aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fixed session ID fixation for ActiveRecord::SessionStoreJoseph Wong2011-07-122-2/+37
| | | | | | | | | | | | | | | | | I have found that Rails will take an invalid session ID specified by the client and materialize a session based on that session ID. This means that it is possible, among other things, for a client to use an arbitrarily weak session ID or for a client to resurrect a previous used session ID. In other words, we cannot guarantee that all session IDs are generated by the server and that they are (statistically) unique through time. The fix is to always generate a new session ID in #get_session if an existing session cannot be found under the incoming session ID. Also added new tests that make sure that an invalid session ID is never materialized into a new session, regardless of whether it comes in via a cookie or a URL parameter (when :cookie_only => false).
* Fix failure in test_preserves_existing_fixture_data from ↵Jon Leighton2011-07-121-2/+2
| | | | test/cases/fixtures_test.rb when UTC and local time occur on different dates.
* Fix exception if old and new targets are both nil. Fixes #1471.Jon Leighton2011-07-124-2/+15
|
* Ensure Dir.glob is sortedJoshua Peek2011-07-111-1/+1
|
* Generate valid default fixtures for models with a type columnMarc-Andre Lafortune2011-07-112-1/+6
| | | | Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
* Merge pull request #1722 from AndrewRadev/grouped-selectJosé Valim2011-07-112-2/+48
|\ | | | | Make "select" helper handle nested collections
| * Grouped select helperAndrew Radev2011-07-112-2/+48
| | | | | | | | FormBuilder#select now works with a nested data structure.
* | Merge pull request #1756 from shtirlic/xmlschema_fixJosé Valim2011-07-112-1/+8
|\ \ | |/ |/| Fix xmlschema output with fraction_digits >0
| * Fix xmlschema output with fraction_digits >0shtirlic2011-07-112-1/+8
| | | | | | | | | | Current implementation produce incorrect output when Time#usec returns integer < 100000, because to_s doesn't add leading zeros.
* | Merge pull request #2032 from dziulius/masterXavier Noria2011-07-111-1/+1
|\ \ | | | | | | #many? - uses count instead of select
| * | #many? uses count instead of select - a bit fasterJulius Markūnas2011-07-111-1/+1
| | |
* | | Merge pull request #2009 from vatrai/autoload-todo-newJosé Valim2011-07-118-15/+7
|\ \ \ | | | | | | | | TODO fix explicitly loading exceptations, autoload removed
| * | | TODO fix explicitly loading exceptations, autoload removedVishnu Atrai2011-07-118-15/+7
| | | |
* | | | Require assets in all environments by default and provide a way to opt-out ↵José Valim2011-07-112-3/+8
| | | | | | | | | | | | | | | | from uglifier.
* | | | Merge pull request #2029 from sikachu/acronym_mentionJosé Valim2011-07-111-0/+5
|\ \ \ \ | |_|_|/ |/| | | Mention about acronym inflection in config/initializers/inflections.rb
| * | | Mention about acronym inflection in config/initializers/inflections.rbPrem Sichanugrist2011-07-111-0/+5
| | | | | | | | | | | | | | | | Closes #1366
* | | | Merge pull request #1929 from sobrinho/masterSantiago Pastorino2011-07-111-0/+14
|\ \ \ \ | | | | | | | | | | Create a test case for disable_referential_integrity
| * | | | Create a test case for disable_referential_integrityGabriel Sobrinho2011-07-011-0/+14
| | | | |
* | | | | Merge pull request #1608 from sishen/sishenJosé Valim2011-07-112-1/+25
|\ \ \ \ \ | |_|_|_|/ |/| | | | MemcacheStore: deserialize the entry reading from local_cache when using
| * | | | MemcacheStore: deserialize the entry reading from local_cache when using rawDingding Ye2011-06-102-1/+25
| | | | |
* | | | | Merge pull request #1296 from c42engineering/issue636José Valim2011-07-112-1/+50
|\ \ \ \ \ | | | | | | | | | | | | Resubmitting issue #636 as a pull request
| * | | | | Issue #636 - Parsing an xml file with multiple records and extra attributes ↵Sidu Ponnappa2011-07-112-1/+50
| | | | | | | | | | | | | | | | | | | | | | | | (besides type) fails
* | | | | | Merge pull request #1924 from cesario/1922-get-back-and-deprecate-env-defaultJosé Valim2011-07-112-0/+18
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Put back Rails.application#env_default and deprecate it [Closes #1922]
| * | | | | Rails.application#env_config is now public API. [Closes #1924]Franck Verrot2011-07-112-0/+18
|/ / / / /
* | | | | Merge pull request #1823 from gnarg/masterSantiago Pastorino2011-07-102-2/+10
|\ \ \ \ \ | | | | | | | | | | | | Log instrumentation name for exists? queries
| * | | | | Log instrumentation name for exists? queriesJon Guymon2011-06-222-2/+10
| | | | | |
* | | | | | Make Rails.groups accept arrays.José Valim2011-07-102-4/+7
| | | | | |
* | | | | | Merge pull request #2026 from spohlenz/asset-tag-fixJosé Valim2011-07-101-0/+2
|\ \ \ \ \ \ | | | | | | | | | | | | | | Include TagHelper within AssetTagHelper
| * | | | | | Include TagHelper within AssetTagHelperSam Pohlenz2011-07-101-0/+2
|/ / / / / /
* | | | | | to_key on a destroyed model should return nilSantiago Pastorino2011-07-092-2/+2
| | | | | |
* | | | | | Merge pull request #2007 from amatsuda/having_vargs_nomethoderror_fixSantiago Pastorino2011-07-092-8/+15
|\ \ \ \ \ \ | | | | | | | | | | | | | | having() raises NoMethodError: undefined method `empty?' when the given argument does not respond to empty?
| * | | | | | formatsAkira Matsuda2011-07-091-5/+5
| | | | | | |
| * | | | | | fix AR having() not to raise NoMethodError when the given argument does not ↵Akira Matsuda2011-07-092-3/+10
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | respond to empty? having raises NoMethodError: undefined method `empty?' when a Fixnum or Date/Time were passed via varargs
* | | | | | Foo.joins(:bar).includes(:bar) should result in a single query with :bar as ↵Jon Leighton2011-07-092-1/+19
| | | | | | | | | | | | | | | | | | | | | | | | a join. Related: #1873.
* | | | | | Merge branch 'master' of git://github.com/lifo/docrailsXavier Noria2011-07-0914-63/+86
|\ \ \ \ \ \
| * | | | | | Add section about debugging assetsRyan Bigg2011-07-091-1/+25
| | | | | | |
| * | | | | | Clarify that per-controller asset files are not 'magically' loaded by the ↵Ryan Bigg2011-07-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | controller, but rather need to be required
| * | | | | | Merge pull request #51 from christopherscott/masterChristopher Scott Hernandez2011-07-081-1/+1
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Single word change (find -> where) on active record query page
| | * | | | | | Updated active_record_querying.textile: intro paragraph of 'Conditions' to ↵Christopher Scott Hernandez2011-07-081-1/+1
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | change 'find method' to 'where method'
| * | | | | | update Rails version. (rails console didn't exist in 2.1)Vijay Dev2011-07-081-1/+1
| | | | | | |
| * | | | | | Changed the value that log_level takes to match the examples in the ↵Oge Nnadi2011-07-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | paragraph above
| * | | | | | minor document editAkira Matsuda2011-07-081-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | the sample model has only 9 lines: https://github.com/lifo/docrails/commit/4d4819fb279386570466b2f99254cd77fb71e05c#commitcomment-467295
| * | | | | | :conditions => whereAkira Matsuda2011-07-083-18/+11
| | | | | | |
| * | | | | | :joins => joinsAkira Matsuda2011-07-081-12/+12
| | | | | | |
| * | | | | | :include => includesAkira Matsuda2011-07-081-7/+7
| | | | | | |
| * | | | | | find(:first) => firstAkira Matsuda2011-07-082-6/+6
| | | | | | |
| * | | | | | find(:all) => allAkira Matsuda2011-07-087-27/+27
| | | | | | |
| * | | | | | document HashWithIndifferentAccess#extractable_options?Shawn Drost2011-07-071-0/+2
| | | | | | |
| * | | | | | rails text been added before versionJudeArasu2011-07-051-4/+5
| | | | | | |
| * | | | | | Remove attachment_fu, add CarrierWave to suggested uploader librariesJames Miller2011-07-051-1/+1
| | | | | | |
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-26 10:46:40 +0000