From my windows box I accessed the main page (default with rails) of the application. I wanted to verify the environment that rails was loading. So I clicked on the "About your application's environment" link.
I got an error message -
For security purposes, this information is only available to local requests.
Hmm, I knew I had started my server in the development mode and by default this mode considers all requests local.
I doubled checked config/environments/development.rb and found the setting to be right...
# Show full error reports and disable caching
config.action_controller.consider_all_requests_local = true
Hmm what is going on?
From development.log I figured the controller for this request to be rails/info with the action name as properties.
%> grep -r "def properties" /usr/local/lib/ruby/gems/1.8/gems /*
/usr/local/lib/ruby/gems/1.8/gems/rails-1.1.6/builtin/rails_info/rails/info_controller.rb: def properties
Ah! So I checked out info_controller.rb
class Rails::InfoController < ActionController::Base
def properties
if local_request?
render :inline => Rails::Info.to_html
else
render :text => 'For security purposes, this information is only available to local requests.
', :status => 500
end
end
end
Tracing local_request? led me to
%> grep -r 'def local_request?' /usr/local/lib/ruby/gems/1.8/gems/*
/usr/local/lib/ruby/gems/1.8/gems/actionpack-1.13.3/lib/action_controller/rescue.rb: def local_request? #:doc:
%>
Looking at local_request?
def local_request? #:doc:
[request.remote_addr, request.remote_ip] == ["127.0.0.1"] * 2
end
it is clear that local_request? will return false in this case since I am accessing the page from a different machine.
As I searched for local_request? again, I found this snippet in rescue.rb itself:
def rescue_action(exception)
log_error(exception) if logger
erase_results if performed?
if consider_all_requests_local || local_request?
rescue_action_locally(exception)
else
rescue_action_in_public(exception)
end
end
Ah ha! we need to add consider_all_requests_local to our properties action as well. So I popped open app/controller/application.rb and added the following snippet
class Rails::InfoController < ActionController::Base
def properties
if consider_all_requests_local || local_request?
render :inline => Rails::Info.to_html
else
render :text => 'For security purposes, this information is only available to local requests.
', :status => 500
end
end
end
class ApplicationController < ActionController::Base
# Pick a unique cookie name to distinguish our session data from others'
session :session_key => '_ptracker_session_id'
end
A server restart and I got the output I wanted:
| Ruby version | 1.8.6 (x86_64-linux) |
| RubyGems version | 0.9.0 |
| Rails version | 1.2.3 |
| Active Record version | 1.15.3 |
| Action Pack version | 1.13.3 |
| Action Web Service version | 1.2.3 |
| Action Mailer version | 1.3.3 |
| Active Support version | 1.4.2 |
| Application root | /home/xxxx/ror |
| Environment | development |
| Database adapter | mysql |
Hmm maybe I should submit a patch!
