Merge branch 'main' into browser-block-with-method-name

Author: guilleiguaran

Gemfile.lock

@@ -641,7 +641,7 @@ GEM
     websocket-extensions (0.1.5)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.6.12)
+    zeitwerk (2.6.18)
 
 PLATFORMS
   ruby

actioncable/test/channel/base_test.rb

@@ -109,7 +109,7 @@ def error_handler
     @connection.server.config.filter_parameters << :password
     data = { password: "password", foo: "foo" }
 
-    assert_logged(':password=>"[FILTERED]"') do
+    assert_logged({ password: "[FILTERED]" }.inspect[1..-2]) do
       @channel.perform_action data
     end
   end

actionpack/CHANGELOG.md

@@ -13,7 +13,7 @@
 
     *Sean Doyle*
 
-*   Raise an `ArgumentError` when invalid `:on` or `:except` options are passed into `#resource` and `#resources`.
+*   Raise an `ArgumentError` when invalid `:only` or `:except` options are passed into `#resource` and `#resources`.
 
     *Joshua Young*
 

actionpack/lib/action_dispatch/http/content_security_policy.rb

@@ -8,8 +8,7 @@
 module ActionDispatch # :nodoc:
   # # Action Dispatch Content Security Policy
   #
-  # Configures the HTTP [Content-Security-Policy]
-  # (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy)
+  # Configures the HTTP [Content-Security-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy)
   # response header to help protect against XSS and
   # injection attacks.
   #
@@ -227,8 +226,7 @@ def plugin_types(*types)
       end
     end
 
-    # Enable the [report-uri]
-    # (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri)
+    # Enable the [report-uri](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri)
     # directive. Violation reports will be sent to the
     # specified URI:
     #
@@ -238,8 +236,7 @@ def report_uri(uri)
       @directives["report-uri"] = [uri]
     end
 
-    # Specify asset types for which [Subresource Integrity]
-    # (https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) is required:
+    # Specify asset types for which [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) is required:
     #
     #     policy.require_sri_for :script, :style
     #
@@ -255,8 +252,7 @@ def require_sri_for(*types)
       end
     end
 
-    # Specify whether a [sandbox]
-    # (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox)
+    # Specify whether a [sandbox](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox)
     # should be enabled for the requested resource:
     #
     #     policy.sandbox

actionpack/lib/action_dispatch/middleware/debug_view.rb

@@ -15,17 +15,12 @@ def initialize(assigns)
       paths = RESCUES_TEMPLATE_PATHS.dup
       lookup_context = ActionView::LookupContext.new(paths)
       super(lookup_context, assigns, nil)
-      @exception_wrapper = assigns[:exception_wrapper]
     end
 
     def compiled_method_container
       self.class
     end
 
-    def error_highlight_available?
-      @exception_wrapper.error_highlight_available?
-    end
-
     def debug_params(params)
       clean_params = params.clone
       clean_params.delete("action")

actionpack/lib/action_dispatch/middleware/exception_wrapper.rb

@@ -201,12 +201,6 @@ def source_extracts
       end
     end
 
-    def error_highlight_available?
-      # ErrorHighlight.spot with backtrace_location keyword is available since
-      # error_highlight 0.4.0
-      defined?(ErrorHighlight) && Gem::Version.new(ErrorHighlight::VERSION) >= Gem::Version.new("0.4.0")
-    end
-
     def trace_to_show
       if traces["Application Trace"].empty? && rescue_template != "routing_error"
         "Full Trace"

actionpack/lib/action_dispatch/middleware/templates/rescues/_source.html.erb

@@ -28,9 +28,6 @@
           </tr>
         </table>
       </div>
-      <%- unless self.error_highlight_available? -%>
-        <p class="error_highlight_tip">Tip: You may want to add <code>gem "error_highlight", "&gt;= 0.4.0"</code> into your Gemfile, which will display the fine-grained error location.</p>
-      <%- end -%>
     </div>
   <% end %>
 <% end %>

actionpack/test/controller/log_subscriber_test.rb

@@ -173,7 +173,7 @@ def test_process_action_with_parameters
     wait
 
     assert_equal 3, logs.size
-    assert_equal 'Parameters: {"id"=>"10"}', logs[1]
+    assert_equal "Parameters: #{{ "id" => "10" }}", logs[1]
   end
 
   def test_multiple_process_with_parameters
@@ -183,8 +183,8 @@ def test_multiple_process_with_parameters
     wait
 
     assert_equal 6, logs.size
-    assert_equal 'Parameters: {"id"=>"10"}', logs[1]
-    assert_equal 'Parameters: {"id"=>"20"}', logs[4]
+    assert_equal "Parameters: #{{ "id" => "10" }}", logs[1]
+    assert_equal "Parameters: #{{ "id" => "20" }}", logs[4]
   end
 
   def test_process_action_with_wrapped_parameters
@@ -193,7 +193,7 @@ def test_process_action_with_wrapped_parameters
     wait
 
     assert_equal 3, logs.size
-    assert_match '"person"=>{"name"=>"jose"}', logs[1]
+    assert_match({ "person" => { "name" => "jose" } }.inspect[1..-2], logs[1])
   end
 
   def test_process_action_with_view_runtime
@@ -242,9 +242,9 @@ def test_process_action_with_filter_parameters
     wait
 
     params = logs[1]
-    assert_match(/"amount"=>"\[FILTERED\]"/, params)
-    assert_match(/"lifo"=>"\[FILTERED\]"/, params)
-    assert_match(/"step"=>"1"/, params)
+    assert_match({ "amount" => "[FILTERED]" }.inspect[1..-2], params)
+    assert_match({ "lifo" => "[FILTERED]" }.inspect[1..-2], params)
+    assert_match({ "step" => "1" }.inspect[1..-2], params)
   end
 
   def test_redirect_to

actionpack/test/controller/parameters/accessors_test.rb

@@ -49,8 +49,8 @@ class ParametersAccessorsTest < ActiveSupport::TestCase
   end
 
   test "to_s returns the string representation of the parameters hash" do
-    assert_equal '{"person"=>{"age"=>"32", "name"=>{"first"=>"David", "last"=>"Heinemeier Hansson"}, ' \
-      '"addresses"=>[{"city"=>"Chicago", "state"=>"Illinois"}]}}', @params.to_s
+    assert_equal({ "person" => { "age" => "32", "name" => { "first" => "David", "last" => "Heinemeier Hansson" },
+      "addresses" => [{ "city" => "Chicago", "state" => "Illinois" }] } }.inspect, @params.to_s)
   end
 
   test "each carries permitted status" do
@@ -387,10 +387,19 @@ class ParametersAccessorsTest < ActiveSupport::TestCase
   end
 
   test "inspect shows both class name, parameters and permitted flag" do
+    hash = {
+      "person" => {
+        "age" => "32",
+        "name" => {
+          "first" => "David",
+          "last" => "Heinemeier Hansson"
+        },
+        "addresses" => [{ "city" => "Chicago", "state" => "Illinois" }]
+      },
+    }
+
     assert_equal(
-      '#<ActionController::Parameters {"person"=>{"age"=>"32", '\
-        '"name"=>{"first"=>"David", "last"=>"Heinemeier Hansson"}, ' \
-        '"addresses"=>[{"city"=>"Chicago", "state"=>"Illinois"}]}} permitted: false>',
+      "#<ActionController::Parameters #{hash} permitted: false>",
       @params.inspect
     )
   end

actionpack/test/dispatch/debug_exceptions_test.rb

@@ -394,7 +394,8 @@ def self.build_app(app, *args)
     get "/", params: { "foo" => "bar" }, headers: { "action_dispatch.show_exceptions" => :all,
       "action_dispatch.parameter_filter" => [:foo] }
     assert_response 500
-    assert_match(""foo"=>"[FILTERED]"", body)
+
+    assert_match(CGI.escape_html({ "foo" => "[FILTERED]" }.inspect[1..-2]), body)
   end
 
   test "show registered original exception if the last exception is TemplateError" do