diff options
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r-- | actionpack/CHANGELOG.md | 204 |
1 files changed, 176 insertions, 28 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 8b2943af74..6b73b29ace 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,150 @@ +* Update default rendering policies when the controller action did + not explicitly indicate a response. + + For API controllers, the implicit render always renders "204 No Content" + and does not account for any templates. + + For other controllers, the following conditions are checked: + + First, if a template exists for the controller action, it is rendered. + This template lookup takes into account the action name, locales, format, + variant, template handlers, etc. (see +render+ for details). + + Second, if other templates exist for the controller action but is not in + the right format (or variant, etc.), an <tt>ActionController::UnknownFormat</tt> + is raised. The list of available templates is assumed to be a complete + enumeration of all the possible formats (or variants, etc.); that is, + having only HTML and JSON templates indicate that the controller action is + not meant to handle XML requests. + + Third, if the current request is an "interactive" browser request (the user + navigated here by entering the URL in the address bar, submiting a form, + clicking on a link, etc. as opposed to an XHR or non-browser API request), + <tt>ActionView::UnknownFormat</tt> is raised to display a helpful error + message. + + Finally, it falls back to the same "204 No Content" behavior as API controllers. + + *Godfrey Chan*, *Jon Moss*, *Kasper Timm Hansen*, *Mike Clark*, *Matthew Draper* + +## Rails 5.0.0.beta3 (February 24, 2016) ## + +* Add application/gzip as a default mime type. + + *Mehmet Emin İNAÇ* + +* Add request encoding and response parsing to integration tests. + + What previously was: + + ```ruby + require 'test_helper' + + class ApiTest < ActionDispatch::IntegrationTest + test 'creates articles' do + assert_difference -> { Article.count } do + post articles_path(format: :json), + params: { article: { title: 'Ahoy!' } }.to_json, + headers: { 'Content-Type' => 'application/json' } + end + + assert_equal({ 'id' => Article.last.id, 'title' => 'Ahoy!' }, JSON.parse(response.body)) + end + end + ``` + + Can now be written as: + + ```ruby + require 'test_helper' + + class ApiTest < ActionDispatch::IntegrationTest + test 'creates articles' do + assert_difference -> { Article.count } do + post articles_path, params: { article: { title: 'Ahoy!' } }, as: :json + end + + assert_equal({ 'id' => Article.last.id, 'title' => 'Ahoy!' }, response.parsed_body) + end + end + ``` + + Passing `as: :json` to integration test request helpers will set the format, + content type and encode the parameters as JSON. + + Then on the response side, `parsed_body` will parse the body according to the + content type the response has. + + Currently JSON is the only supported MIME type. Add your own with + `ActionDispatch::IntegrationTest.register_encoder`. + + *Kasper Timm Hansen* + +* Add image/svg+xml as a default mime type. + + *DHH* + +## Rails 5.0.0.beta2 (February 01, 2016) ## + +* Add `-g` and `-c` options to `bin/rails routes`. These options return the url `name`, `verb` and + `path` field that match the pattern or match a specific controller. + + Deprecate `CONTROLLER` env variable in `bin/rails routes`. + + See #18902. + + *Anton Davydov* & *Vipul A M* + +* Response etags to always be weak: Prefixes 'W/' to value returned by + `ActionDispatch::Http::Cache::Response#etag=`, such that etags set in + `fresh_when` and `stale?` are weak. + + Fixes #17556. + + *Abhishek Yadav* + +* Provide the name of HTTP Status code in assertions. + + *Sean Collins* + +* More explicit error message when running `rake routes`. `CONTROLLER` argument + can now be supplied in different ways: + `Rails::WelcomeController`, `Rails::Welcome`, `rails/welcome`. + + Fixes #22918. + + *Edouard Chin* + +* Allow `ActionController::Parameters` instances as an argument to URL + helper methods. An `ArgumentError` will be raised if the passed parameters + are not secure. + + Fixes #22832. + + *Prathamesh Sonpatki* + +* Add option for per-form CSRF tokens. + + *Greg Ose & Ben Toews* + +* Add tests and documentation for `ActionController::Renderers::use_renderers`. + + *Benjamin Fleischer* + +* Fix `ActionController::Parameters#convert_parameters_to_hashes` to return filtered + or unfiltered values based on from where it is called, `to_h` or `to_unsafe_h` + respectively. + + Fixes #22841. + + *Prathamesh Sonpatki* + +* Add `ActionController::Parameters#include?` + + *Justin Coyne* + +## Rails 5.0.0.beta1 (December 18, 2015) ## + * Deprecate `redirect_to :back` in favor of `redirect_back`, which accepts a required `fallback_location` argument, thus eliminating the possibility of a `RedirectBackError`. @@ -32,13 +179,13 @@ *Jorge Bejar* -* Change the `protect_from_forgery` prepend default to `false` +* Change the `protect_from_forgery` prepend default to `false`. Per this comment https://github.com/rails/rails/pull/18334#issuecomment-69234050 we want `protect_from_forgery` to default to `prepend: false`. - `protect_from_forgery` will now be insterted into the callback chain at the + `protect_from_forgery` will now be inserted into the callback chain at the point it is called in your application. This is useful for cases where you want to `protect_from_forgery` after you perform required authentication callbacks or other callbacks that are required to run after forgery protection. @@ -80,26 +227,29 @@ *Agis Anastasopoulos* -* Add the ability of returning arbitrary headers to ActionDispatch::Static +* Add the ability of returning arbitrary headers to `ActionDispatch::Static`. Now ActionDispatch::Static can accept HTTP headers so that developers will have control of returning arbitrary headers like 'Access-Control-Allow-Origin' when a response is delivered. They can be configured with `#config`: - config.public_file_server.headers = { - "Cache-Control" => "public, max-age=60", - "Access-Control-Allow-Origin" => "http://rubyonrails.org" - } + Example: + + config.public_file_server.headers = { + "Cache-Control" => "public, max-age=60", + "Access-Control-Allow-Origin" => "http://rubyonrails.org" + } *Yuki Nishijima* * Allow multiple `root` routes in same scope level. Example: - ```ruby - root 'blog#show', constraints: ->(req) { Hostname.blog_site?(req.host) } - root 'landing#show' - ``` + Example: + + root 'blog#show', constraints: ->(req) { Hostname.blog_site?(req.host) } + root 'landing#show' + *Rafael Sales* * Fix regression in mounted engine named routes generation for app deployed to @@ -110,19 +260,19 @@ *Matthew Erhard* -* ActionDispatch::Response#new no longer applies default headers. If you want +* `ActionDispatch::Response#new` no longer applies default headers. If you want default headers applied to the response object, then call - `ActionDispatch::Response.create`. This change only impacts people who are + `ActionDispatch::Response.create`. This change only impacts people who are directly constructing an `ActionDispatch::Response` object. -* Accessing mime types via constants like `Mime::HTML` is deprecated. Please +* Accessing mime types via constants like `Mime::HTML` is deprecated. Please change code like this: - Mime::HTML + Mime::HTML To this: - Mime[:html] + Mime[:html] This change is so that Rails will not manage a list of constants, and fixes an issue where if a type isn't registered you could possibly get the wrong @@ -168,7 +318,7 @@ *Jeremy Friesen* -* Using strings or symbols for middleware class names is deprecated. Convert +* Using strings or symbols for middleware class names is deprecated. Convert things like this: middleware.use "Foo::Bar" @@ -177,10 +327,10 @@ middleware.use Foo::Bar -* ActionController::TestSession now accepts a default value as well as +* `ActionController::TestSession` now accepts a default value as well as a block for generating a default value based off the key provided. - This fixes calls to session#fetch in ApplicationController instances that + This fixes calls to `session#fetch` in `ApplicationController` instances that take more two arguments or a block from raising `ArgumentError: wrong number of arguments (2 for 1)` when performing controller tests. @@ -231,10 +381,10 @@ *Grey Baker* * Add support for API only apps. - ActionController::API is added as a replacement of - ActionController::Base for this kind of applications. + `ActionController::API` is added as a replacement of + `ActionController::Base` for this kind of applications. - *Santiago Pastorino & Jorge Bejar* + *Santiago Pastorino*, *Jorge Bejar* * Remove `assigns` and `assert_template`. Both methods have been extracted into a gem at https://github.com/rails/rails-controller-testing. @@ -309,7 +459,7 @@ * Allow `Bearer` as token-keyword in `Authorization-Header`. - Aditionally to `Token`, the keyword `Bearer` is acceptable as a keyword + Additionally to `Token`, the keyword `Bearer` is acceptable as a keyword for the auth-token. The `Bearer` keyword is described in the original OAuth RFC and used in libraries like Angular-JWT. @@ -317,7 +467,7 @@ *Peter Schröder* -* Drop request class from RouteSet constructor. +* Drop request class from `RouteSet` constructor. If you would like to use a custom request class, please subclass and implement the `request_class` method. @@ -346,7 +496,7 @@ *Jeremy Kemper*, *Yves Senn* -* Deprecate AbstractController#skip_action_callback in favor of individual skip_callback methods +* Deprecate `AbstractController#skip_action_callback` in favor of individual skip_callback methods (which can be made to raise an error if no callback was removed). *Iain Beeston* @@ -552,9 +702,7 @@ Fixes an issue where when an exception is raised in the request the additional payload data is not available. - See: - * #14903 - * https://github.com/roidrage/lograge/issues/37 + See #14903. *Dieter Komendera*, *Margus Pärt* |