diff options
| author | Aditya Chadha <aditya@sublucid.com> | 2009-04-27 22:01:36 -0400 |
|---|---|---|
| committer | Aditya Chadha <aditya@sublucid.com> | 2009-04-27 22:01:36 -0400 |
| commit | 57f031cba2740fd8afc867960220e28a1c333dc5 (patch) | |
| tree | 4cfa07346a6e134c9e7331960ba3f91d0d962859 | |
| parent | eeb12d6ad5c24e65f63029f517e23fc5e02a617c (diff) | |
| parent | 4df9680a6fe6608e8a82924f52e51a028a8575e5 (diff) | |
| download | rails-57f031cba2740fd8afc867960220e28a1c333dc5.tar.gz rails-57f031cba2740fd8afc867960220e28a1c333dc5.tar.bz2 rails-57f031cba2740fd8afc867960220e28a1c333dc5.zip | |
Merge branch 'master' of git@github.com:lifo/docrails
6 files changed, 91 insertions, 77 deletions
diff --git a/actionpack/lib/action_controller/base/mime_responds.rb b/actionpack/lib/action_controller/base/mime_responds.rb index bac225ab2a..a91483b0f0 100644 --- a/actionpack/lib/action_controller/base/mime_responds.rb +++ b/actionpack/lib/action_controller/base/mime_responds.rb @@ -94,6 +94,18 @@ module ActionController #:nodoc: # Note that you can define your own XML parameter parser which would allow you to describe multiple entities # in a single request (i.e., by wrapping them all in a single root node), but if you just go with the flow # and accept Rails' defaults, life will be much easier. + # + # Further more, you may call the #any method on the block's object in order to run the same code for different responses. + # def index + # + # respond_to do |format| + # format.html { @people = People.all(:limit => 10) } + # format.any(:xml, :atom) { @people = People.all } + # end + # end + # + # This will limit the @people variable to 10 people records if we're requesting HTML, but will list all the + # people for any xml or atom request. # # If you need to use a MIME type which isn't supported by default, you can register your own handlers in # environment.rb as follows. diff --git a/actionpack/lib/action_controller/base/request_forgery_protection.rb b/actionpack/lib/action_controller/base/request_forgery_protection.rb index 3067122ceb..df91dc1006 100644 --- a/actionpack/lib/action_controller/base/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/base/request_forgery_protection.rb @@ -96,8 +96,7 @@ module ActionController #:nodoc: !request.content_type.nil? && request.content_type.verify_request? end - # Sets the token value for the current session. Pass a <tt>:secret</tt> option - # in +protect_from_forgery+ to add a custom salt to the hash. + # Sets the token value for the current session. def form_authenticity_token session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32) end diff --git a/actionpack/lib/action_view/helpers/asset_tag_helper.rb b/actionpack/lib/action_view/helpers/asset_tag_helper.rb index a32beb6100..bfda866a55 100644 --- a/actionpack/lib/action_view/helpers/asset_tag_helper.rb +++ b/actionpack/lib/action_view/helpers/asset_tag_helper.rb @@ -169,15 +169,16 @@ module ActionView ) end - # Computes the path to a javascript asset in the public javascripts directory. - # If the +source+ filename has no extension, .js will be appended. - # Full paths from the document root will be passed through. - # Used internally by javascript_include_tag to build the script path. + # Computes the path to a JavaScript asset in the public javascripts directory. + # If the +source+ filename has no extension, <tt>.js</tt> will be appended. + # Full paths from the document root are passed through, URLs remain + # untouched. Local files get a timestamp appended as query string. + # Used internally by <tt>javascript_include_tag</tt> to build the script path. # # ==== Examples - # javascript_path "xmlhr" # => /javascripts/xmlhr.js - # javascript_path "dir/xmlhr.js" # => /javascripts/dir/xmlhr.js - # javascript_path "/dir/xmlhr" # => /dir/xmlhr.js + # javascript_path "xmlhr" # => /javascripts/xmlhr.js?1240848408 + # javascript_path "dir/xmlhr.js" # => /javascripts/dir/xmlhr.js?1239899358 + # javascript_path "/dir/xmlhr" # => /dir/xmlhr.js?1240300432 # javascript_path "http://www.railsapplication.com/js/xmlhr" # => http://www.railsapplication.com/js/xmlhr.js # javascript_path "http://www.railsapplication.com/js/xmlhr.js" # => http://www.railsapplication.com/js/xmlhr.js def javascript_path(source) @@ -197,14 +198,14 @@ module ActionView # # ==== Examples # javascript_include_tag "xmlhr" # => - # <script type="text/javascript" src="/javascripts/xmlhr.js"></script> + # <script type="text/javascript" src="/javascripts/xmlhr.js?1240848408"></script> # # javascript_include_tag "xmlhr.js" # => - # <script type="text/javascript" src="/javascripts/xmlhr.js"></script> + # <script type="text/javascript" src="/javascripts/xmlhr.js?1240848408"></script> # # javascript_include_tag "common.javascript", "/elsewhere/cools" # => - # <script type="text/javascript" src="/javascripts/common.javascript"></script> - # <script type="text/javascript" src="/elsewhere/cools.js"></script> + # <script type="text/javascript" src="/javascripts/common.javascript?1239899358"></script> + # <script type="text/javascript" src="/elsewhere/cools.js?1240300432"></script> # # javascript_include_tag "http://www.railsapplication.com/xmlhr" # => # <script type="text/javascript" src="http://www.railsapplication.com/xmlhr.js"></script> @@ -213,25 +214,25 @@ module ActionView # <script type="text/javascript" src="http://www.railsapplication.com/xmlhr.js"></script> # # javascript_include_tag :defaults # => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/effects.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1240300432"></script> + # <script type="text/javascript" src="/javascripts/effects.js?1240300432"></script> # ... - # <script type="text/javascript" src="/javascripts/application.js"></script> + # <script type="text/javascript" src="/javascripts/application.js?1240300432"></script> # # * = The application.js file is only referenced if it exists # # Though it's not really recommended practice, if you need to extend the default JavaScript set for any reason - # (e.g., you're going to be using a certain .js file in every action), then take a look at the register_javascript_include_default method. + # (e.g., you're going to be using a certain .js file in every action), then take a look at the <tt>register_javascript_include_default</tt> method. # # You can also include all javascripts in the javascripts directory using <tt>:all</tt> as the source: # # javascript_include_tag :all # => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/effects.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1240300432"></script> + # <script type="text/javascript" src="/javascripts/effects.js?1240300432"></script> # ... - # <script type="text/javascript" src="/javascripts/application.js"></script> - # <script type="text/javascript" src="/javascripts/shop.js"></script> - # <script type="text/javascript" src="/javascripts/checkout.js"></script> + # <script type="text/javascript" src="/javascripts/application.js?1240300432"></script> + # <script type="text/javascript" src="/javascripts/shop.js?1240848408"></script> + # <script type="text/javascript" src="/javascripts/checkout.js?1239899358"></script> # # Note that the default javascript files will be included first. So Prototype and Scriptaculous are available to # all subsequently included files. @@ -249,23 +250,23 @@ module ActionView # # ==== Examples # javascript_include_tag :all, :cache => true # when ActionController::Base.perform_caching is false => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/effects.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1240848408"></script> + # <script type="text/javascript" src="/javascripts/effects.js?1239899358"></script> # ... - # <script type="text/javascript" src="/javascripts/application.js"></script> - # <script type="text/javascript" src="/javascripts/shop.js"></script> - # <script type="text/javascript" src="/javascripts/checkout.js"></script> + # <script type="text/javascript" src="/javascripts/application.js?1240300432"></script> + # <script type="text/javascript" src="/javascripts/shop.js?1239622973"></script> + # <script type="text/javascript" src="/javascripts/checkout.js?1240310204"></script> # # javascript_include_tag :all, :cache => true # when ActionController::Base.perform_caching is true => - # <script type="text/javascript" src="/javascripts/all.js"></script> + # <script type="text/javascript" src="/javascripts/all.js?1240848852"></script> # # javascript_include_tag "prototype", "cart", "checkout", :cache => "shop" # when ActionController::Base.perform_caching is false => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/cart.js"></script> - # <script type="text/javascript" src="/javascripts/checkout.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1240848408"></script> + # <script type="text/javascript" src="/javascripts/cart.js?1240848852"></script> + # <script type="text/javascript" src="/javascripts/checkout.js?1240310204"></script> # # javascript_include_tag "prototype", "cart", "checkout", :cache => "shop" # when ActionController::Base.perform_caching is true => - # <script type="text/javascript" src="/javascripts/shop.js"></script> + # <script type="text/javascript" src="/javascripts/shop.js?1240845632"></script> # # The <tt>:recursive</tt> option is also available for caching: # @@ -296,9 +297,9 @@ module ActionView # ActionView::Helpers::AssetTagHelper.register_javascript_expansion :monkey => ["head", "body", "tail"] # # javascript_include_tag :monkey # => - # <script type="text/javascript" src="/javascripts/head.js"></script> - # <script type="text/javascript" src="/javascripts/body.js"></script> - # <script type="text/javascript" src="/javascripts/tail.js"></script> + # <script type="text/javascript" src="/javascripts/head.js?1240848852"></script> + # <script type="text/javascript" src="/javascripts/body.js?1240845632"></script> + # <script type="text/javascript" src="/javascripts/tail.js?1240300432"></script> def self.register_javascript_expansion(expansions) @@javascript_expansions.merge!(expansions) end @@ -313,9 +314,9 @@ module ActionView # ActionView::Helpers::AssetTagHelper.register_stylesheet_expansion :monkey => ["head", "body", "tail"] # # stylesheet_link_tag :monkey # => - # <link href="/stylesheets/head.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/body.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/tail.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/head.css?1240376589" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/body.css?1245476314" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/tail.css?1245586314" media="screen" rel="stylesheet" type="text/css" /> def self.register_stylesheet_expansion(expansions) @@stylesheet_expansions.merge!(expansions) end @@ -334,13 +335,14 @@ module ActionView # Computes the path to a stylesheet asset in the public stylesheets directory. # If the +source+ filename has no extension, <tt>.css</tt> will be appended. - # Full paths from the document root will be passed through. + # Full paths from the document root are passed through, URLs remain + # untouched. Local files get a timestamp appended as query string. # Used internally by +stylesheet_link_tag+ to build the stylesheet path. # # ==== Examples - # stylesheet_path "style" # => /stylesheets/style.css - # stylesheet_path "dir/style.css" # => /stylesheets/dir/style.css - # stylesheet_path "/dir/style.css" # => /dir/style.css + # stylesheet_path "style" # => /stylesheets/style.css?1239622973 + # stylesheet_path "dir/style.css" # => /stylesheets/dir/style.css?1245586314 + # stylesheet_path "/dir/style.css" # => /dir/style.css?1240376589 # stylesheet_path "http://www.railsapplication.com/css/style" # => http://www.railsapplication.com/css/style.css # stylesheet_path "http://www.railsapplication.com/css/style.js" # => http://www.railsapplication.com/css/style.css def stylesheet_path(source) @@ -354,30 +356,30 @@ module ActionView # # ==== Examples # stylesheet_link_tag "style" # => - # <link href="/stylesheets/style.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/style.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag "style.css" # => - # <link href="/stylesheets/style.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/style.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag "http://www.railsapplication.com/style.css" # => # <link href="http://www.railsapplication.com/style.css" media="screen" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag "style", :media => "all" # => - # <link href="/stylesheets/style.css" media="all" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/style.css?1239622973" media="all" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag "style", :media => "print" # => - # <link href="/stylesheets/style.css" media="print" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/style.css?1239622973" media="print" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag "random.styles", "/css/stylish" # => - # <link href="/stylesheets/random.styles" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/css/stylish.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/random.styles?1239667843" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/css/stylish.css?1239667973" media="screen" rel="stylesheet" type="text/css" /> # # You can also include all styles in the stylesheets directory using <tt>:all</tt> as the source: # # stylesheet_link_tag :all # => - # <link href="/stylesheets/style1.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/styleB.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/styleX2.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/style1.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/styleB.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/styleX2.css?1239667843" media="screen" rel="stylesheet" type="text/css" /> # # If you want Rails to search in all the subdirectories under stylesheets, you should explicitly set <tt>:recursive</tt>: # @@ -392,20 +394,20 @@ module ActionView # # ==== Examples # stylesheet_link_tag :all, :cache => true # when ActionController::Base.perform_caching is false => - # <link href="/stylesheets/style1.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/styleB.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/styleX2.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/style1.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/styleB.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/styleX2.css?1239667843" media="screen" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag :all, :cache => true # when ActionController::Base.perform_caching is true => - # <link href="/stylesheets/all.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/all.css?1245327490" media="screen" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag "shop", "cart", "checkout", :cache => "payment" # when ActionController::Base.perform_caching is false => - # <link href="/stylesheets/shop.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/cart.css" media="screen" rel="stylesheet" type="text/css" /> - # <link href="/stylesheets/checkout.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/shop.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/cart.css?1239622973" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/checkout.css?1239667843" media="screen" rel="stylesheet" type="text/css" /> # # stylesheet_link_tag "shop", "cart", "checkout", :cache => "payment" # when ActionController::Base.perform_caching is true => - # <link href="/stylesheets/payment.css" media="screen" rel="stylesheet" type="text/css" /> + # <link href="/stylesheets/payment.css?1245327490" media="screen" rel="stylesheet" type="text/css" /> # # The <tt>:recursive</tt> option is also available for caching: # @@ -427,14 +429,15 @@ module ActionView end # Computes the path to an image asset in the public images directory. - # Full paths from the document root will be passed through. + # Full paths from the document root are passed through, URLs remain + # untouched. Local files get a timestamp appended as query string. # Used internally by +image_tag+ to build the image path. # # ==== Examples - # image_path("edit") # => /images/edit - # image_path("edit.png") # => /images/edit.png - # image_path("icons/edit.png") # => /images/icons/edit.png - # image_path("/icons/edit.png") # => /icons/edit.png + # image_path("edit") # => /images/edit?1245327490 + # image_path("edit.png") # => /images/edit.png?1239622973 + # image_path("icons/edit.png") # => /images/icons/edit.png?1239667843 + # image_path("/icons/edit.png") # => /icons/edit.png?1240376589 # image_path("http://www.railsapplication.com/img/edit.png") # => http://www.railsapplication.com/img/edit.png def image_path(source) compute_public_path(source, 'images') @@ -459,21 +462,21 @@ module ActionView # # ==== Examples # image_tag("icon") # => - # <img src="/images/icon" alt="Icon" /> + # <img src="/images/icon?1240376589" alt="Icon" /> # image_tag("icon.png") # => # <img src="/images/icon.png" alt="Icon" /> # image_tag("icon.png", :size => "16x10", :alt => "Edit Entry") # => - # <img src="/images/icon.png" width="16" height="10" alt="Edit Entry" /> + # <img src="/images/icon.png?1239667843" width="16" height="10" alt="Edit Entry" /> # image_tag("/icons/icon.gif", :size => "16x16") # => - # <img src="/icons/icon.gif" width="16" height="16" alt="Icon" /> + # <img src="/icons/icon.gif?1239622973" width="16" height="16" alt="Icon" /> # image_tag("/icons/icon.gif", :height => '32', :width => '32') # => - # <img alt="Icon" height="32" src="/icons/icon.gif" width="32" /> + # <img alt="Icon" height="32" src="/icons/icon.gif?1245327490" width="32" /> # image_tag("/icons/icon.gif", :class => "menu_icon") # => - # <img alt="Icon" class="menu_icon" src="/icons/icon.gif" /> + # <img alt="Icon" class="menu_icon" src="/icons/icon.gif?1239667831" /> # image_tag("mouse.png", :mouseover => "/images/mouse_over.png") # => - # <img src="/images/mouse.png" onmouseover="this.src='/images/mouse_over.png'" onmouseout="this.src='/images/mouse.png'" alt="Mouse" /> + # <img src="/images/mouse.png?1245320089" onmouseover="this.src='/images/mouse_over.png'" onmouseout="this.src='/images/mouse.png'" alt="Mouse" /> # image_tag("mouse.png", :mouseover => image_path("mouse_over.png")) # => - # <img src="/images/mouse.png" onmouseover="this.src='/images/mouse_over.png'" onmouseout="this.src='/images/mouse.png'" alt="Mouse" /> + # <img src="/images/mouse.png?1245322298" onmouseover="this.src='/images/mouse_over.png'" onmouseout="this.src='/images/mouse.png'" alt="Mouse" /> def image_tag(source, options = {}) options.symbolize_keys! diff --git a/railties/guides/source/caching_with_rails.textile b/railties/guides/source/caching_with_rails.textile index 08377f2456..9658927a36 100644 --- a/railties/guides/source/caching_with_rails.textile +++ b/railties/guides/source/caching_with_rails.textile @@ -44,9 +44,9 @@ the products <ruby> class ProductsController < ActionController - caches_page :list + caches_page :index - def list + def index @products = Products.all end @@ -76,9 +76,9 @@ example controller like this: <ruby> class ProductsController < ActionController - caches_page :list + caches_page :index - def list + def index @products = Products.all end diff --git a/railties/guides/source/i18n.textile b/railties/guides/source/i18n.textile index c4f178faa0..aa5982af5d 100644 --- a/railties/guides/source/i18n.textile +++ b/railties/guides/source/i18n.textile @@ -686,7 +686,7 @@ en: # will translate User attribute "login" as "Handle" </ruby> -Then +User.human_name+ will return "Dude" and +User.human_attribute_name(:login)+ will return "Handle". +Then +User.human_name+ will return "Dude" and +User.human_attribute_name("login")+ will return "Handle". h5. Error Message Scopes diff --git a/railties/guides/source/security.textile b/railties/guides/source/security.textile index 1b64cc1be7..7b93fa7561 100644 --- a/railties/guides/source/security.textile +++ b/railties/guides/source/security.textile @@ -497,7 +497,7 @@ Depending on your web application, there may be more ways to hijack the user's a h4. CAPTCHAs --- _A CAPTCHA is a challenge-response test to determine that the response is not generated by a computer. It is often used to protect comment forms from automatic spam bots by asking the user to type the letters of a distorted image. The idea of a negative CAPTCHA is not to ask a user to proof that he is human, but reveal that a robot is a robot._ +-- _A CAPTCHA is a challenge-response test to determine that the response is not generated by a computer. It is often used to protect comment forms from automatic spam bots by asking the user to type the letters of a distorted image. The idea of a negative CAPTCHA is not for a user to prove that he is human, but reveal that a robot is a robot._ But not only spam robots (bots) are a problem, but also automatic login bots. A popular CAPTCHA API is "reCAPTCHA":http://recaptcha.net/ which displays two distorted images of words from old books. It also adds an angled line, rather than a distorted background and high levels of warping on the text as earlier CAPTCHAs did, because the latter were broken. As a bonus, using reCAPTCHA helps to digitize old books. "ReCAPTCHA":http://ambethia.com/recaptcha/ is also a Rails plug-in with the same name as the API. |