb', line 278
def original_url base_url + original_fullpath end
POST Also known as: #request_parameters
Override Rack’s POST
method to support indifferent access.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 407
def POST fetch_header("action_dispatch.request.request_parameters") do encoding_template = Request::Utils::CustomParamEncoder.action_encoding_template(self, path_parameters[:controller], path_parameters[:action]) param_list = nil pr = parse_formatted_parameters(params_parsers) do if param_list = request_parameters_list ActionDispatch::ParamBuilder.from_pairs(param_list, encoding_template: encoding_template) else # We're not using a version of Rack that provides raw form # pairs; we must use its hash (and thus post-process it below). fallback_request_parameters end end # If the request body was parsed by a custom parser like JSON # (and thus the above block was not run), we need to # post-process the result hash. if param_list.nil? pr = ActionDispatch::ParamBuilder.from_hash(pr, encoding_template: encoding_template) end self.request_parameters = pr end rescue ActionDispatch::ParamError, EOFError => e raise ActionController::BadRequest.new("Invalid request parameters: #{e.}") end
#query_parameters
Alias for #GET.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 404
alias :query_parameters :GET
#raw_post
Read the request body. This is useful for web services that need to work with raw requests directly.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 347
def raw_post unless has_header? "RAW_POST_DATA" set_header("RAW_POST_DATA", read_body_stream) end get_header "RAW_POST_DATA" end
#request_method_symbol
Returns a symbol form of the #request_method.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 203
def request_method_symbol HTTP_METHOD_LOOKUP[request_method] end
#request_parameters_list
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 436
def request_parameters_list # We don't use Rack's parse result, but we must call it so Rack # can populate the rack.request.* keys we need. rack_post = rack_request.POST if form_pairs = get_header("rack.request.form_pairs") # Multipart form_pairs elsif form_vars = get_header("rack.request.form_vars") # URL-encoded ActionDispatch::QueryParser.each_pair(form_vars) elsif rack_post && !rack_post.empty? # It was multipart, but Rack did not preserve a pair list # (probably too old). Flat parameter list is not available. nil else # No request body, or not a format Rack knows [] end end
#reset_csrf_token
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 487
def reset_csrf_token controller_instance.reset_csrf_token(self) if controller_instance.respond_to?(:reset_csrf_token) end
#reset_session
[ GitHub ]# File 'actionpack/lib/action_dispatch/http/request.rb', line 380
def reset_session session.destroy reset_csrf_token end
#send_early_hints(links)
Early Hints is an HTTP/2 status code that indicates hints to help a client start making preparations for processing the final response.
If the env contains rack.early_hints
then the server accepts HTTP2 push for link headers.
The send_early_hints
method accepts a hash of links as follows:
send_early_hints("link" => "</style.css>; rel=preload; as=style,</script.js>; rel=preload")
If you are using javascript_include_tag
or stylesheet_link_tag
the Early Hints headers are included by default if supported.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 248
def send_early_hints(links) env["rack.early_hints"]&.call(links) end
#server_software
Returns the lowercase name of the HTTP server software.
# File 'actionpack/lib/action_dispatch/http/request.rb', line 341
def server_software (get_header("SERVER_SOFTWARE") && /^([a-zA-Z]+)/ =~ get_header("SERVER_SOFTWARE")) ? $1.downcase : nil end