diff options
Diffstat (limited to 'actionpack/CHANGELOG.md')
| -rw-r--r-- | actionpack/CHANGELOG.md | 264 |
1 files changed, 257 insertions, 7 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 583d984989..74a8d9f78a 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,8 +1,158 @@ +## Rails 4.0.0 (unreleased) ## + +* Forms of persisted records use always PATCH (via the `_method` hack). *fxn* + +* For resources, both PATCH and PUT are routed to the `update` action. *fxn* + +* Don't ignore `force_ssl` in development. This is a change of behavior - use a `:if` condition to recreate the old behavior. + + class AccountsController < ApplicationController + force_ssl :if => :ssl_configured? + + def ssl_configured? + !Rails.env.development? + end + end + + *Pat Allan* + +* Adds support for the PATCH verb: + * Request objects respond to `patch?`. + * Routes have a new `patch` method, and understand `:patch` in the + existing places where a verb is configured, like `:via`. + * New method `patch` available in functional tests. + * If `:patch` is the default verb for updates, edits are + tunneled as PATCH rather than as PUT, and routing acts accordingly. + * New method `patch_via_redirect` available in integration tests. + + *dlee* + +* Integration tests support the `OPTIONS` method. *Jeremy Kemper* + +* `expires_in` accepts a `must_revalidate` flag. If true, "must-revalidate" + is added to the Cache-Control header. *fxn* + +* Add `date_field` and `date_field_tag` helpers which render an `input[type="date"]` tag *Olek Janiszewski* + +* Adds `image_url`, `javascript_url`, `stylesheet_url`, `audio_url`, `video_url`, and `font_url` + to assets tag helper. These URL helpers will return the full path to your assets. This is useful + when you are going to reference this asset from external host. *Prem Sichanugrist* + +* Default responder will now always use your overridden block in `respond_with` to render your response. *Prem Sichanugrist* + +* Allow `value_method` and `text_method` arguments from `collection_select` and + `options_from_collection_for_select` to receive an object that responds to `:call`, + such as a `proc`, to evaluate the option in the current element context. This works + the same way with `collection_radio_buttons` and `collection_check_boxes`. + + *Carlos Antonio da Silva + Rafael Mendonça França* + +* Add `collection_check_boxes` form helper, similar to `collection_select`: + Example: + + collection_check_boxes :post, :author_ids, Author.all, :id, :name + # Outputs something like: + <input id="post_author_ids_1" name="post[author_ids][]" type="checkbox" value="1" /> + <label for="post_author_ids_1">D. Heinemeier Hansson</label> + <input id="post_author_ids_2" name="post[author_ids][]" type="checkbox" value="2" /> + <label for="post_author_ids_2">D. Thomas</label> + <input name="post[author_ids][]" type="hidden" value="" /> + + The label/check_box pairs can be customized with a block. + + *Carlos Antonio da Silva + Rafael Mendonça França* + +* Add `collection_radio_buttons` form helper, similar to `collection_select`: + Example: + + collection_radio_buttons :post, :author_id, Author.all, :id, :name + # Outputs something like: + <input id="post_author_id_1" name="post[author_id]" type="radio" value="1" /> + <label for="post_author_id_1">D. Heinemeier Hansson</label> + <input id="post_author_id_2" name="post[author_id]" type="radio" value="2" /> + <label for="post_author_id_2">D. Thomas</label> + + The label/radio_button pairs can be customized with a block. + + *Carlos Antonio da Silva + Rafael Mendonça França* + +* check_box with `:form` html5 attribute will now replicate the `:form` + attribute to the hidden field as well. *Carlos Antonio da Silva* + +* `label` form helper accepts :for => nil to not generate the attribute. *Carlos Antonio da Silva* + +* Add `:format` option to number_to_percentage *Rodrigo Flores* + +* Add `config.action_view.logger` to configure logger for ActionView. *Rafael Mendonça França* + +* Deprecated ActionController::Integration in favour of ActionDispatch::Integration + +* Deprecated ActionController::IntegrationTest in favour of ActionDispatch::IntegrationTest + +* Deprecated ActionController::PerformanceTest in favour of ActionDispatch::PerformanceTest + +* Deprecated ActionController::AbstractRequest in favour of ActionDispatch::Request + +* Deprecated ActionController::Request in favour of ActionDispatch::Request + +* Deprecated ActionController::AbstractResponse in favour of ActionDispatch::Response + +* Deprecated ActionController::Response in favour of ActionDispatch::Response + +* Deprecated ActionController::Routing in favour of ActionDispatch::Routing + * check_box helper with :disabled => true will generate a disabled hidden field to conform with the HTML convention where disabled fields are not submitted with the form. This is a behavior change, previously the hidden tag had a value of the disabled checkbox. *Tadas Tamosauskas* -## Rails 3.2.0 (unreleased) ## +* `favicon_link_tag` helper will now use the favicon in app/assets by default. *Lucas Caton* + +* `ActionView::Helpers::TextHelper#highlight` now defaults to the + HTML5 `mark` element. *Brian Cardarella* + + +## Rails 3.2.2 (unreleased) ## + +* Format lookup for partials is derived from the format in which the template is being rendered. Closes #5025 part 2 *Santiago Pastorino* + +* Use the right format when a partial is missing. Closes #5025. *Santiago Pastorino* + +* Default responder will now always use your overridden block in `respond_with` to render your response. *Prem Sichanugrist* + +* check_box helper with :disabled => true will generate a disabled hidden field to conform with the HTML convention where disabled fields are not submitted with the form. + This is a behavior change, previously the hidden tag had a value of the disabled checkbox. + *Tadas Tamosauskas* + + +## Rails 3.2.1 (January 26, 2012) ## + +* Documentation improvements. + +* Allow `form.select` to accept ranges (regression). *Jeremy Walker* + +* `datetime_select` works with -/+ infinity dates. *Joe Van Dyk* + + +## Rails 3.2.0 (January 20, 2012) ## + +* Add `config.action_dispatch.default_charset` to configure default charset for ActionDispatch::Response. *Carlos Antonio da Silva* + +* Deprecate setting default charset at controller level, use the new `config.action_dispatch.default_charset` instead. *Carlos Antonio da Silva* + +* Deprecate ActionController::UnknownAction in favour of AbstractController::ActionNotFound. *Carlos Antonio da Silva* + +* Deprecate ActionController::DoubleRenderError in favour of AbstractController::DoubleRenderError. *Carlos Antonio da Silva* + +* Deprecate method_missing handling for not found actions, use action_missing instead. *Carlos Antonio da Silva* + +* Deprecate ActionController#rescue_action, ActionController#initialize_template_class, and ActionController#assign_shortcuts. + These methods were not being used internally anymore and are going to be removed in Rails 4. *Carlos Antonio da Silva* + +* Use a BodyProxy instead of including a Module that responds to + close. Closes #4441 if Active Record is disabled assets are delivered + correctly *Santiago Pastorino* + +* Rails initialization with initialize_on_precompile = false should set assets_dir *Santiago Pastorino* * Add font_path helper method *Santiago Pastorino* @@ -22,7 +172,7 @@ <%= f.button %> <% end %> -* Date helpers accept a new option, `:use_two_digit_numbers = true`, that renders select boxes for months and days with a leading zero without changing the respective values. +* Date helpers accept a new option, `:use_two_digit_numbers = true`, that renders select boxes for months and days with a leading zero without changing the respective values. For example, this is useful for displaying ISO8601-style dates such as '2011-08-01'. *Lennart Fridén and Kim Persson* * Make ActiveSupport::Benchmarkable a default module for ActionController::Base, so the #benchmark method is once again available in the controller context like it used to be *DHH* @@ -153,20 +303,30 @@ ## Rails 3.1.4 (unreleased) ## +* Skip assets group in Gemfile and all assets configurations options + when the application is generated with --skip-sprockets option. + + *Guillermo Iguaran* + +* Use ProcessedAsset#pathname in Sprockets helpers when debugging is on. Closes #3333 #3348 #3361. + + *Guillermo Iguaran* + * Allow to use asset_path on named_routes aliasing RailsHelper's asset_path to path_to_asset *Adrian Pike* -* Assets should use the request protocol by default or default to - relative if no request is available *Jonathan del Strother* +* Assets should use the request protocol by default or default to relative if no request is available *Jonathan del Strother* + +## Rails 3.1.3 (November 20, 2011) ## -## Rails 3.1.3 (unreleased) ## +* Downgrade sprockets to ~> 2.0.3. Using 2.1.0 caused regressions. * Fix using `translate` helper with a html translation which uses the `:count` option for pluralization. *Jon Leighton* -## Rails 3.1.2 (unreleased) ## +## Rails 3.1.2 (November 18, 2011) ## * Fix XSS security vulnerability in the `translate` helper method. When using interpolation in combination with HTML-safe translations, the interpolated input would not get HTML @@ -207,7 +367,7 @@ * Ensure users upgrading from 3.0.x to 3.1.x will properly upgrade their flash object in session (issues #3298 and #2509) -## Rails 3.1.1 (unreleased) ## +## Rails 3.1.1 (October 07, 2011) ## * javascript_path and stylesheet_path now refer to /assets if asset pipelining is on. *Santiago Pastorino* @@ -443,6 +603,96 @@ * Add Rack::Cache to the default stack. Create a Rails store that delegates to the Rails cache, so by default, whatever caching layer you are using will be used for HTTP caching. Note that Rack::Cache will be used if you use #expires_in, #fresh_when or #stale with :public => true. Otherwise, the caching rules will apply to the browser only. *Yehuda Katz, Carl Lerche* +## Rails 3.0.12 (unreleased) ## + +* Fix using `tranlate` helper with a html translation which uses the `:count` option for + pluralization. + + *Jon Leighton* + + +## Rails 3.0.11 (November 18, 2011) ## + +* Fix XSS security vulnerability in the `translate` helper method. When using interpolation + in combination with HTML-safe translations, the interpolated input would not get HTML + escaped. *GH 3664* + + Before: + + translate('foo_html', :something => '<script>') # => "...<script>..." + + After: + + translate('foo_html', :something => '<script>') # => "...<script>..." + + *Sergey Nartimov* + +* Implement a workaround for a bug in ruby-1.9.3p0 where an error would be + raised while attempting to convert a template from one encoding to another. + + Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug. + + The workaround is to load all conversions into memory ahead of time, and will + only happen if the ruby version is exactly 1.9.3p0. The hope is obviously + that the underlying problem will be resolved in the next patchlevel release + of 1.9.3. + +* Fix assert_select_email to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem. + +* Fix url_for when passed a hash to prevent additional options (eg. :host, :protocol) from being added to the hash after calling it. + + +## Rails 3.0.10 (August 16, 2011) ## + +* Fixes an issue where cache sweepers with only after filters would have no + controller object, it would raise undefined method controller_name for nil [jeroenj] + +* Ensure status codes are logged when exceptions are raised. + +* Subclasses of OutputBuffer are respected. + +* Fixed ActionView::FormOptionsHelper#select with :multiple => false + +* Avoid extra call to Cache#read in case of a fragment cache hit + + +## Rails 3.0.9 (June 16, 2011) ## + +* json_escape will now return a SafeBuffer string if it receives SafeBuffer string [tenderlove] + +* Make sure escape_js returns SafeBuffer string if it receives SafeBuffer string [Prem Sichanugrist] + +* Fix text helpers to work correctly with the new SafeBuffer restriction [Paul Gallagher, Arun Agrawal, Prem Sichanugrist] + + +## Rails 3.0.8 (June 7, 2011) ## + +* It is prohibited to perform a in-place SafeBuffer mutation [tenderlove] + + The old behavior of SafeBuffer allowed you to mutate string in place via + method like `sub!`. These methods can add unsafe strings to a safe buffer, + and the safe buffer will continue to be marked as safe. + + An example problem would be something like this: + + <%= link_to('hello world', @user).sub!(/hello/, params[:xss]) %> + + In the above example, an untrusted string (`params[:xss]`) is added to the + safe buffer returned by `link_to`, and the untrusted content is successfully + sent to the client without being escaped. To prevent this from happening + `sub!` and other similar methods will now raise an exception when they are called on a safe buffer. + + In addition to the in-place versions, some of the versions of these methods which return a copy of the string will incorrectly mark strings as safe. For example: + + <%= link_to('hello world', @user).sub(/hello/, params[:xss]) %> + + The new versions will now ensure that *all* strings returned by these methods on safe buffers are marked unsafe. + + You can read more about this change in http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2e516e7acc96c4fb + +* Fixed github issue #342 with asset paths and relative roots. + + ## Rails 3.0.7 (April 18, 2011) ## * No changes. |