diff options
20 files changed, 98 insertions, 81 deletions
diff --git a/actionpack/lib/action_controller/metal/live.rb b/actionpack/lib/action_controller/metal/live.rb index e6ada0c106..43a9e3aa9d 100644 --- a/actionpack/lib/action_controller/metal/live.rb +++ b/actionpack/lib/action_controller/metal/live.rb @@ -47,13 +47,13 @@ module ActionController def each while str = @buf.pop - yield str + yield(str) end end def close super - @buf.push nil + @buf.push(nil) end end @@ -78,7 +78,7 @@ module ActionController end def initialize(status = 200, header = {}, body = []) - header = Header.new self, header + header = Header.new(self, header) super(status, header, body) end @@ -89,11 +89,11 @@ module ActionController private - def build_buffer(response, body) - buf = Live::Buffer.new response - body.each { |part| buf.write part } - buf - end + def build_buffer(response, body) + buf = Live::Buffer.new(response) + body.each { |part| buf.write(part) } + buf + end end def process(name) diff --git a/actionpack/test/controller/new_base/render_template_test.rb b/actionpack/test/controller/new_base/render_template_test.rb index 156d87c321..d0be4f66d1 100644 --- a/actionpack/test/controller/new_base/render_template_test.rb +++ b/actionpack/test/controller/new_base/render_template_test.rb @@ -126,7 +126,7 @@ module RenderTemplate test "rendering a template with error properly excerts the code" do get :with_error assert_status 500 - assert_match "undefined local variable or method `idontexist'", response.body + assert_match "undefined local variable or method `idontexist", response.body end end diff --git a/actionpack/test/controller/render_test.rb b/actionpack/test/controller/render_test.rb index 6bebe7e1ed..3f047fc9b5 100644 --- a/actionpack/test/controller/render_test.rb +++ b/actionpack/test/controller/render_test.rb @@ -186,7 +186,7 @@ class TestController < ActionController::Base # :ported: def render_text_hello_world_with_layout - @variable_for_layout = ", I'm here!" + @variable_for_layout = ", I am here!" render :text => "hello world", :layout => true end @@ -844,7 +844,7 @@ class RenderTest < ActionController::TestCase # :ported: def test_do_with_render_text_and_layout get :render_text_hello_world_with_layout - assert_equal "<html>hello world, I'm here!</html>", @response.body + assert_equal "<html>hello world, I am here!</html>", @response.body end # :ported: diff --git a/actionpack/test/template/erb_util_test.rb b/actionpack/test/template/erb_util_test.rb index ca2710e9b3..3d51024089 100644 --- a/actionpack/test/template/erb_util_test.rb +++ b/actionpack/test/template/erb_util_test.rb @@ -8,11 +8,11 @@ class ErbUtilTest < ActiveSupport::TestCase define_method "test_html_escape_#{expected.gsub(/\W/, '')}" do assert_equal expected, html_escape(given) end + end - unless given == '"' - define_method "test_json_escape_#{expected.gsub(/\W/, '')}" do - assert_equal ERB::Util::JSON_ESCAPE[given], json_escape(given) - end + ERB::Util::JSON_ESCAPE.each do |given, expected| + define_method "test_json_escape_#{expected.gsub(/\W/, '')}" do + assert_equal ERB::Util::JSON_ESCAPE[given], json_escape(given) end end @@ -40,13 +40,13 @@ class ErbUtilTest < ActiveSupport::TestCase def test_rest_in_ascii (0..127).to_a.map {|int| int.chr }.each do |chr| - next if chr.in?('&"<>') + next if chr.in?('&"<>\'') assert_equal chr, html_escape(chr) end end def test_html_escape_once - assert_equal '1 < 2 & 3', html_escape_once('1 < 2 & 3') + assert_equal '1 <>&"' 2 & 3', html_escape_once('1 <>&"\' 2 & 3') end def test_html_escape_once_returns_unsafe_strings_when_passed_unsafe_strings diff --git a/actionpack/test/template/form_options_helper_test.rb b/actionpack/test/template/form_options_helper_test.rb index bfc73172eb..43d4937bfc 100644 --- a/actionpack/test/template/form_options_helper_test.rb +++ b/actionpack/test/template/form_options_helper_test.rb @@ -1125,7 +1125,7 @@ class FormOptionsHelperTest < ActionView::TestCase def test_options_for_select_with_element_attributes assert_dom_equal( - "<option value=\"<Denmark>\" class=\"bold\"><Denmark></option>\n<option value=\"USA\" onclick=\"alert('Hello World');\">USA</option>\n<option value=\"Sweden\">Sweden</option>\n<option value=\"Germany\">Germany</option>", + "<option value=\"<Denmark>\" class=\"bold\"><Denmark></option>\n<option value=\"USA\" onclick=\"" + ERB::Util.html_escape("alert('Hello World');") + "\">USA</option>\n<option value=\"Sweden\">Sweden</option>\n<option value=\"Germany\">Germany</option>", options_for_select([ [ "<Denmark>", { :class => 'bold' } ], [ "USA", { :onclick => "alert('Hello World');" } ], [ "Sweden" ], "Germany" ]) ) end diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb index 9afa4a2927..6c791e0dec 100644 --- a/actionpack/test/template/form_tag_helper_test.rb +++ b/actionpack/test/template/form_tag_helper_test.rb @@ -374,7 +374,7 @@ class FormTagHelperTest < ActionView::TestCase def test_submit_tag assert_dom_equal( - %(<input name='commit' data-disable-with="Saving..." onclick="alert('hello!')" type="submit" value="Save" />), + %(<input name='commit' data-disable-with="Saving..." onclick=") + ERB::Util.html_escape("alert('hello!')") + %(" type="submit" value="Save" />), submit_tag("Save", :onclick => "alert('hello!')", :data => { :disable_with => "Saving..." }) ) end diff --git a/actionpack/test/template/template_test.rb b/actionpack/test/template/template_test.rb index 322bea3fb0..061f5bb53f 100644 --- a/actionpack/test/template/template_test.rb +++ b/actionpack/test/template/template_test.rb @@ -84,7 +84,7 @@ class TestERBTemplate < ActiveSupport::TestCase def test_locals @template = new_template("<%= my_local %>") @template.locals = [:my_local] - assert_equal "I'm a local", render(:my_local => "I'm a local") + assert_equal "I am a local", render(:my_local => "I am a local") end def test_restores_buffer diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb index a3ab091c6c..75ec1d8f16 100644 --- a/actionpack/test/template/text_helper_test.rb +++ b/actionpack/test/template/text_helper_test.rb @@ -107,8 +107,8 @@ class TextHelperTest < ActionView::TestCase end def test_truncate_with_link_options - assert_equal "Here's a long test and I...<a href=\"#\">Continue</a>", - truncate("Here's a long test and I need a continue to read link", :length => 27) { link_to 'Continue', '#' } + assert_equal "Here is a long test and ...<a href=\"#\">Continue</a>", + truncate("Here is a long test and I need a continue to read link", :length => 27) { link_to 'Continue', '#' } end def test_truncate_should_be_html_safe @@ -149,8 +149,8 @@ class TextHelperTest < ActionView::TestCase end def test_truncate_with_block_should_escape_the_block - assert_equal "Here's a long test and I...<script>alert('foo');</script>", - truncate("Here's a long test and I need a continue to read link", :length => 27) { "<script>alert('foo');</script>" } + assert_equal "Here is a long test and ...<script>" + ERB::Util.html_escape("alert('foo');") + "</script>", + truncate("Here is a long test and I need a continue to read link", :length => 27) { "<script>alert('foo');</script>" } end def test_highlight_should_be_html_safe diff --git a/actionpack/test/template/url_helper_test.rb b/actionpack/test/template/url_helper_test.rb index cb6f378ecb..2c67b2210b 100644 --- a/actionpack/test/template/url_helper_test.rb +++ b/actionpack/test/template/url_helper_test.rb @@ -244,7 +244,7 @@ class UrlHelperTest < ActiveSupport::TestCase def test_link_tag_with_custom_onclick link = link_to("Hello", "http://www.example.com", :onclick => "alert('yay!')") - expected = %{<a href="http://www.example.com" onclick="alert('yay!')">Hello</a>} + expected = %{<a href="http://www.example.com" onclick="} + ERB::Util.html_escape("alert('yay!')") + %{">Hello</a>} assert_dom_equal expected, link end @@ -254,12 +254,12 @@ class UrlHelperTest < ActiveSupport::TestCase link_to("Hello", "http://www.example.com", :data => { :confirm => "Are you sure?" }) ) assert_dom_equal( - "<a href=\"http://www.example.com\" data-confirm=\"You can't possibly be sure, can you?\">Hello</a>", - link_to("Hello", "http://www.example.com", :data => { :confirm => "You can't possibly be sure, can you?" }) + "<a href=\"http://www.example.com\" data-confirm=\"You cant possibly be sure, can you?\">Hello</a>", + link_to("Hello", "http://www.example.com", :data => { :confirm => "You cant possibly be sure, can you?" }) ) assert_dom_equal( - "<a href=\"http://www.example.com\" data-confirm=\"You can't possibly be sure,\n can you?\">Hello</a>", - link_to("Hello", "http://www.example.com", :data => { :confirm => "You can't possibly be sure,\n can you?" }) + "<a href=\"http://www.example.com\" data-confirm=\"You cant possibly be sure,\n can you?\">Hello</a>", + link_to("Hello", "http://www.example.com", :data => { :confirm => "You cant possibly be sure,\n can you?" }) ) end @@ -272,14 +272,14 @@ class UrlHelperTest < ActiveSupport::TestCase end assert_deprecated ":confirm option is deprecated and will be removed from Rails 4.1. Use ':data => { :confirm => \'Text\' }' instead" do assert_dom_equal( - "<a href=\"http://www.example.com\" data-confirm=\"You can't possibly be sure, can you?\">Hello</a>", - link_to("Hello", "http://www.example.com", :confirm => "You can't possibly be sure, can you?") + "<a href=\"http://www.example.com\" data-confirm=\"You cant possibly be sure, can you?\">Hello</a>", + link_to("Hello", "http://www.example.com", :confirm => "You cant possibly be sure, can you?") ) end assert_deprecated ":confirm option is deprecated and will be removed from Rails 4.1. Use ':data => { :confirm => \'Text\' }' instead" do assert_dom_equal( - "<a href=\"http://www.example.com\" data-confirm=\"You can't possibly be sure,\n can you?\">Hello</a>", - link_to("Hello", "http://www.example.com", :confirm => "You can't possibly be sure,\n can you?") + "<a href=\"http://www.example.com\" data-confirm=\"You cant possibly be sure,\n can you?\">Hello</a>", + link_to("Hello", "http://www.example.com", :confirm => "You cant possibly be sure,\n can you?") ) end end diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md index 00bc45e4cc..af15dc37c9 100644 --- a/activerecord/CHANGELOG.md +++ b/activerecord/CHANGELOG.md @@ -407,7 +407,7 @@ RAILS_ENV=production bundle exec rake db:schema:cache:dump => generate db/schema_cache.dump - 2) add config.use_schema_cache_dump = true in config/production.rb. BTW, true is default. + 2) add config.active_record.use_schema_cache_dump = true in config/production.rb. BTW, true is default. 3) boot rails. RAILS_ENV=production bundle exec rails server diff --git a/activerecord/lib/active_record/associations/builder/association.rb b/activerecord/lib/active_record/associations/builder/association.rb index f45ab1aff4..c3f32b5ed9 100644 --- a/activerecord/lib/active_record/associations/builder/association.rb +++ b/activerecord/lib/active_record/associations/builder/association.rb @@ -77,6 +77,16 @@ module ActiveRecord::Associations::Builder end end + def check_valid_dependent!(dependent, valid_options) + unless valid_options.include?(dependent) + valid_options_message = valid_options.map(&:inspect).to_sentence( + words_connector: ', ', two_words_connector: ' or ', last_word_connector: ' or ') + + raise ArgumentError, "The :dependent option expects either " \ + "#{valid_options_message} (#{dependent.inspect})" + end + end + def dependent_restrict_raises? ActiveRecord::Base.dependent_restrict_raises == true end diff --git a/activerecord/lib/active_record/associations/builder/belongs_to.rb b/activerecord/lib/active_record/associations/builder/belongs_to.rb index 4bef996297..405dfc97b7 100644 --- a/activerecord/lib/active_record/associations/builder/belongs_to.rb +++ b/activerecord/lib/active_record/associations/builder/belongs_to.rb @@ -72,16 +72,14 @@ module ActiveRecord::Associations::Builder end def configure_dependency - if options[:dependent] - unless options[:dependent].in?([:destroy, :delete]) - raise ArgumentError, "The :dependent option expects either :destroy or :delete (#{options[:dependent].inspect})" - end + if dependent = options[:dependent] + check_valid_dependent! dependent, [:destroy, :delete] - method_name = "belongs_to_dependent_#{options[:dependent]}_for_#{name}" + method_name = "belongs_to_dependent_#{dependent}_for_#{name}" model.send(:class_eval, <<-eoruby, __FILE__, __LINE__ + 1) def #{method_name} association = #{name} - association.#{options[:dependent]} if association + association.#{dependent} if association end eoruby model.after_destroy method_name diff --git a/activerecord/lib/active_record/associations/builder/has_many.rb b/activerecord/lib/active_record/associations/builder/has_many.rb index 81df1fb135..d0bdfa7d9c 100644 --- a/activerecord/lib/active_record/associations/builder/has_many.rb +++ b/activerecord/lib/active_record/associations/builder/has_many.rb @@ -19,14 +19,11 @@ module ActiveRecord::Associations::Builder private def configure_dependency - if options[:dependent] - unless options[:dependent].in?([:destroy, :delete_all, :nullify, :restrict]) - raise ArgumentError, "The :dependent option expects either :destroy, :delete_all, " \ - ":nullify or :restrict (#{options[:dependent].inspect})" - end + if dependent = options[:dependent] + check_valid_dependent! dependent, [:destroy, :delete_all, :nullify, :restrict] + dependent_restrict_deprecation_warning if dependent == :restrict - dependent_restrict_deprecation_warning if options[:dependent] == :restrict - send("define_#{options[:dependent]}_dependency_method") + send("define_#{dependent}_dependency_method") model.before_destroy dependency_method_name end end diff --git a/activerecord/lib/active_record/associations/builder/has_one.rb b/activerecord/lib/active_record/associations/builder/has_one.rb index cdb45e8e58..cd6d9c871b 100644 --- a/activerecord/lib/active_record/associations/builder/has_one.rb +++ b/activerecord/lib/active_record/associations/builder/has_one.rb @@ -25,14 +25,11 @@ module ActiveRecord::Associations::Builder private def configure_dependency - if options[:dependent] - unless options[:dependent].in?([:destroy, :delete, :nullify, :restrict]) - raise ArgumentError, "The :dependent option expects either :destroy, :delete, " \ - ":nullify or :restrict (#{options[:dependent].inspect})" - end - - dependent_restrict_deprecation_warning if options[:dependent] == :restrict - send("define_#{options[:dependent]}_dependency_method") + if dependent = options[:dependent] + check_valid_dependent! dependent, [:destroy, :delete, :nullify, :restrict] + dependent_restrict_deprecation_warning if dependent == :restrict + + send("define_#{dependent}_dependency_method") model.before_destroy dependency_method_name end end diff --git a/activerecord/lib/active_record/railtie.rb b/activerecord/lib/active_record/railtie.rb index 9432a70c41..672d9a4246 100644 --- a/activerecord/lib/active_record/railtie.rb +++ b/activerecord/lib/active_record/railtie.rb @@ -29,6 +29,8 @@ module ActiveRecord 'ActiveRecord::RecordNotSaved' => :unprocessable_entity ) + config.active_record.use_schema_cache_dump = true + rake_tasks do require "active_record/base" load "active_record/railties/databases.rake" @@ -66,6 +68,25 @@ module ActiveRecord end end + initializer "active_record.check_schema_cache_dump" do |app| + if config.active_record.delete(:use_schema_cache_dump) + config.after_initialize do |app| + ActiveSupport.on_load(:active_record) do + filename = File.join(app.config.paths["db"].first, "schema_cache.dump") + + if File.file?(filename) + cache = Marshal.load File.binread filename + if cache.version == ActiveRecord::Migrator.current_version + ActiveRecord::Model.connection.schema_cache = cache + else + warn "schema_cache.dump is expired. Current version is #{ActiveRecord::Migrator.current_version}, but cache version is #{cache.version}." + end + end + end + end + end + end + initializer "active_record.set_configs" do |app| ActiveSupport.on_load(:active_record) do app.config.active_record.each do |k,v| @@ -117,21 +138,6 @@ module ActiveRecord end end - ActiveSupport.on_load(:active_record) do - if app.config.use_schema_cache_dump - filename = File.join(app.config.paths["db"].first, "schema_cache.dump") - - if File.file?(filename) - cache = Marshal.load File.binread filename - if cache.version == ActiveRecord::Migrator.current_version - ActiveRecord::Model.connection.schema_cache = cache - else - warn "schema_cache.dump is expired. Current version is #{ActiveRecord::Migrator.current_version}, but cache version is #{cache.version}." - end - end - end - end - end end end diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb index 5226ff0cbe..c17d695967 100644 --- a/activesupport/lib/active_support/core_ext/string/output_safety.rb +++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb @@ -3,9 +3,9 @@ require 'active_support/core_ext/kernel/singleton_class' class ERB module Util - HTML_ESCAPE = { '&' => '&', '>' => '>', '<' => '<', '"' => '"' } + HTML_ESCAPE = { '&' => '&', '>' => '>', '<' => '<', '"' => '"', "'" => ''' } JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' } - HTML_ESCAPE_ONCE_REGEXP = /[\"><]|&(?!([a-zA-Z]+|(#\d+));)/ + HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+));)/ JSON_ESCAPE_REGEXP = /[&"><]/ # A utility method for escaping HTML tag characters. @@ -21,7 +21,7 @@ class ERB if s.html_safe? s else - s.encode(s.encoding, :xml => :attr)[1...-1].html_safe + s.gsub(/[&"'><]/, HTML_ESCAPE).html_safe end end diff --git a/activesupport/test/core_ext/string_ext_test.rb b/activesupport/test/core_ext/string_ext_test.rb index e5b774425e..3b08ebe35f 100644 --- a/activesupport/test/core_ext/string_ext_test.rb +++ b/activesupport/test/core_ext/string_ext_test.rb @@ -498,8 +498,8 @@ class OutputSafetyTest < ActiveSupport::TestCase end test "ERB::Util.html_escape should escape unsafe characters" do - string = '<>&"' - expected = '<>&"' + string = '<>&"\'' + expected = '<>&"'' assert_equal expected, ERB::Util.html_escape(string) end diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb index 048219002d..3531728421 100644 --- a/railties/lib/rails/application.rb +++ b/railties/lib/rails/application.rb @@ -102,6 +102,17 @@ module Rails # Stores some of the Rails initial environment parameters which # will be used by middlewares and engines to configure themselves. + # Currently stores: + # + # * "action_dispatch.parameter_filter" => config.filter_parameters, + # * "action_dispatch.secret_token" => config.secret_token, + # * "action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions, + # * "action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local, + # * "action_dispatch.logger" => Rails.logger, + # * "action_dispatch.backtrace_cleaner" => Rails.backtrace_cleaner + # + # These parameters will be used by middlewares and engines to configure themselves + # def env_config @env_config ||= super.merge({ "action_dispatch.parameter_filter" => config.filter_parameters, diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb index a2e5dece16..9521805778 100644 --- a/railties/lib/rails/application/configuration.rb +++ b/railties/lib/rails/application/configuration.rb @@ -11,7 +11,7 @@ module Rails :force_ssl, :helpers_paths, :logger, :log_formatter, :log_tags, :preload_frameworks, :railties_order, :relative_url_root, :secret_token, :serve_static_assets, :ssl_options, :static_cache_control, :session_options, - :time_zone, :reload_classes_only_on_change, :use_schema_cache_dump, + :time_zone, :reload_classes_only_on_change, :queue, :queue_consumer attr_writer :log_level @@ -43,7 +43,6 @@ module Rails @exceptions_app = nil @autoflush_log = true @log_formatter = ActiveSupport::Logger::SimpleFormatter.new - @use_schema_cache_dump = true @queue = Rails::Queueing::Queue @queue_consumer = Rails::Queueing::ThreadedConsumer diff --git a/railties/lib/rails/generators/rails/scaffold_controller/USAGE b/railties/lib/rails/generators/rails/scaffold_controller/USAGE index 673f69bc81..5cd51b62d4 100644 --- a/railties/lib/rails/generators/rails/scaffold_controller/USAGE +++ b/railties/lib/rails/generators/rails/scaffold_controller/USAGE @@ -1,8 +1,7 @@ Description: - Stubs out a scaffolded controller and its views. Pass the model name, - either CamelCased or under_scored, and a list of views as arguments. - The controller name is retrieved as a pluralized version of the model - name. + Stubs out a scaffolded controller, its seven RESTful actions and related + views. Pass the model name, either CamelCased or under_scored. The + controller name is retrieved as a pluralized version of the model name. To create a controller within a module, specify the model name as a path like 'parent_module/controller_name'. |