Class: Rails::ApplicationController
Constant Summary
::ActionController::ParamsWrapper
- Included
::ActiveSupport::Callbacks
- Included
::ActionController::Rendering
- Included
::ActionController::DataStreaming
- Included
DEFAULT_SEND_FILE_DISPOSITION, DEFAULT_SEND_FILE_TYPE
::ActionController::RequestForgeryProtection
- Included
AUTHENTICITY_TOKEN_LENGTH, CROSS_ORIGIN_JAVASCRIPT_WARNING, CSRF_TOKEN, GLOBAL_CSRF_TOKEN_IDENTIFIER, NULL_ORIGIN_MESSAGE
::ActionController::Renderers
- Included
::ActionController::Redirecting
- Included
::AbstractController::Rendering
- Included
DEFAULT_PROTECTED_INSTANCE_VARIABLES
::ActionController::Base
- Inherited
Class Attribute Summary
::ActionController::Base
- Inherited
::ActionController::Metal
- Inherited
::AbstractController::Base
- Inherited
.abstract? | Alias for AbstractController::Base.abstract. |
.supports_path? | Returns true if the given controller is capable of rendering a path. |
Class Method Summary
::ActionController::Base
- Inherited
.without_modules | Shortcut helper that returns all the modules included in |
::ActionController::Metal
- Inherited
.action | Returns a |
.controller_name | Returns the last part of the controller’s name, underscored, without the ending |
.dispatch | Direct dispatch to the controller. |
.make_response!, | |
.middleware | The middleware stack used by this controller. |
.new, | |
.use | Pushes the given |
.inherited, .action_encoding_template |
::AbstractController::Base
- Inherited
.abstract, | |
.abstract! | Define a controller as abstract. |
.action_methods | A list of method names that should be considered actions. |
.clear_action_methods! | action_methods are cached and there is sometimes a need to refresh them. |
.controller_path | Returns the full controller name, underscored, without the ending Controller. |
.internal_methods | A list of all internal methods for a controller. |
.method_added | Refresh the cached action_methods when a new action_method is added. |
.eager_load!, .inherited |
::ActiveSupport::DescendantsTracker
- Extended
Instance Attribute Summary
- #local_request? ⇒ Boolean readonly private
::ActionController::Base
- Inherited
::ActionController::Helpers
- Included
::ActionController::Redirecting
- Included
::AbstractController::UrlFor
- Included
::ActionDispatch::Routing::UrlFor
- Included
::ActionView::Layouts
- Included
#action_has_layout=, | |
#action_has_layout? | Controls whether an action should be rendered using a layout. |
#_conditional_layout? |
::ActionView::Rendering
- Included
::ActionView::ViewPaths
- Included
::ActionController::Renderers::All
- Included
::ActionController::EtagWithTemplateDigest
- Included
::ActionController::EtagWithFlash
- Included
::AbstractController::Caching
- Inherited
::AbstractController::Caching::ConfigMethods
- Included
::ActionController::ImplicitRender
- Included
::ActionController::StrongParameters
- Included
#params | Returns a new |
#params= | Assigns the given |
::ActionController::RequestForgeryProtection
- Included
#_helper_methods, #_helper_methods?, #raise_on_missing_callback_actions, | |
#any_authenticity_token_valid? | Checks if any of the authenticity tokens from the request are valid. |
#marked_for_same_origin_verification? | If the |
#non_xhr_javascript_response? | Check for cross-origin JavaScript responses. |
#protect_against_forgery? | Checks if the controller allows forgery protection. |
#valid_request_origin? | Checks if the request originated from the same origin by looking at the Origin header. |
#verified_request? | Returns true or false if a request is verified. |
::ActionController::ContentSecurityPolicy
- Included
::AbstractController::Callbacks
- Included
::ActionController::Rescue
- Included
#rescue_handlers, #rescue_handlers?, | |
#show_detailed_exceptions? | Override this method if you want to customize when detailed exceptions must be shown. |
::ActionController::Instrumentation
- Included
::ActionController::ParamsWrapper
- Included
#_wrapper_enabled? | Checks if we should perform parameters wrapping. |
::ActionController::Metal
- Inherited
#content_type, #headers, #location, #media_type, #middleware_stack, #middleware_stack?, #params, #params=, | |
#performed? | Tests if render or redirect has already happened. |
#request | :attr_reader: request. |
#response | :attr_reader: response. |
#response= | Assign the response and mark it as committed. |
#response_body=, #session, #status, | |
#response_code | Alias for ActionController::Metal#status. |
::AbstractController::Base
- Inherited
#action_name | Returns the name of the action this controller is processing. |
#formats | Returns the formats that can be processed by the controller. |
#performed? | Tests if a response body is set. |
#response_body | Returns the body of the HTTP response sent by the controller. |
Instance Method Summary
- #disable_content_security_policy_nonce! private
- #require_local! private
::ActionController::Base
- Inherited
::AbstractController::Rendering
- Included
#render | Normalizes arguments and options, and then delegates to render_to_body and sticks the result in |
#render_to_body | Performs the actual template rendering. |
#render_to_string | Similar to |
#rendered_format | Returns |
#view_assigns | This method should return a hash with assigns. |
#_normalize_args | Normalize args by converting |
#_normalize_options | Normalize options. |
#_process_options | Process extra options. |
#_process_variant, #_protected_ivars, | |
#_normalize_render | Normalize args and options. |
#_process_format | Process the rendered format. |
#_set_html_content_type, #_set_rendered_content_type, #_set_vary_header |
::AbstractController::Translation
- Included
#l | Alias for AbstractController::Translation#localize. |
#localize | Delegates to |
#t | Alias for AbstractController::Translation#translate. |
#translate | Delegates to |
::ActionController::Helpers
- Included
#helpers | Provides a proxy to access helper methods from outside the view. |
::ActionController::Redirecting
- Included
#redirect_back | Soft deprecated alias for |
#redirect_back_or_to | Redirects the browser to the page that issued the request (the referrer) if possible, otherwise redirects to the provided default fallback location. |
#redirect_to | Redirects the browser to the target specified in |
#url_from | Verifies the passed |
#_allow_other_host, #_enforce_open_redirect_protection, #_ensure_url_is_http_header_safe, #_extract_redirect_to_status, #_url_host_allowed?, #_compute_redirect_to_location |
::ActionController::UrlFor
- Included
::AbstractController::UrlFor
- Included
::ActionDispatch::Routing::UrlFor
- Included
#initialize, | |
#route_for | Allows calling direct or regular named route. |
#url_for | Generate a URL based on the options provided, |
#url_options | Hook overridden in controller to add request information with |
#_routes_context, #_with_routes, #full_url_for |
::ActionDispatch::Routing::PolymorphicRoutes
- Included
#polymorphic_path | Returns the path component of a URL for the given record. |
#polymorphic_url | Constructs a call to a named RESTful route for the given record and returns the resulting URL string. |
#polymorphic_mapping, #polymorphic_path_for_action, #polymorphic_url_for_action |
::ActionView::Layouts
- Included
#_default_layout | Returns the default layout for this controller. |
#_include_layout?, | |
#_layout | This will be overwritten by _write_layout_method. |
#_layout_for_option | Determine the layout for a given name, taking into account the name type. |
#_normalize_layout, #_process_render_template_options, #initialize |
::ActionView::Rendering
- Included
#initialize, #render_to_body, | |
#view_context | An instance of a view class. |
#view_context_class, | |
#_normalize_args | Normalize args by converting render “foo” to render action: “foo” and render “foo/bar” to render template: “foo/bar”. |
#_process_format | Assign the rendered format to look up context. |
#_process_render_template_options | Normalize options. |
#_render_template | Find and render a template based on the options given. |
#process | Override process to set up |
#view_renderer | Returns an object that is able to render templates. |
::ActionView::ViewPaths
- Included
#any_templates?, | |
#append_view_path | Append a path to the list of view paths for the current LookupContext. |
#details_for_lookup, | |
#lookup_context | LookupContext is the object responsible for holding all information required for looking up templates, i.e. view paths and details. |
#prepend_view_path | Prepend a path to the list of view paths for the current LookupContext. |
#template_exists?, | |
#_prefixes | The prefixes used in render “foo” shortcuts. |
::ActionController::Renderers
- Included
#_render_to_body_with_renderer, | |
#render_to_body | Called by |
::ActionController::EtagWithTemplateDigest
- Included
#determine_template_etag, #lookup_and_digest_template, | |
#pick_template_for_etag | Pick the template digest to include in the ETag. |
::ActionController::ConditionalGet
- Included
#expires_in | Sets the |
#expires_now | Sets an HTTP 1.1 |
#fresh_when | Sets the |
#http_cache_forever | Cache or yield the block. |
#no_store | Sets an HTTP 1.1 |
#stale? | Sets the |
#combine_etags |
::ActionController::Head
- Included
#head | Returns a response that has no content (merely headers). |
#include_content? |
::AbstractController::Caching
- Inherited
#view_cache_dependencies, | |
#cache | Convenience accessor. |
::AbstractController::Caching::Fragments
- Included
#combined_fragment_cache_key | Given a key (as described in |
#expire_fragment | Removes fragments from the cache. |
#fragment_exist? | Check if a cached fragment from the location signified by |
#read_fragment | Reads a cached fragment from the location signified by |
#write_fragment | Writes |
#instrument_fragment_cache |
::ActionController::Caching
- Included
::ActionController::MimeResponds
- Included
#respond_to | Without web-service support, an action which collects the data for displaying a list of people might look something like this: |
::ActionController::ImplicitRender
- Included
::ActionController::BasicImplicitRender
- Included
::ActionController::Cookies
- Included
#cookies | The cookies for the current request. |
::ActionController::Flash
- Included
::ActionController::FormBuilder
- Included
#default_form_builder | Default form builder for the controller. |
::ActionController::RequestForgeryProtection
- Included
#commit_csrf_token, #initialize, #reset_csrf_token, #compare_with_global_token, #compare_with_real_token, #csrf_token_hmac, #decode_csrf_token, #encode_csrf_token, | |
#form_authenticity_param | The form’s authenticity parameter. |
#form_authenticity_token | Creates the authenticity token for the current request. |
#generate_csrf_token, #global_csrf_token, #handle_unverified_request, | |
#mark_for_same_origin_verification! | GET requests are checked for cross-origin JavaScript after rendering. |
#mask_token, | |
#masked_authenticity_token | Creates a masked version of the authenticity token that varies on each request. |
#normalize_action_path, #normalize_relative_action_path, #per_form_csrf_token, #real_csrf_token, | |
#request_authenticity_tokens | Possible authenticity tokens sent in the request. |
#unmask_token, #unverified_request_warning_message, | |
#valid_authenticity_token? | Checks the client’s masked token to see if it matches the session token. |
#valid_per_form_csrf_token?, | |
#verify_authenticity_token | The actual before_action that is used to verify the CSRF token. |
#verify_same_origin_request | If |
#xor_byte_strings |
::ActionController::ContentSecurityPolicy
- Included
::AbstractController::Helpers
- Included
::ActionController::RateLimiting
- Included
::ActionController::AllowBrowser
- Included
::ActionController::Streaming
- Included
#_render_template | Call render_body if we are streaming instead of usual |
::ActionController::DataStreaming
- Included
#send_data | Sends the given binary data to the browser. |
#send_file | Sends the file. |
#send_file_headers! |
::ActionController::Rendering
- Included
#render | Renders a template and assigns the result to |
#render_to_string | Similar to |
#_normalize_options | Normalize both text and status options. |
#_normalize_text, | |
#_process_options | Process controller specific options, as status, content-type and location. |
#_process_variant, #_render_in_priorities, #_set_html_content_type, #_set_rendered_content_type, #_set_vary_header, #render_to_body, | |
#process_action | Before processing, set the request formats in current controller formats. |
::ActionController::HttpAuthentication::Basic::ControllerMethods
- Included
#authenticate_or_request_with_http_basic, #authenticate_with_http_basic, #http_basic_authenticate_or_request_with, #request_http_basic_authentication |
::ActionController::HttpAuthentication::Digest::ControllerMethods
- Included
#authenticate_or_request_with_http_digest | Authenticate using an HTTP Digest, or otherwise render an HTTP header requesting the client to send a |
#authenticate_with_http_digest | Authenticate using an HTTP Digest. |
#request_http_digest_authentication | Render an HTTP header requesting the client to send a |
::ActionController::HttpAuthentication::Token::ControllerMethods
- Included
#authenticate_or_request_with_http_token | Authenticate using an HTTP Bearer token, or otherwise render an HTTP header requesting the client to send a Bearer token. |
#authenticate_with_http_token | Authenticate using an HTTP Bearer token. |
#request_http_token_authentication | Render an HTTP header requesting the client to send a Bearer token for authentication. |
::AbstractController::Callbacks
- Included
#process_action | Override AbstractController::Base#process_action to run the |
::ActiveSupport::Callbacks
- Included
#run_callbacks | Runs the callbacks for the given event. |
#halted_callback_hook | A hook invoked every time a before callback is halted. |
::ActionController::Rescue
- Included
::ActiveSupport::Rescuable
- Included
#rescue_with_handler | Delegates to the class method, but uses the instance as the subject for rescue_from handlers (method calls, |
#handler_for_rescue | Internal handler lookup. |
::ActionController::Instrumentation
- Included
#redirect_to, #render, #send_data, #send_file, | |
#append_info_to_payload | Every time after an action is processed, this method is invoked with the payload, so you can add more information. |
#cleanup_view_runtime | A hook which allows you to clean up any time, wrongly taken into account in views, like database querying time. |
#halted_callback_hook | A hook invoked every time a before callback is halted. |
#process_action, #initialize |
::ActiveSupport::Benchmarkable
- Included
#benchmark | Allows you to measure the execution time of a block in a template and records the result to the log. |
::ActionController::ParamsWrapper
- Included
#_extract_parameters, #_perform_parameter_wrapping, | |
#_wrap_parameters | Returns the list of parameters which will be selected for wrapped. |
#_wrapper_formats | Returns the list of enabled formats. |
#_wrapper_key | Returns the wrapper key which will be used to store wrapped parameters. |
#process_action | Performs parameters wrapping upon the request. |
::ActionController::Metal
- Inherited
#controller_name | Delegates to the class’s |
#reset_session, | |
#url_for | Basic |
#dispatch, #set_request!, #set_response!, #to_a |
::ActionController::Testing::Functional
- Included
::AbstractController::Base
- Inherited
#action_methods | Delegates to the class’s |
#available_action? | Returns true if a method for the action is available and can be dispatched, false otherwise. |
#controller_path | Delegates to the class’s |
#process | Calls the action going through the entire Action Dispatch stack. |
#_find_action_name | Takes an action name and returns the name of the method that will handle the action. |
#_handle_action_missing | If the action name was not found, but a method called “action_missing” was found, |
#_valid_action_name? | Checks if the action name is valid and returns false otherwise. |
#action_method? | Returns true if the name can be considered an action because it has a method defined in the controller. |
#method_for_action | Takes an action name and returns the name of the method that will handle the action. |
#process_action | Call the action. |
#send_action | Actually call the method associated with the action. |
#inspect |
::ActiveSupport::Configurable
- Included
#config | Reads and writes attributes from a configuration OrderedOptions. |
Constructor Details
This class inherits a constructor from ActionController::Metal
Instance Attribute Details
#local_request? ⇒ Boolean
(readonly, private)
[ GitHub ]
# File 'railties/lib/rails/application_controller.rb', line 21
def local_request? Rails.application.config.consider_all_requests_local || request.local? end
Instance Method Details
#disable_content_security_policy_nonce! (private)
[ GitHub ]# File 'railties/lib/rails/application_controller.rb', line 25
def disable_content_security_policy_nonce! request.content_security_policy_nonce_generator = nil end
#require_local! (private)
[ GitHub ]# File 'railties/lib/rails/application_controller.rb', line 15
def require_local! unless local_request? render html: "<p>For security purposes, this information is only available to local requests.</p>".html_safe, status: :forbidden end end