Merge branch 'master' of https://github.com/rails/rails into performance_test

author: Gonçalo Silva <goncalossilva@gmail.com> 2011-03-28 04:20:49 +0100
committer: Gonçalo Silva <goncalossilva@gmail.com> 2011-03-28 04:20:49 +0100
commit: 6f0caa1a534a065753d51430b649114bc8bf54ac (patch)
tree: af9657373436a38ef7828b26a804d1fe12e479ad /actionpack/lib
parent: 726b7ede54031eecfcee34eec80040553e9ad19f (diff)
parent: 245542ea2994961731be105db6c076256a22a7a9 (diff)
download: rails-6f0caa1a534a065753d51430b649114bc8bf54ac.tar.gz
rails-6f0caa1a534a065753d51430b649114bc8bf54ac.tar.bz2
rails-6f0caa1a534a065753d51430b649114bc8bf54ac.zip
8 files changed, 64 insertions, 12 deletions
diff --git a/actionpack/lib/action_controller.rb b/actionpack/lib/action_controller.rb
index 5b81cd39f4..62cc18b253 100644
--- a/actionpack/lib/action_controller.rb
+++ b/actionpack/lib/action_controller.rb
@@ -14,6 +14,7 @@ module ActionController
     autoload :ConditionalGet
     autoload :Cookies
     autoload :Flash
+    autoload :ForceSSL
     autoload :Head
     autoload :Helpers
     autoload :HideActions
diff --git a/actionpack/lib/action_controller/base.rb b/actionpack/lib/action_controller/base.rb
index 81c0698fb8..e6523e56d2 100644
--- a/actionpack/lib/action_controller/base.rb
+++ b/actionpack/lib/action_controller/base.rb
@@ -198,6 +198,7 @@ module ActionController
       Cookies,
       Flash,
       RequestForgeryProtection,
+      ForceSSL,
       Streaming,
       RecordIdentifier,
       HttpAuthentication::Basic::ControllerMethods,
diff --git a/actionpack/lib/action_controller/caching/actions.rb b/actionpack/lib/action_controller/caching/actions.rb
index 2c8a6e4d4d..5fc6956266 100644
--- a/actionpack/lib/action_controller/caching/actions.rb
+++ b/actionpack/lib/action_controller/caching/actions.rb
@@ -56,19 +56,18 @@ module ActionController #:nodoc:
     #
     #     caches_page :public
     #
-    #     caches_action :index, :if => proc do |c|
-    #       !c.request.format.json?  # cache if is not a JSON request
+    #     caches_action :index, :if => proc do
+    #       !request.format.json?  # cache if is not a JSON request
     #     end
     #
     #     caches_action :show, :cache_path => { :project => 1 },
     #       :expires_in => 1.hour
     #
-    #     caches_action :feed, :cache_path => proc do |c|
-    #       if c.params[:user_id]
-    #         c.send(:user_list_url,
-    #           c.params[:user_id], c.params[:id])
+    #     caches_action :feed, :cache_path => proc do
+    #       if params[:user_id]
+    #         user_list_url(params[:user_id, params[:id])
     #       else
-    #         c.send(:list_url, c.params[:id])
+    #         list_url(params[:id])
     #       end
     #     end
     #   end
diff --git a/actionpack/lib/action_controller/metal/force_ssl.rb b/actionpack/lib/action_controller/metal/force_ssl.rb
new file mode 100644
index 0000000000..eb8ed7dfbd
--- /dev/null
+++ b/actionpack/lib/action_controller/metal/force_ssl.rb
@@ -0,0 +1,35 @@
+module ActionController
+  # This module provides a method which will redirects browser to use HTTPS
+  # protocol. This will ensure that user's sensitive information will be
+  # transferred safely over the internet. You _should_ always force browser
+  # to use HTTPS when you're transferring sensitive information such as
+  # user authentication, account information, or credit card information.
+  #
+  # Note that if you really concern about your application safety, you might
+  # consider using +config.force_ssl+ in your configuration config file instead.
+  # That will ensure all the data transferred via HTTPS protocol and prevent
+  # user from getting session hijacked when accessing the site under unsecured
+  # HTTP protocol.
+  module ForceSSL
+    extend ActiveSupport::Concern
+    include AbstractController::Callbacks
+
+    module ClassMethods
+      # Force the request to this particular controller or specified actions to be
+      # under HTTPS protocol.
+      #
+      # Note that this method will not be effective on development environment.
+      #
+      # ==== Options
+      # * <tt>only</tt>   - The callback should be run only for this action
+      # * <tt>except<tt>  - The callback should be run for all actions except this action
+      def force_ssl(options = {})
+        before_filter(options) do
+          if !request.ssl? && !Rails.env.development?
+            redirect_to :protocol => 'https://', :status => :moved_permanently
+          end
+        end
+      end
+    end
+  end
+end
+\ No newline at end of file
diff --git a/actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb b/actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb
index 50d8ca9484..2099fd069a 100644
--- a/actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb
+++ b/actionpack/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb
@@ -1,7 +1,7 @@
 <h1>
   <%=h @exception.class.to_s %>
   <% if @request.parameters['controller'] %>
-    in <%=h @request.parameters['controller'].humanize %>Controller<% if @request.parameters['action'] %>#<%=h @request.parameters['action'] %><% end %>
+    in <%=h @request.parameters['controller'].classify.pluralize %>Controller<% if @request.parameters['action'] %>#<%=h @request.parameters['action'] %><% end %>
   <% end %>
 </h1>
 <pre><%=h @exception.message %></pre>
diff --git a/actionpack/lib/action_view/helpers/form_helper.rb b/actionpack/lib/action_view/helpers/form_helper.rb
index 48abf119f1..9025d9e24c 100644
--- a/actionpack/lib/action_view/helpers/form_helper.rb
+++ b/actionpack/lib/action_view/helpers/form_helper.rb
@@ -185,7 +185,7 @@ module ActionView
       #
       # is equivalent to something like:
       #
-      #   <%= form_for @post, :as => :post, :url => post_path(@post), :html => { :method => :put, :class => "edit_post", :id => "edit_post_45" } do |f| %>
+      #   <%= form_for @post, :as => :post, :url => post_path(@post), :method => :put, :html => { :class => "edit_post", :id => "edit_post_45" } do |f| %>
       #     ...
       #   <% end %>
       #
@@ -236,6 +236,16 @@ module ActionView
       # Where <tt>@document = Document.find(params[:id])</tt> and
       # <tt>@comment = Comment.new</tt>.
       #
+      # === Setting the method
+      #
+      # You can force the form to use the full array of HTTP verbs by setting 
+      #
+      #    :method => (:get|:post|:put|:delete)
+      #
+      # in the options hash. If the verb is not GET or POST, which are natively supported by HTML forms, the
+      # form will be set to POST and a hidden input called _method will carry the intended verb for the server
+      # to interpret.
+      #
       # === Unobtrusive JavaScript
       #
       # Specifying:
@@ -298,7 +308,7 @@ module ActionView
       #
       # In this case, if you use this:
       #
-      #   <%= render :partial => f %>
+      #   <%= render f %>
       #
       # The rendered template is <tt>people/_labelling_form</tt> and the local
       # variable referencing the form builder is called
@@ -350,6 +360,7 @@ module ActionView
         end
 
         options[:html][:remote] = options.delete(:remote)
+        options[:html][:method] = options.delete(:method) if options.has_key?(:method)
         options[:html][:authenticity_token] = options.delete(:authenticity_token)
 
         builder = options[:parent_builder] = instantiate_builder(object_name, object, options, &proc)
diff --git a/actionpack/lib/action_view/helpers/javascript_helper.rb b/actionpack/lib/action_view/helpers/javascript_helper.rb
index cd3a3eac80..a19ba7a968 100644
--- a/actionpack/lib/action_view/helpers/javascript_helper.rb
+++ b/actionpack/lib/action_view/helpers/javascript_helper.rb
@@ -47,6 +47,9 @@ module ActionView
         "'"     => "\\'" }
 
       # Escape carrier returns and single and double quotes for JavaScript segments.
+      # Also available through the alias j(). This is particularly helpful in JavaScript responses, like:
+      #
+      #   $('some_element').replaceWith('<%=j render 'some/element_template' %>');
       def escape_javascript(javascript)
         if javascript
           javascript.gsub(/(\\|<\/|\r\n|[\n\r"'])/) { JS_ESCAPE_MAP[$1] }
@@ -55,6 +58,8 @@ module ActionView
         end
       end
 
+      alias_method :j, :escape_javascript
+
       # Returns a JavaScript tag with the +content+ inside. Example:
       #   javascript_tag "alert('All is good')"
       #
diff --git a/actionpack/lib/action_view/template/resolver.rb b/actionpack/lib/action_view/template/resolver.rb
index 6c1063592f..41c6310ae2 100644
--- a/actionpack/lib/action_view/template/resolver.rb
+++ b/actionpack/lib/action_view/template/resolver.rb
@@ -157,8 +157,8 @@ module ActionView
         query.gsub!(/\:#{ext}/, "{#{variants.compact.uniq.join(',')}}")
       }
 
-      query.gsub!(/\.{html,/, ".{html,text.html,")
-      query.gsub!(/\.{text,/, ".{text,text.plain,")
+      query.gsub!('.{html,', '.{html,text.html,')
+      query.gsub!('.{text,', '.{text,text.plain,')
 
       File.expand_path(query, @path)
     end
author	Gonçalo Silva <goncalossilva@gmail.com>	2011-03-28 04:20:49 +0100
committer	Gonçalo Silva <goncalossilva@gmail.com>	2011-03-28 04:20:49 +0100
commit	6f0caa1a534a065753d51430b649114bc8bf54ac (patch)
tree	af9657373436a38ef7828b26a804d1fe12e479ad /actionpack/lib
parent	726b7ede54031eecfcee34eec80040553e9ad19f (diff)
parent	245542ea2994961731be105db6c076256a22a7a9 (diff)
download	rails-6f0caa1a534a065753d51430b649114bc8bf54ac.tar.gz rails-6f0caa1a534a065753d51430b649114bc8bf54ac.tar.bz2 rails-6f0caa1a534a065753d51430b649114bc8bf54ac.zip