123456789_123456789_123456789_123456789_123456789_

Class: ActionDispatch::Request

Constant Summary

Http::Cache::Request - Included

HTTP_IF_MODIFIED_SINCE, HTTP_IF_NONE_MATCH

Http::MimeNegotiation - Included

BROWSER_LIKE_ACCEPTS, RESCUABLE_MIME_FORMAT_ERRORS

Http::Parameters - Included

DEFAULT_PARSERS, PARAMETERS_KEY

Http::FilterParameters - Included

ENV_MATCH, NULL_ENV_FILTER, NULL_PARAM_FILTER

Http::URL - Included

HOST_REGEXP, IP_HOST_REGEXP, PROTOCOL_REGEXP

ContentSecurityPolicy::Request - Included

NONCE, NONCE_DIRECTIVES, NONCE_GENERATOR, POLICY, POLICY_REPORT_ONLY

PermissionsPolicy::Request - Included

POLICY

Http::MimeNegotiation - Attributes & Methods

Http::Parameters - Attributes & Methods

Class Method Summary

Instance Attribute Summary

Flash::RequestMethods - Included

#flash

Access the contents of the flash.

#flash=

PermissionsPolicy::Request - Included

ContentSecurityPolicy::Request - Included

Http::URL - Included

#secure_protocol,
#standard_port

Returns the standard port number for this request’s protocol.

#standard_port?

Returns whether this request is using the standard port.

#tld_length

Http::Parameters - Included

#path_parameters

Returns a hash with the parameters used to form the path of the request.

#path_parameters=

Http::MimeNegotiation - Included

#formats,
#formats=

Sets the formats by string extensions.

#should_apply_vary_header?, #variant,
#variant=

Sets the variant for template.

#params_readable?, #has_content_type?

Http::Cache::Request - Included

Instance Method Summary

Flash::RequestMethods - Included

ContentSecurityPolicy::Request - Included

Http::URL - Included

#domain

Returns the domain part of a host, such as “rubyonrails.org” in “www.rubyonrails.org”.

#host

Returns the host for this request, such as “example.com”.

#host_with_port

Returns a host:port string for this request, such as “example.com” or “example.com:8080”.

#initialize,
#optional_port

Returns a number port suffix like 8080 if the port number of this request is not the default HTTP port 80 or HTTPS port 443.

#port

Returns the port number of this request as an integer.

#port_string

Returns a string port suffix, including colon, like “:8080” if the port number of this request is not the default HTTP port 80 or HTTPS port 443.

#protocol

Returns ‘https://’ if this is an SSL request and ‘http://’ otherwise.

#raw_host_with_port

Returns the host and port for this request, such as “example.com:8080”.

#server_port

Returns the requested port, such as 8080, based on SERVER_PORT.

#subdomain

Returns all the subdomains as a string, so “dev.www” would be returned for “dev.www.rubyonrails.org”.

#subdomains

Returns all the subdomains as an array, so ["dev", "www"] would be returned for “dev.www.rubyonrails.org”.

#url

Returns the complete URL used for this request.

Http::FilterParameters - Included

#filtered_env

Returns a hash of request.env with all sensitive data replaced.

#filtered_parameters

Returns a hash of parameters with all sensitive data replaced.

#filtered_path

Reconstructs a path with all sensitive #GET parameters replaced.

#initialize,
#parameter_filter

Returns the ::ActiveSupport::ParameterFilter object used to filter in this request.

#env_filter, #filtered_query_string, #parameter_filter_for

Http::Parameters - Included

Http::MimeNegotiation - Included

#accepts

Returns the accepted MIME type for the request.

#content_mime_type

The MIME type of the HTTP request, such as [Mime](:xml).

#format

Returns the MIME type for the format used in the request.

#format=

Sets the format by string extension, which can be used to force custom formats that are not controlled by the extension.

#negotiate_mime

Returns the first MIME type that matches the provided array of MIME types.

#format_from_path_extension, #use_accept_header, #valid_accept_header

Http::Cache::Request - Included

#etag_matches?,
#fresh?

Check response freshness (‘Last-Modified` and ETag) against request If-Modified-Since and If-None-Match conditions.

#if_modified_since, #if_none_match, #if_none_match_etags, #not_modified?

Constructor Details

.new(env) ⇒ Request

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 64

def initialize(env)
  super

  @rack_request = Rack::Request.new(env)

  @method            = nil
  @request_method    = nil
  @remote_ip         = nil
  @original_fullpath = nil
  @fullpath          = nil
  @ip                = nil
end

Class Attribute Details

.ignore_accept_header (rw) Also known as: #ignore_accept_header

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/mime_negotiation.rb', line 20

mattr_accessor :ignore_accept_header, default: false

.parameter_parsers (readonly)

Returns the parameter parsers.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/parameters.rb', line 30

attr_reader :parameter_parsers

Class Method Details

.empty

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 60

def self.empty
  new({})
end

Instance Attribute Details

#controller_instance (rw)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 190

def controller_instance # :nodoc:
  get_header("action_controller.instance")
end

#controller_instance=(controller) (rw)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 194

def controller_instance=(controller) # :nodoc:
  set_header("action_controller.instance", controller)
end

#form_data?Boolean (readonly)

Determine whether the request body contains form-data by checking the request Content-Type for one of the media-types: application/x-www-form-urlencoded or multipart/form-data. The list of form-data media types can be modified through the FORM_DATA_MEDIA_TYPES array.

A request body is not assumed to contain form-data when no Content-Type header is provided and the request_method is #POST.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 372

def form_data?
  FORM_DATA_MEDIA_TYPES.include?(media_type)
end

#ignore_accept_header (rw)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/mime_negotiation.rb', line 20

mattr_accessor :ignore_accept_header, default: false

#local?Boolean (readonly)

True if the request came from localhost, 127.0.0.1, or ::1.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 467

def local?
  LOCALHOST.match?(remote_addr) && LOCALHOST.match?(remote_ip)
end

#rack_request (readonly)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 77

attr_reader :rack_request

#remote_ip (rw)

Returns the IP address of client as a ::String, usually set by the RemoteIp middleware.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 311

def remote_ip
  @remote_ip ||= (get_header("action_dispatch.remote_ip") || ip).to_s
end

#remote_ip=(remote_ip) (rw)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 315

def remote_ip=(remote_ip)
  @remote_ip = nil
  set_header "action_dispatch.remote_ip", remote_ip
end

#request_id (rw) Also known as: #uuid

Returns the unique request id, which is based on either the X-Request-Id header that can be generated by a firewall, load balancer, or web server, or by the RequestId middleware (which sets the action_dispatch.request_id environment variable).

This unique ID is useful for tracing a request from end-to-end as part of logging or debugging. This relies on the ::Rack variable set by the RequestId middleware.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 330

def request_id
  get_header ACTION_DISPATCH_REQUEST_ID
end

#request_id=(id) (rw)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 334

def request_id=(id) # :nodoc:
  set_header ACTION_DISPATCH_REQUEST_ID, id
end

#request_method (rw)

Returns the HTTP method that the application should see. In the case where the method was overridden by a middleware (for instance, if a HEAD request was converted to a #GET, or if a _method parameter was used to determine the method the application should use), this method returns the overridden value, not the original.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 152

def request_method
  @request_method ||= check_method(super)
end

#request_method=(request_method) (rw)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 184

def request_method=(request_method) # :nodoc:
  if check_method(request_method)
    @request_method = set_header("REQUEST_METHOD", request_method)
  end
end

#request_parameters (rw)

Alias for #POST.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 434

alias :request_parameters :POST

#request_parameters=(params) (rw)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 471

def request_parameters=(params)
  raise if params.nil?
  set_header("action_dispatch.request.request_parameters", params)
end

#route_uri_pattern (rw)

Returns the URI pattern of the matched route for the request, using the same format as ‘bin/rails routes`:

request.route_uri_pattern # => "/:controller(/:action(/:id))(.:format)"
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 160

def route_uri_pattern
  get_header("action_dispatch.route_uri_pattern")
end

#route_uri_pattern=(pattern) (rw)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 164

def route_uri_pattern=(pattern) # :nodoc:
  set_header("action_dispatch.route_uri_pattern", pattern)
end

#routes (rw)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 168

def routes # :nodoc:
  get_header("action_dispatch.routes")
end

#routes=(routes) (rw)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 172

def routes=(routes) # :nodoc:
  set_header("action_dispatch.routes", routes)
end

#session=(session) (writeonly)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 385

def session=(session) # :nodoc:
  Session.set self, session
end

#session_options=(options) (writeonly)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 389

def session_options=(options)
  Session::Options.set self, options
end

#uuid (readonly)

Alias for #request_id.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 338

alias_method :uuid, :request_id

#xhr? (readonly)

Alias for #xml_http_request?.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 302

alias :xhr? :xml_http_request?

#xml_http_request?Boolean (readonly) Also known as: #xhr?

Returns true if the X-Requested-With header contains “XMLHttpRequest” (case-insensitive), which may need to be manually added depending on the choice of JavaScript libraries and frameworks.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 299

def xml_http_request?
  /XMLHttpRequest/i.match?(get_header("HTTP_X_REQUESTED_WITH"))
end

Instance Method Details

#authorization

Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 459

def authorization
  get_header("HTTP_AUTHORIZATION")   ||
  get_header("X-HTTP_AUTHORIZATION") ||
  get_header("X_HTTP_AUTHORIZATION") ||
  get_header("REDIRECT_X_HTTP_AUTHORIZATION")
end

#body

The request body is an ::IO input stream. If the RAW_POST_DATA environment variable is already set, wrap it in a StringIO.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 356

def body
  if raw_post = get_header("RAW_POST_DATA")
    raw_post = (+raw_post).force_encoding(Encoding::BINARY)
    StringIO.new(raw_post)
  else
    body_stream
  end
end

#body_stream

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 376

def body_stream # :nodoc:
  get_header("rack.input")
end

#check_method(name) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 496

def check_method(name)
  if name
    HTTP_METHOD_LOOKUP[name] || raise(ActionController::UnknownHttpMethod, "#{name}, accepted HTTP methods are #{HTTP_METHODS.to_sentence(locale: false)}")
  end

  name
end

#commit_csrf_token

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 491

def commit_csrf_token
  controller_instance.commit_csrf_token(self) if controller_instance.respond_to?(:commit_csrf_token)
end

#commit_flash

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 480

def commit_flash
end

#content_length

Returns the content length of the request as an integer.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 291

def content_length
  return raw_post.bytesize if has_header?(TRANSFER_ENCODING)
  super.to_i
end

#controller_class

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 88

def controller_class
  params = path_parameters
  params[:action] ||= "index"
  controller_class_for(params[:controller])
end

#controller_class_for(name)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 94

def controller_class_for(name)
  if name
    controller_param = name.underscore
    const_name = controller_param.camelize << "Controller"
    begin
      const_name.constantize
    rescue NameError => error
      if error.missing_name == const_name || const_name.start_with?("#{error.missing_name}::")
        raise MissingController.new(error.message, error.name)
      else
        raise
      end
    end
  else
    PASS_NOT_FOUND
  end
end

#default_session (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 504

def default_session
  Session.disabled(self)
end

#engine_script_name(_routes)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 176

def engine_script_name(_routes) # :nodoc:
  get_header(_routes.env_key)
end

#engine_script_name=(name)

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 180

def engine_script_name=(name) # :nodoc:
  set_header(routes.env_key, name.dup)
end

#fallback_request_parameters (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 534

def fallback_request_parameters
  rack_request.POST
end

#fullpath

Returns the ::String full path including params of the last URL requested.

# get "/articles"
request.fullpath # => "/articles"

# get "/articles?page=2"
request.fullpath # => "/articles?page=2"
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 270

def fullpath
  @fullpath ||= super
end

GET Also known as: #query_parameters

Override Rack’s GET method to support indifferent access.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 394

def GET
  fetch_header("action_dispatch.request.query_parameters") do |k|
    encoding_template = Request::Utils::CustomParamEncoder.action_encoding_template(self, path_parameters[:controller], path_parameters[:action])
    rack_query_params = ActionDispatch::ParamBuilder.from_query_string(rack_request.query_string, encoding_template: encoding_template)

    set_header k, rack_query_params
  end
rescue ActionDispatch::ParamError => e
  raise ActionController::BadRequest.new("Invalid query parameters: #{e.message}")
end

#headers

Provides access to the request’s HTTP headers, for example:

request.headers["Content-Type"] # => "text/plain"
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 232

def headers
  @headers ||= Http::Headers.new(self)
end

#http_auth_salt

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 198

def http_auth_salt
  get_header "action_dispatch.http_auth_salt"
end

#inspect

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 483

def inspect # :nodoc:
  "#<#{self.class.name} #{method} #{original_url.dump} for #{remote_ip}>"
end

#ip

Returns the IP address of client as a ::String.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 305

def ip
  @ip ||= super
end

#key?(key) ⇒ Boolean

Returns true if the request has a header matching the given key parameter.

request.key? :ip_spoofing_check # => true
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 115

def key?(key)
  has_header? key
end

#logger

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 476

def logger
  get_header("action_dispatch.logger")
end

#media_type

The ::String MIME type of the request.

# get "/articles"
request.media_type # => "application/x-www-form-urlencoded"
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 286

def media_type
  content_mime_type&.to_s
end

#method(*args)

Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware. See #request_method for more information.

For debugging purposes, when called with arguments this method will fall back to Object#method

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 212

def method(*args)
  if args.empty?
    @method ||= check_method(
      get_header("rack.methodoverride.original_method") ||
      get_header("REQUEST_METHOD")
    )
  else
    super
  end
end

#method_symbol

Returns a symbol form of the #method.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 225

def method_symbol
  HTTP_METHOD_LOOKUP[method]
end

#original_fullpath

Returns a ::String with the last requested path including their params.

# get '/foo'
request.original_fullpath # => '/foo'

# get '/foo?bar'
request.original_fullpath # => '/foo?bar'
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 259

def original_fullpath
  @original_fullpath ||= (get_header("ORIGINAL_FULLPATH") || fullpath)
end

#original_url

Returns the original request URL as a ::String.

# get "/articles?page=2"
request.original_url # => "http://www.example.com/articles?page=2"
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 278

def original_url
  base_url + original_fullpath
end

POST Also known as: #request_parameters

Override Rack’s POST method to support indifferent access.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 407

def POST
  fetch_header("action_dispatch.request.request_parameters") do
    encoding_template = Request::Utils::CustomParamEncoder.action_encoding_template(self, path_parameters[:controller], path_parameters[:action])

    param_list = nil
    pr = parse_formatted_parameters(params_parsers) do
      if param_list = request_parameters_list
        ActionDispatch::ParamBuilder.from_pairs(param_list, encoding_template: encoding_template)
      else
        # We're not using a version of Rack that provides raw form
        # pairs; we must use its hash (and thus post-process it below).
        fallback_request_parameters
      end
    end

    # If the request body was parsed by a custom parser like JSON
    # (and thus the above block was not run), we need to
    # post-process the result hash.
    if param_list.nil?
      pr = ActionDispatch::ParamBuilder.from_hash(pr, encoding_template: encoding_template)
    end

    self.request_parameters = pr
  end
rescue ActionDispatch::ParamError, EOFError => e
  raise ActionController::BadRequest.new("Invalid request parameters: #{e.message}")
end

#query_parameters

Alias for #GET.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 404

alias :query_parameters :GET

#raw_post

Read the request body. This is useful for web services that need to work with raw requests directly.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 347

def raw_post
  unless has_header? "RAW_POST_DATA"
    set_header("RAW_POST_DATA", read_body_stream)
  end
  get_header "RAW_POST_DATA"
end

#raw_request_method

This method is for internal use only.
[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 145

alias raw_request_method request_method # :nodoc:

#read_body_stream (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 508

def read_body_stream
  if body_stream
    reset_stream(body_stream) do
      if has_header?(TRANSFER_ENCODING)
        body_stream.read # Read body stream until EOF if "Transfer-Encoding" is present
      else
        body_stream.read(content_length)
      end
    end
  end
end

#request_method_symbol

Returns a symbol form of the #request_method.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 203

def request_method_symbol
  HTTP_METHOD_LOOKUP[request_method]
end

#request_parameters_list

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 436

def request_parameters_list
  # We don't use Rack's parse result, but we must call it so Rack
  # can populate the rack.request.* keys we need.
  rack_post = rack_request.POST

  if form_pairs = get_header("rack.request.form_pairs")
    # Multipart
    form_pairs
  elsif form_vars = get_header("rack.request.form_vars")
    # URL-encoded
    ActionDispatch::QueryParser.each_pair(form_vars)
  elsif rack_post && !rack_post.empty?
    # It was multipart, but Rack did not preserve a pair list
    # (probably too old). Flat parameter list is not available.
    nil
  else
    # No request body, or not a format Rack knows
    []
  end
end

#reset_csrf_token

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 487

def reset_csrf_token
  controller_instance.reset_csrf_token(self) if controller_instance.respond_to?(:reset_csrf_token)
end

#reset_session

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 380

def reset_session
  session.destroy
  reset_csrf_token
end

#reset_stream(body_stream) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 520

def reset_stream(body_stream)
  if body_stream.respond_to?(:rewind)
    body_stream.rewind

    content = yield

    body_stream.rewind

    content
  else
    yield
  end
end

#send_early_hints(links)

Early Hints is an HTTP/2 status code that indicates hints to help a client start making preparations for processing the final response.

If the env contains rack.early_hints then the server accepts HTTP2 push for link headers.

The send_early_hints method accepts a hash of links as follows:

send_early_hints("link" => "</style.css>; rel=preload; as=style,</script.js>; rel=preload")

If you are using javascript_include_tag or stylesheet_link_tag the Early Hints headers are included by default if supported.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 248

def send_early_hints(links)
  env["rack.early_hints"]&.call(links)
end

#server_software

Returns the lowercase name of the HTTP server software.

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/request.rb', line 341

def server_software
  (get_header("SERVER_SOFTWARE") && /^([a-zA-Z]+)/ =~ get_header("SERVER_SOFTWARE")) ? $1.downcase : nil
end