diff options
| author | Jeremy Kemper <jeremy@bitsweat.net> | 2013-12-03 15:14:49 -0800 |
|---|---|---|
| committer | Jeremy Kemper <jeremy@bitsweat.net> | 2013-12-03 15:14:49 -0800 |
| commit | 501acab943cdc3a5ac389cfd9b39dc34d3ca86fb (patch) | |
| tree | d20232cd9ea12691bb126e48855ed8ced15c6371 /actionpack/lib/action_dispatch | |
| parent | 4d648819c5662f375b8ca431a14511ae6a97a29c (diff) | |
| parent | eb0402d512a1fb4e65a4d8d3dab3684e9f136b34 (diff) | |
| download | rails-501acab943cdc3a5ac389cfd9b39dc34d3ca86fb.tar.gz rails-501acab943cdc3a5ac389cfd9b39dc34d3ca86fb.tar.bz2 rails-501acab943cdc3a5ac389cfd9b39dc34d3ca86fb.zip | |
Merge pull request #12977 from strzalek/action-pack-variants
Action Pack Variants
Diffstat (limited to 'actionpack/lib/action_dispatch')
| -rw-r--r-- | actionpack/lib/action_dispatch/http/mime_negotiation.rb | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/actionpack/lib/action_dispatch/http/mime_negotiation.rb b/actionpack/lib/action_dispatch/http/mime_negotiation.rb index 40bb060d52..41e6727315 100644 --- a/actionpack/lib/action_dispatch/http/mime_negotiation.rb +++ b/actionpack/lib/action_dispatch/http/mime_negotiation.rb @@ -10,6 +10,8 @@ module ActionDispatch self.ignore_accept_header = false end + attr_reader :variant + # The MIME type of the HTTP request, such as Mime::XML. # # For backward compatibility, the post \format is extracted from the @@ -64,6 +66,18 @@ module ActionDispatch end end + # Sets the \variant for template + def variant=(variant) + if variant.is_a? Symbol + @variant = variant + else + raise ArgumentError, "request.variant must be set to a Symbol, not a #{variant.class}. For security reasons," + + "never directly set the variant to a user-provided value, like params[:variant].to_sym." + + "Check user-provided value against a whitelist first, then set the variant:"+ + "request.variant = :tablet if params[:some_param] == 'tablet'" + end + end + # Sets the \format by string extension, which can be used to force custom formats # that are not controlled by the extension. # |