Methods
G
P
A
B
C
D
F
G
H
I
K
L
M
N
P
Q
R
S
X
Included Modules
Constants
LOCALHOST = [/^127\.0\.0\.\d{1,3}$/, "::1", /^0:0:0:0:0:0:0:1(%.*)?$/].freeze
ENV_METHODS = %w[ AUTH_TYPE GATEWAY_INTERFACE PATH_TRANSLATED REMOTE_HOST REMOTE_IDENT REMOTE_USER REMOTE_ADDR SERVER_NAME SERVER_PROTOCOL HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM HTTP_NEGOTIATE HTTP_PRAGMA ].freeze
RFC2616 = %w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
 

List of HTTP request methods from the following RFCs: Hypertext Transfer Protocol – HTTP/1.1 (www.ietf.org/rfc/rfc2616.txt) HTTP Extensions for Distributed Authoring – WEBDAV (www.ietf.org/rfc/rfc2518.txt) Versioning Extensions to WebDAV (www.ietf.org/rfc/rfc3253.txt) Ordered Collections Protocol (WebDAV) (www.ietf.org/rfc/rfc3648.txt) Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (www.ietf.org/rfc/rfc3744.txt) Web Distributed Authoring and Versioning (WebDAV) SEARCH (www.ietf.org/rfc/rfc5323.txt) PATCH Method for HTTP (www.ietf.org/rfc/rfc5789.txt)

RFC2518 = %w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
RFC3253 = %w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
RFC3648 = %w(ORDERPATCH)
RFC3744 = %w(ACL)
RFC5323 = %w(SEARCH)
RFC5789 = %w(PATCH)
HTTP_METHODS = RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC5789
HTTP_METHOD_LOOKUP = Hash.new { |h, m| h[m] = m.underscore.to_sym if HTTP_METHODS.include?(m) }
TRUSTED_PROXIES = %r{ ^127\.0\.0\.1$ | # localhost ^(10 | # private IP 10.x.x.x 172\.(1[6-9]|2[0-9]|3[0-1]) | # private IP in the range 172.16.0.0 .. 172.31.255.255 192\.168 # private IP 192.168.x.x )\. }x
 

Which IP addresses are “trusted proxies” that can be stripped from the right-hand-side of X-Forwarded-For.

en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces.

Class Public methods
new(env)
# File actionpack/lib/action_dispatch/http/request.rb, line 38
def self.new(env)
  if request = env["action_dispatch.request"] && request.instance_of?(self)
    return request
  end

  super
end
Instance Public methods
GET()

Override Rack’s GET method to support indifferent access

This method is also aliased as query_parameters
# File actionpack/lib/action_dispatch/http/request.rb, line 236
def GET
  @env["action_dispatch.request.query_parameters"] ||= (normalize_parameters(super) || {})
end
POST()

Override Rack’s POST method to support indifferent access

This method is also aliased as request_parameters
# File actionpack/lib/action_dispatch/http/request.rb, line 242
def POST
  @env["action_dispatch.request.request_parameters"] ||= (normalize_parameters(super) || {})
end
authorization()

Returns the authorization header regardless of whether it was specified directly or through one of the proxy alternatives.

# File actionpack/lib/action_dispatch/http/request.rb, line 250
def authorization
  @env['HTTP_AUTHORIZATION']   ||
  @env['X-HTTP_AUTHORIZATION'] ||
  @env['X_HTTP_AUTHORIZATION'] ||
  @env['REDIRECT_X_HTTP_AUTHORIZATION']
end
body()

The request body is an IO input stream. If the RAW_POST_DATA environment variable is already set, wrap it in a StringIO.

# File actionpack/lib/action_dispatch/http/request.rb, line 202
def body
  if raw_post = @env['RAW_POST_DATA']
    raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding)
    StringIO.new(raw_post)
  else
    @env['rack.input']
  end
end
content_length()

Returns the content length of the request as an integer.

# File actionpack/lib/action_dispatch/http/request.rb, line 147
def content_length
  super.to_i
end
delete?()

Is this a DELETE request? Equivalent to request.request_method == :delete.

# File actionpack/lib/action_dispatch/http/request.rb, line 116
def delete?
  HTTP_METHOD_LOOKUP[request_method] == :delete
end
flash()

Access the contents of the flash. Use flash["notice"] to read a notice you put there or flash["notice"] = "hello" to put a new one.

# File actionpack/lib/action_dispatch/middleware/flash.rb, line 6
def flash
  @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new)
end
forgery_whitelisted?()
# File actionpack/lib/action_dispatch/http/request.rb, line 137
def forgery_whitelisted?
  get?
end
form_data?()
# File actionpack/lib/action_dispatch/http/request.rb, line 211
def form_data?
  FORM_DATA_MEDIA_TYPES.include?(content_mime_type.to_s)
end
fullpath()
# File actionpack/lib/action_dispatch/http/request.rb, line 133
def fullpath
  @fullpath ||= super
end
get?()

Is this a GET (or HEAD) request? Equivalent to request.request_method == :get.

# File actionpack/lib/action_dispatch/http/request.rb, line 98
def get?
  HTTP_METHOD_LOOKUP[request_method] == :get
end
head?()

Is this a HEAD request? Equivalent to request.method == :head.

# File actionpack/lib/action_dispatch/http/request.rb, line 122
def head?
  HTTP_METHOD_LOOKUP[method] == :head
end
headers()

Provides access to the request’s HTTP headers, for example:

request.headers["Content-Type"] # => "text/plain"
# File actionpack/lib/action_dispatch/http/request.rb, line 129
def headers
  Http::Headers.new(@env)
end
ip()
# File actionpack/lib/action_dispatch/http/request.rb, line 159
def ip
  @ip ||= super
end
key?(key)
# File actionpack/lib/action_dispatch/http/request.rb, line 46
def key?(key)
  @env.key?(key)
end
local?()

True if the request came from localhost, 127.0.0.1.

# File actionpack/lib/action_dispatch/http/request.rb, line 258
def local?
  LOCALHOST.any? { |local_ip| local_ip === remote_addr && local_ip === remote_ip }
end
media_type()
# File actionpack/lib/action_dispatch/http/request.rb, line 142
def media_type
  content_mime_type.to_s
end
method()

Returns the original value of the environment’s REQUEST_METHOD, even if it was overridden by middleware. See request_method for more information.

# File actionpack/lib/action_dispatch/http/request.rb, line 87
def method
  @method ||= check_method(env["rack.methodoverride.original_method"] || env['REQUEST_METHOD'])
end
method_symbol()

Returns a symbol form of the method

# File actionpack/lib/action_dispatch/http/request.rb, line 92
def method_symbol
  HTTP_METHOD_LOOKUP[method]
end
post?()

Is this a POST request? Equivalent to request.request_method == :post.

# File actionpack/lib/action_dispatch/http/request.rb, line 104
def post?
  HTTP_METHOD_LOOKUP[request_method] == :post
end
put?()

Is this a PUT request? Equivalent to request.request_method == :put.

# File actionpack/lib/action_dispatch/http/request.rb, line 110
def put?
  HTTP_METHOD_LOOKUP[request_method] == :put
end
query_parameters()
raw_post()

Read the request body. This is useful for web services that need to work with raw requests directly.

# File actionpack/lib/action_dispatch/http/request.rb, line 192
def raw_post
  unless @env.include? 'RAW_POST_DATA'
    @env['RAW_POST_DATA'] = body.read(@env['CONTENT_LENGTH'].to_i)
    body.rewind if body.respond_to?(:rewind)
  end
  @env['RAW_POST_DATA']
end
remote_ip()

Determines originating IP address. REMOTE_ADDR is the standard but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or HTTP_X_FORWARDED_FOR are set by proxies so check for these if REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- delimited list in the case of multiple chained proxies; the last address which is not trusted is the originating IP.

# File actionpack/lib/action_dispatch/http/request.rb, line 181
def remote_ip
  @remote_ip ||= (@env["action_dispatch.remote_ip"] || ip).to_s
end
request_method()

Returns the HTTP method that the application should see. In the case where the method was overridden by a middleware (for instance, if a HEAD request was converted to a GET, or if a _method parameter was used to determine the method the application should use), this method returns the overridden value, not the original.

# File actionpack/lib/action_dispatch/http/request.rb, line 75
def request_method
  @request_method ||= check_method(env["REQUEST_METHOD"])
end
request_method_symbol()

Returns a symbol form of the request_method

# File actionpack/lib/action_dispatch/http/request.rb, line 80
def request_method_symbol
  HTTP_METHOD_LOOKUP[request_method]
end
request_parameters()
reset_session()

TODO This should be broken apart into AD::Request::Session and probably be included by the session middleware.

# File actionpack/lib/action_dispatch/http/request.rb, line 221
def reset_session
  session.destroy if session && session.respond_to?(:destroy)
  self.session = {}
  @env['action_dispatch.request.flash_hash'] = nil
end
server_software()

Returns the lowercase name of the HTTP server software.

# File actionpack/lib/action_dispatch/http/request.rb, line 186
def server_software
  (@env['SERVER_SOFTWARE'] && /^([a-zA-Z]+)/ =~ @env['SERVER_SOFTWARE']) ? $1.downcase : nil
end
session_options=(options)
# File actionpack/lib/action_dispatch/http/request.rb, line 231
def session_options=(options)
  @env['rack.session.options'] = options
end
xhr?()
xml_http_request?()

Returns true if the “X-Requested-With” header contains “XMLHttpRequest” (case-insensitive). All major JavaScript libraries send this header with every Ajax request.

This method is also aliased as xhr?
# File actionpack/lib/action_dispatch/http/request.rb, line 154
def xml_http_request?
  @env['HTTP_X_REQUESTED_WITH'] =~ /XMLHttpRequest/
end