aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #34635 from WoH/data-disable-foreverJavan Makhmali2018-12-183-0/+29
|\ | | | | UJS: Do not disable previously disabled elements
| * Do not disable previously disabled elementsWoH2018-12-063-0/+29
| |
* | Add test case for ce48b5a366482d4b4c4c053e1e39e79d71987197Ryuta Kamizono2018-12-181-0/+7
| |
* | Fix `View.new` method call with arguments syntaxRyuta Kamizono2018-12-181-1/+1
| | | | | | [ci skip]
* | Merge pull request #34733 from tjschuck/view_context_doc_formattingVipul A M2018-12-181-4/+5
|\ \ | | | | | | Fix doc formatting [ci skip]
| * | Fix doc formattingT.J. Schuck2018-12-171-4/+5
|/ / | | | | | | [ci skip]
* | Merge pull request #33145 from gsamokovarov/host-authorizationEileen M. Uchitelle2018-12-1715-50/+393
|\ \ | | | | | | Guard against DNS rebinding attacks by whitelisting hosts
| * \ Merge branch 'master' into host-authorizationEileen M. Uchitelle2018-12-176-9/+59
| |\ \ | |/ / |/| |
* | | Merge pull request #34717 from tbuehlmann/controller-test-parsed-bodyKasper Timm Hansen2018-12-173-6/+37
|\ \ \ | | | | | | | | Allow using parsed_body in ActionController::TestCase
| * | | Allow using parsed_body in ActionController::TestCaseTobias Bühlmann2018-12-163-6/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | … by switching the initialzation of an appropriate response parser in `ActionDispatch::TestResponse` from eagerly to lazily. By doing so, the response parser can be correctly set for `ActionController::TestCase`, which doesn't include the content type header in the constructor but only sets it at a later time. Fixes #34676.
* | | | Extend documentation of `ActiveSupport::Notifications.subscribe` (#34721)Bogdan2018-12-173-3/+22
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Extend documentation of `ActiveSupport::Notifications.subscribe` Add mention that a block with only one argument passed to the method will yield an event object. Related to #33451 * Emphasize that `SubscribeEventObjects` is a test class by adding suffix `Test`
| * / Introduce a guard against DNS rebinding attacksGenadi Samokovarov2018-12-1515-50/+393
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ActionDispatch::HostAuthorization is a new middleware that prevent against DNS rebinding and other Host header attacks. By default it is included only in the development environment with the following configuration: Rails.application.config.hosts = [ IPAddr.new("0.0.0.0/0"), # All IPv4 addresses. IPAddr.new("::/0"), # All IPv6 addresses. "localhost" # The localhost reserved domain. ] In other environments, `Rails.application.config.hosts` is empty and no Host header checks will be done. If you want to guard against header attacks on production, you have to manually permit the allowed hosts with: Rails.application.config.hosts << "product.com" The host of a request is checked against the hosts entries with the case operator (#===), which lets hosts support entries of type RegExp, Proc and IPAddr to name a few. Here is an example with a regexp. # Allow requests from subdomains like `www.product.com` and # `beta1.product.com`. Rails.application.config.hosts << /.*\.product\.com/ A special case is supported that allows you to permit all sub-domains: # Allow requests from subdomains like `www.product.com` and # `beta1.product.com`. Rails.application.config.hosts << ".product.com"
* | Prevent infinit method_missing loop on attribute methodsRyuta Kamizono2018-12-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | If a klass has acceptance validation and then `klass.undefine_attribute_methods` is happened before an attribute method is called, infinit loop is caused on the `method_missing` defined by the `LazilyDefineAttributes`. https://travis-ci.org/rails/rails/jobs/467053984#L1409 To prevent the infinit loop, the `method_missing` should ensure `klass.define_attribute_methods`.
* | Ruby can show a little bit more detailed info in shorter codeAkira Matsuda2018-12-151-1/+1
| | | | | | | | This follows up adb0c7bc5116e0f6020a4ec32b7e19ea8b26f1ec
* | Merge pull request #32872 from utilum/soften_migrations_guide_generator_sectionVipul A M2018-12-151-4/+9
|\ \ | | | | | | Expand intro to generator in Migrations Guide
| * | Expand intro to Migration generator in Migrations Guideutilum2018-05-111-4/+9
| | | | | | | | | | | | [ci skip]
* | | http://localhost:3000/rails/info/properties shows more details for ease of ↵ujihisa2018-12-141-1/+1
| | | | | | | | | | | | | | | | | | bug reporting Hand-merging @ujihisa's ancient patch at https://lighthouseapp.com/projects/8994/tickets/3644
* | | Merge pull request #34702 from ↵Yuji Yaginuma2018-12-141-0/+7
|\ \ \ | | | | | | | | | | | | | | | | ysksn/test_deprecate_methods_without_alternate_method Test ActiveSupport::Deprecation.deprecate_methods
| * | | Test ActiveSupport::Deprecation.deprecate_methodsYosuke Kabuto2018-12-141-0/+7
| | | | | | | | | | | | | | | | There was no test without an alternate method name is given.
* | | | Do not show post install message on rails newRafael Mendonça França2018-12-132-5/+5
|/ / /
* | | Enable `Layout/SpaceAfterSemicolon` cop to avoid newly adding odd spacingRyuta Kamizono2018-12-133-6/+9
| | | | | | | | | | | | Ref https://github.com/rails/rails/commit/59ff1ba30d9f4d34b4d478104cc3f453e553c67a#diff-38fb97fba84b1ef0f311c4110a597c44R35
* | | Use string for arguments in server testyuuji.yaginuma2018-12-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When actually execute from the command, the value of ARGV is passed to the server. So they are String. So let's use the same type in the test. Also, this removes the following warning in Ruby 2.6. ``` lib/rails/commands/server/server_command.rb:195: warning: deprecated Object#=~ is called on Integer; it always returns nil ```
* | | Merge pull request #34695 from shoy75/update-ruby-version-for-travisRyuta Kamizono2018-12-131-13/+13
|\ \ \ | | | | | | | | Update tested versions of Ruby on CI
| * | | Update tested versions of Ruby on CIshoy752018-12-131-13/+13
| | | |
* | | | Merge pull request #34693 from ahorek/matchRyuta Kamizono2018-12-132-4/+4
|\ \ \ \ | |/ / / |/| | | | | | | [perf] use #match?
| * | | use match?pavel2018-12-122-4/+4
| | | |
* | | | Fix warning: shadowing outer local variable - attributeRyuta Kamizono2018-12-131-1/+1
|/ / /
* | | Merge pull request #32852 from gmcgibbon/fix_numericality_float_equalityRafael França2018-12-123-10/+34
|\ \ \ | | | | | | | | Fix numericality equality validation on floats
| * | | Fix numericality equality validation on floatsGannon McGibbon2018-12-123-10/+34
| | | |
* | | | Merge pull request #34691 from gmcgibbon/rm_helper_generator_suffixRyuta Kamizono2018-12-133-0/+16
|\ \ \ \ | | | | | | | | | | | | | | | Remove redundant suffixes on generated helpers.
| * | | | Remove redundant suffixes on generated helpers.Gannon McGibbon2018-12-123-0/+16
| | | | |
* | | | | Merge pull request #34690 from gmcgibbon/rm_integration_test_generator_suffixRyuta Kamizono2018-12-133-0/+17
|\ \ \ \ \ | |/ / / / |/| | | | Remove redundant suffixes on generated integration tests.
| * | | | Remove redundant suffixes on generated integration tests.Gannon McGibbon2018-12-123-0/+17
|/ / / /
* | | | Merge pull request #34681 from gmcgibbon/fix_boolean_system_test_scaffoldRafael França2018-12-124-3/+22
|\ \ \ \ | | | | | | | | | | Fix boolean interaction in scaffold system tests
| * | | | Fix boolean interaction in scaffold system testsGannon McGibbon2018-12-124-3/+22
| |/ / /
* | | | Merge pull request #34689 from haruelico/beanstalkdRyuta Kamizono2018-12-131-3/+3
|\ \ \ \ | |/ / / |/| | | kr/beanstalkd permanently moved to beanstalkd/beanstalkd
| * | | kr/beanstalkd permanently moved to beanstalkd/beanstalkdHarue Lico2018-12-131-3/+3
|/ / / | | | | | | | | | | | | https://github.com/kr/beanstalkd has moved to https://github.com/beanstalkd/beanstalkd as permanently.
* | | Merge pull request #34686 from got2be/actioncable-channel-rescuableKasper Timm Hansen2018-12-122-1/+21
|\ \ \ | | | | | | | | Add Missing ActiveSupport::Rescuable to ActionCable::Channel
| * | | Add Missing ActiveSupport::Rescuable to ActionCable::ChannelIlia Kasianenko2018-12-122-1/+21
| | | | | | | | | | | | | | | | [timthez, Ilia Kasianenko]
* | | | Ensure that preventing writes is invoked before `materialize_transactions` ↵Ryuta Kamizono2018-12-122-13/+23
| | | | | | | | | | | | | | | | consistently
* | | | Merge pull request #34682 from gmcgibbon/rm_system_test_generator_suffixRyuta Kamizono2018-12-123-0/+23
|\ \ \ \ | | | | | | | | | | Remove redundant suffixes on generated system tests.
| * | | | Remove redundant suffixes on generated system tests.Gannon McGibbon2018-12-113-0/+23
| | | | |
* | | | | Merge pull request #34680 from jhawthorn/connected_to_questionEileen M. Uchitelle2018-12-122-0/+34
|\ \ \ \ \ | |_|/ / / |/| | | | Add ActiveRecord::Base.connected_to?
| * | | | Add AR::Base.connected_to?John Hawthorn2018-12-112-0/+34
| |/ / / | | | | | | | | | | | | | | | | This can be used to check the currently connected role. It's meant to mirror AR::Base.connected_to
* | | | Merge pull request #34648 from y-yagi/fixes_34646Yuji Yaginuma2018-12-122-14/+31
|\ \ \ \ | |/ / / |/| | | Make `deprecate` work for non-exists methods
| * | | Make `deprecate` work for non-exists methodsyuuji.yaginuma2018-12-072-14/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before #33325, `deprecate` works for non-exist methods. This is necessary, for example, if want to deprecate dynamically defined methods like attributes methods. Fixes #34646
* | | | An empty transaction does not raise the `ReadOnlyError` if preventing writesRyuta Kamizono2018-12-114-3/+13
| | | | | | | | | | | | | | | | | | | | | | | | BEGIN transaction would cause COMMIT or ROLLBACK, so unless COMMIT and ROLLBACK aren't treated as write queries as well as BEGIN, the `ReadOnlyError` would be raised.
* | | | Merge pull request #34670 from ↵Rafael França2018-12-101-8/+14
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | sambostock/prepend-module-in-active-storage-overview Prepend module in ActiveStorage overview
| * | | | Prepend module in ActiveStorage overviewSam Bostock2018-12-101-8/+14
|/ / / / | | | | | | | | | | | | [ci skip]
* | | | Merge pull request #34668 from toy/patch-1Rafael França2018-12-101-2/+2
|\ \ \ \ | | | | | | | | | | Fix typos in click test descriptions [ci skip]
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 03:06:06 +0000