diff options
Diffstat (limited to 'actionpack/lib')
| -rw-r--r-- | actionpack/lib/action_controller.rb | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_controller/metal/instrumentation.rb | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 45 | ||||
| -rw-r--r-- | actionpack/lib/action_view/base.rb | 1 | ||||
| -rw-r--r-- | actionpack/lib/action_view/context.rb | 6 | ||||
| -rw-r--r-- | actionpack/lib/action_view/helpers/number_helper.rb | 10 | ||||
| -rw-r--r-- | actionpack/lib/action_view/helpers/sanitize_helper.rb | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_view/helpers/text_helper.rb | 20 | ||||
| -rw-r--r-- | actionpack/lib/action_view/render/rendering.rb | 2 |
9 files changed, 71 insertions, 19 deletions
diff --git a/actionpack/lib/action_controller.rb b/actionpack/lib/action_controller.rb index c14393dda7..1bd4572a47 100644 --- a/actionpack/lib/action_controller.rb +++ b/actionpack/lib/action_controller.rb @@ -67,7 +67,7 @@ end require 'action_view' require 'action_controller/vendor/html-scanner' -# Common ActiveSupport usage in ActionController +# Common Active Support usage in Action Controller require 'active_support/concern' require 'active_support/core_ext/class/attribute_accessors' require 'active_support/core_ext/load_error' diff --git a/actionpack/lib/action_controller/metal/instrumentation.rb b/actionpack/lib/action_controller/metal/instrumentation.rb index ba38b186d6..b2c119d7e4 100644 --- a/actionpack/lib/action_controller/metal/instrumentation.rb +++ b/actionpack/lib/action_controller/metal/instrumentation.rb @@ -2,7 +2,7 @@ require 'abstract_controller/logger' module ActionController # Adds instrumentation to several ends in ActionController::Base. It also provides - # some hooks related with process_action, this allows an ORM like ActiveRecord + # some hooks related with process_action, this allows an ORM like Active Record # and/or DataMapper to plug in ActionController and show related information. # # Check ActiveRecord::Railties::ControllerRuntime for an example. diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 87e8dd5010..d69ba39728 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -45,7 +45,16 @@ module ActionDispatch # * <tt>:value</tt> - The cookie's value or list of values (as an array). # * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root # of the application. - # * <tt>:domain</tt> - The domain for which this cookie applies. + # * <tt>:domain</tt> - The domain for which this cookie applies so you can + # restrict to the domain level. If you use a schema like www.example.com + # and want to share session with user.example.com set <tt>:domain</tt> + # to <tt>:all</tt>. Make sure to specify the <tt>:domain</tt> option with + # <tt>:all</tt> again when deleting keys. + # + # :domain => nil # Does not sets cookie domain. (default) + # :domain => :all # Allow the cookie for the top most level + # domain and subdomains. + # # * <tt>:expires</tt> - The time at which this cookie expires, as a Time object. # * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers. # Default is +false+. @@ -54,22 +63,34 @@ module ActionDispatch class Cookies HTTP_HEADER = "Set-Cookie".freeze TOKEN_KEY = "action_dispatch.secret_token".freeze - + # Raised when storing more than 4K of session data. class CookieOverflow < StandardError; end class CookieJar < Hash #:nodoc: + + # This regular expression is used to split the levels of a domain + # So www.example.co.uk gives: + # $1 => www. + # $2 => example + # $3 => co.uk + DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/ + def self.build(request) secret = request.env[TOKEN_KEY] - new(secret).tap do |hash| + host = request.env["HTTP_HOST"] + + new(secret, host).tap do |hash| hash.update(request.cookies) end end - def initialize(secret=nil) + def initialize(secret = nil, host = nil) @secret = secret @set_cookies = {} @delete_cookies = {} + @host = host + super() end @@ -78,6 +99,15 @@ module ActionDispatch super(name.to_s) end + def handle_options(options) #:nodoc: + options[:path] ||= "/" + + if options[:domain] == :all + @host =~ DOMAIN_REGEXP + options[:domain] = ".#{$2}.#{$3}" + end + end + # Sets the cookie named +name+. The second argument may be the very cookie # value, or a hash of options as documented above. def []=(key, options) @@ -91,7 +121,8 @@ module ActionDispatch value = super(key.to_s, value) - options[:path] ||= "/" + handle_options(options) + @set_cookies[key] = options @delete_cookies.delete(key) value @@ -102,7 +133,9 @@ module ActionDispatch # an options hash to delete cookies with extra data such as a <tt>:path</tt>. def delete(key, options = {}) options.symbolize_keys! - options[:path] ||= "/" + + handle_options(options) + value = super(key.to_s) @delete_cookies[key] = options value diff --git a/actionpack/lib/action_view/base.rb b/actionpack/lib/action_view/base.rb index 5fa1b5619b..4d06ca0d89 100644 --- a/actionpack/lib/action_view/base.rb +++ b/actionpack/lib/action_view/base.rb @@ -2,6 +2,7 @@ require 'active_support/core_ext/module/attr_internal' require 'active_support/core_ext/module/delegation' require 'active_support/core_ext/class/attribute' require 'active_support/core_ext/array/wrap' +require 'active_support/ordered_options' module ActionView #:nodoc: class NonConcattingString < ActiveSupport::SafeBuffer diff --git a/actionpack/lib/action_view/context.rb b/actionpack/lib/action_view/context.rb index 61d2e702a7..88efd4b34f 100644 --- a/actionpack/lib/action_view/context.rb +++ b/actionpack/lib/action_view/context.rb @@ -3,8 +3,8 @@ module ActionView # holds compiled template code end - # ActionView contexts are supplied to ActionController - # to render template. The default ActionView context + # Action View contexts are supplied to Action Controller + # to render template. The default Action View context # is ActionView::Base. # # In order to work with ActionController, a Context @@ -21,7 +21,7 @@ module ActionView # options<Hash>:: See _render_template_with_layout in ActionView::Base # partial<Boolean>:: Whether or not the template to render is a partial # - # An ActionView context can also mix in ActionView's + # An Action View context can also mix in Action View's # helpers. In order to mix in helpers, a context must # implement: # diff --git a/actionpack/lib/action_view/helpers/number_helper.rb b/actionpack/lib/action_view/helpers/number_helper.rb index 38e56d8bff..b322bbad34 100644 --- a/actionpack/lib/action_view/helpers/number_helper.rb +++ b/actionpack/lib/action_view/helpers/number_helper.rb @@ -96,7 +96,7 @@ module ActionView # number_to_currency(1234567890.50) # => $1,234,567,890.50 # number_to_currency(1234567890.506) # => $1,234,567,890.51 # number_to_currency(1234567890.506, :precision => 3) # => $1,234,567,890.506 - # number_to_currency(1234567890.506, :locale => :fr) # => 1,234,567,890.506 € + # number_to_currency(1234567890.506, :locale => :fr) # => 1 234 567 890,506 € # # number_to_currency(1234567890.50, :unit => "£", :separator => ",", :delimiter => "") # # => £1234567890,50 @@ -134,6 +134,7 @@ module ActionView # format in the +options+ hash. # # ==== Options + # * <tt>:locale</tt> - Sets the locale to be used for formatting (defaults to current locale). # * <tt>:precision</tt> - Sets the precision of the number (defaults to 3). # * <tt>:significant</tt> - If +true+, precision will be the # of significant_digits. If +false+, the # of fractional digits (defaults to +false+) # * <tt>:separator</tt> - Sets the separator between the fractional and integer digits (defaults to "."). @@ -145,6 +146,7 @@ module ActionView # number_to_percentage(100, :precision => 0) # => 100% # number_to_percentage(1000, :delimiter => '.', :separator => ',') # => 1.000,000% # number_to_percentage(302.24398923423, :precision => 5) # => 302.24399% + # number_to_percentage(1000, :locale => :fr) # => 1 000,000% def number_to_percentage(number, options = {}) return nil if number.nil? @@ -171,6 +173,7 @@ module ActionView # customize the format in the +options+ hash. # # ==== Options + # * <tt>:locale</tt> - Sets the locale to be used for formatting (defaults to current locale). # * <tt>:delimiter</tt> - Sets the thousands delimiter (defaults to ","). # * <tt>:separator</tt> - Sets the separator between the fractional and integer digits (defaults to "."). # @@ -179,6 +182,7 @@ module ActionView # number_with_delimiter(12345678.05) # => 12,345,678.05 # number_with_delimiter(12345678, :delimiter => ".") # => 12.345.678 # number_with_delimiter(12345678, :separator => ",") # => 12,345,678 + # number_with_delimiter(12345678.05, :locale => :fr) # => 12 345 678,05 # number_with_delimiter(98765432.98, :delimiter => " ", :separator => ",") # # => 98 765 432,98 # @@ -223,6 +227,7 @@ module ActionView # You can customize the format in the +options+ hash. # # ==== Options + # * <tt>:locale</tt> - Sets the locale to be used for formatting (defaults to current locale). # * <tt>:precision</tt> - Sets the precision of the number (defaults to 3). # * <tt>:significant</tt> - If +true+, precision will be the # of significant_digits. If +false+, the # of fractional digits (defaults to +false+) # * <tt>:separator</tt> - Sets the separator between the fractional and integer digits (defaults to "."). @@ -237,6 +242,7 @@ module ActionView # number_with_precision(111.2345, :significant => true) # => 111 # number_with_precision(111.2345, :precision => 1, :significant => true) # => 100 # number_with_precision(13, :precision => 5, :significant => true) # => 13.000 + # number_with_precision(111.234, :locale => :fr) # => 111,234 # number_with_precision(13, :precision => 5, :significant => true, strip_insignificant_zeros => true) # # => 13 # number_with_precision(389.32314, :precision => 4, :significant => true) # => 389.3 @@ -309,6 +315,7 @@ module ActionView # See <tt>number_to_human</tt> if you want to pretty-print a generic number. # # ==== Options + # * <tt>:locale</tt> - Sets the locale to be used for formatting (defaults to current locale). # * <tt>:precision</tt> - Sets the precision of the number (defaults to 3). # * <tt>:significant</tt> - If +true+, precision will be the # of significant_digits. If +false+, the # of fractional digits (defaults to +true+) # * <tt>:separator</tt> - Sets the separator between the fractional and integer digits (defaults to "."). @@ -395,6 +402,7 @@ module ActionView # a wide range of unit quantifiers, even fractional ones (centi, deci, mili, etc). # # ==== Options + # * <tt>:locale</tt> - Sets the locale to be used for formatting (defaults to current locale). # * <tt>:precision</tt> - Sets the precision of the number (defaults to 3). # * <tt>:significant</tt> - If +true+, precision will be the # of significant_digits. If +false+, the # of fractional digits (defaults to +true+) # * <tt>:separator</tt> - Sets the separator between the fractional and integer digits (defaults to "."). diff --git a/actionpack/lib/action_view/helpers/sanitize_helper.rb b/actionpack/lib/action_view/helpers/sanitize_helper.rb index 28e40f8560..f173523f6a 100644 --- a/actionpack/lib/action_view/helpers/sanitize_helper.rb +++ b/actionpack/lib/action_view/helpers/sanitize_helper.rb @@ -4,7 +4,7 @@ require 'action_view/helpers/tag_helper' module ActionView module Helpers #:nodoc: # The SanitizeHelper module provides a set of methods for scrubbing text of undesired HTML elements. - # These helper methods extend ActionView making them callable within your template files. + # These helper methods extend Action View making them callable within your template files. module SanitizeHelper # This +sanitize+ helper will html encode all tags and strip all attributes that aren't specifically allowed. # It also strips href/src tags with invalid protocols, like javascript: especially. It does its best to counter any diff --git a/actionpack/lib/action_view/helpers/text_helper.rb b/actionpack/lib/action_view/helpers/text_helper.rb index c8533c217b..ccc9156777 100644 --- a/actionpack/lib/action_view/helpers/text_helper.rb +++ b/actionpack/lib/action_view/helpers/text_helper.rb @@ -6,7 +6,7 @@ module ActionView module Helpers #:nodoc: # The TextHelper module provides a set of methods for filtering, formatting # and transforming strings, which can reduce the amount of inline Ruby code in - # your views. These helper methods extend ActionView making them callable + # your views. These helper methods extend Action View making them callable # within your template files. module TextHelper # The preferred method of outputting text in your views is to use the @@ -39,6 +39,7 @@ module ActionView # for a total length not exceeding <tt>:length</tt>. # # Pass a <tt>:separator</tt> to truncate +text+ at a natural break. + # Pass a <tt>:safe</tt> value as "true" to not to escape the content. # # ==== Examples # @@ -54,6 +55,15 @@ module ActionView # truncate("And they found that many people were sleeping better.", :length => 25, :omission => '... (continued)') # # => "And they f... (continued)" # + # truncate("<p>Once upon a time in a world far far away</p>") + # # => "<p>Once upon a time i..." + # + # truncate("<p>Once upon a time in a world far far away</p>", :safe => true) + # # => "<p>Once upon a time in a wo..." + # + # truncate("<p>Once upon a time in a world far far away</p>".html_safe) + # # => "<p>Once upon a time in a wo..." + # # You can still use <tt>truncate</tt> with the old API that accepts the # +length+ as its optional second and the +ellipsis+ as its # optional third parameter: @@ -74,7 +84,7 @@ module ActionView options.reverse_merge!(:length => 30) - text = sanitize(text) unless text.html_safe? || options[:safe] + text = h(text) unless text.html_safe? || options[:safe] text.truncate(options.delete(:length), options) if text end @@ -106,7 +116,7 @@ module ActionView end options.reverse_merge!(:highlighter => '<strong class="highlight">\1</strong>') - text = sanitize(text) unless text.html_safe? || options[:safe] + text = h(text) unless text.html_safe? || options[:safe] if text.blank? || phrases.blank? text else @@ -244,7 +254,7 @@ module ActionView def simple_format(text, html_options={}, options={}) text = '' if text.nil? start_tag = tag('p', html_options, true) - text = sanitize(text) unless text.html_safe? || options[:safe] + text = h(text) unless text.html_safe? || options[:safe] text.gsub!(/\r\n?/, "\n") # \r\n and \r -> \n text.gsub!(/\n\n+/, "</p>\n\n#{start_tag}") # 2+ newline -> paragraph text.gsub!(/([^\n]\n)(?=[^\n])/, '\1<br />') # 1 newline -> br @@ -503,7 +513,7 @@ module ActionView text.html_safe else display_text = (block_given?) ? yield(text) : text - display_text = sanitize(display_text) unless options[:safe] + display_text = h(display_text) unless options[:safe] mail_to text, display_text, html_options end end diff --git a/actionpack/lib/action_view/render/rendering.rb b/actionpack/lib/action_view/render/rendering.rb index 4198013f57..4d35296932 100644 --- a/actionpack/lib/action_view/render/rendering.rb +++ b/actionpack/lib/action_view/render/rendering.rb @@ -56,7 +56,7 @@ module ActionView :identifier => template.identifier, :layout => layout.try(:virtual_path)) do content = template.render(self, locals) { |*name| _layout_for(*name) } - @_content_for[:layout] = content + @_content_for[:layout] = content if layout content = _render_layout(layout, locals) if layout content |