rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Merge pull request #16536 from rails/improve-custom-configuration	Rafael Mendonça França	2014-08-19	8	-46/+149
\|\ \| \| \| \|	Improve custom configuration
\| *	Improve custom configuration	Rafael Mendonça França	2014-08-19	8	-46/+149
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	1. Hashes can be assigned 2. We don't need a special level anymore The method chain only works in the top level. If users need a second level they need to assign a OrderedOptions to the key: config.resque.server = ActiveSupport::OrderedOptions.new config.resque.server.url = "http://localhost" config.resque.server.port = 3000 [Rafael Mendonça França + Carlos Antonio da Silva]
* \|	Protect against error when parsing parameters with Bad Request	Rafael Mendonça França	2014-08-19	3	-2/+30
\| \| \| \| \| \| \| \|	Related with #11795.
* \|	Merge pull request #16299 from sikachu/ps-safer-ac-params	Jeremy Kemper	2014-08-19	5	-39/+382
\|\ \ \| \| \| \| \| \|	Update `ActionController::Parameters` to be more secure on parameters handling
\| * \|	User `#to_hash` instead of calling `super`	Prem Sichanugrist	2014-08-18	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \|	Ruby 1.9.3 does not implement Hash#to_h, so we can't call `super` on it.
\| * \|	Fix failing test on several methods on Parameter	Prem Sichanugrist	2014-08-18	3	-3/+36
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* `each` * `each_pair` * `delete` * `select!`
\| * \|	Seperate Parameters accessors and mutators tests	Prem Sichanugrist	2014-08-18	3	-57/+215
\| \| \|
\| * \|	Refactor code to reduce duplicate `self.class.new`	Prem Sichanugrist	2014-08-18	1	-12/+10
\| \| \|
\| * \|	Add missing `Hash` methods to `AC::Parameters`	Prem Sichanugrist	2014-08-18	2	-0/+61
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This is to make sure that `permitted` status is maintained on the resulting object. I found these methods that needs to be redefined by looking for `self.class.new` in the code. * extract! * transform_keys * transform_values
\| * \|	Make `AC::Params#to_h` return Hash with safe keys	Prem Sichanugrist	2014-08-18	3	-0/+93
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	`ActionController::Parameters#to_h` now returns a `Hash` with unpermitted keys removed. This change is to reflect on a security concern where some method performed on an `ActionController::Parameters` may yield a `Hash` object which does not maintain `permitted?` status. If you would like to get a `Hash` with all the keys intact, duplicate and mark it as permitted before calling `#to_h`. params = ActionController::Parameters.new(name: 'Senjougahara Hitagi') params.to_h # => {} unsafe_params = params.dup.permit! unsafe_params.to_h # => {"name"=>"Senjougahara Hitagi"} safe_params = params.permit(:name) safe_params.to_h # => {"name"=>"Senjougahara Hitagi"} This change is consider a stopgap as we cannot chage the code to stop `ActionController::Parameters` to inherit from `HashWithIndifferentAccess` in the next minor release. Also, adding a CHANGELOG entry to mention that `ActionController::Parameters` will not inheriting from `HashWithIndifferentAccess` in the next major version.
* \| \|	Merge pull request #16562 from arthurnn/missing_string_require	Rafael Mendonça França	2014-08-19	1	-0/+1
\|\ \ \ \| \| \| \| \| \| \| \|	Add missing AS require
\| * \| \|	Add missing AS require	Arthur Neves	2014-08-19	1	-0/+1
\| \| \|/ \| \|/\| \| \| \| \| \| \|	`strip_heredoc` method is defined on active_support/core_ext/string
* \| \|	Merge branch 'master' of github.com:rails/docrails	Vijay Dev	2014-08-19	14	-33/+62
\|\ \ \ \| \|/ / \|/\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Conflicts: actionpack/lib/action_controller/metal/mime_responds.rb actionview/lib/action_view/vendor/html-scanner/html/sanitizer.rb activerecord/lib/active_record/type/value.rb
\| * \|	[ci skip] Update links in getting_started guide.	Juanito Fatas	2014-08-16	1	-5/+5
\| \| \|
\| * \|	`overriden` => `overridden`	Vipul A M	2014-08-13	1	-1/+1
\| \| \|
\| * \|	Uppercase HTML in docs.	Hendy Tanata	2014-08-08	14	-37/+37
\| \| \| \| \| \| \| \| \| \| \| \|	[skip ci]
\| * \|	[ci skip] Document ActionDispatch::Static	schneems	2014-08-05	1	-0/+9
\| \| \|
\| * \|	[ci skip] document ActionDispatch::FileHandler	schneems	2014-08-05	1	-0/+10
\| \| \|
\| * \|	[ci skip] Document PublicExceptions middleware	schneems	2014-08-05	1	-0/+10
\| \| \|
* \| \|	minor copy editing [ci skip]	Vijay Dev	2014-08-19	1	-3/+1
\| \| \|
* \| \|	Merge pull request #16487 from jayshepherd/patch-1	Rafael Mendonça França	2014-08-19	1	-1/+1
\|\ \ \ \| \| \| \| \| \| \| \|	Small grammar fix in pluck description
\| * \| \|	Small grammar fix in pluck description	Jay Shepherd	2014-08-12	1	-1/+1
\| \| \| \|
* \| \| \|	Merge pull request #16559 from splattael/jruby-queue_classic	Rafael Mendonça França	2014-08-19	2	-1/+2
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \|	Do not depend on queue_classic on JRuby
\| * \| \| \|	Skip adapter queue_classic for JRuby	Peter Suschlik	2014-08-19	1	-0/+1
\| \| \| \| \|
\| * \| \| \|	Gem `queue_classic` does not support JRuby	Peter Suschlik	2014-08-19	1	-1/+1
\| \| \| \| \|
* \| \| \| \|	Merge pull request #16556 from jonatack/patch-9	Robin Dupret	2014-08-19	1	-15/+16
\|\ \ \ \ \ \| \|/ / / / \|/\| \| \| \|	4.2 Release Notes pass [ci skip]
\| * \| \| \|	4.2 Release Notes pass [skip ci]	Jon Atack	2014-08-19	1	-15/+16
\| \| \| \| \|
* \| \| \| \|	Merge pull request #16554 from y-yagi/patch-2	Arthur Nogueira Neves	2014-08-19	1	-1/+1
\|\ \ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \|	[ci skip] config.active_record.errors_in_transactional_callbacks -> config.active_record.raise_in_transactional_callbacks
\| * \| \| \| \|	[ci skip] config.active_record.errors_in_transactional_callbacks -> ↵	yuuji.yaginuma	2014-08-19	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	config.active_record.raise_in_transactional_callbacks
* \| \| \| \| \|	"warning: assigned but unused variable"	Akira Matsuda	2014-08-19	1	-1/+0
\| \| \| \| \| \|
* \| \| \| \| \|	use same idiom to define class method as in every other adapter.	Yves Senn	2014-08-19	1	-2/+4
\| \| \| \| \| \|
* \| \| \| \| \|	Merge pull request #16552 from untidy-hair/update_plugin_guide	Yves Senn	2014-08-19	1	-21/+21
\|\ \ \ \ \ \ \| \|_\|/ / / / \|/\| \| \| \| \|	[ci skip] Update plugin doc with the latest rails
\| * \| \| \| \|	[ci skip] Update plugin doc with the latest rails	Yukio Mizuta	2014-08-18	1	-21/+21
\| \| \| \| \| \|
* \| \| \| \| \|	http://gembundler.com/ => http://bundler.io/	Akira Matsuda	2014-08-19	1	-1/+1
\| \| \| \| \| \|
* \| \| \| \| \|	Merge pull request #16553 from tomkadwill/removed_word	Zachary Scott	2014-08-19	1	-1/+1
\|\ \ \ \ \ \ \| \|_\|/ / / / \|/\| \| \| \| \|	[ci skip] Removed unnecessary word from Getting Started
\| * \| \| \| \|	Removed unnecessary word	Tom Kadwill	2014-08-19	1	-1/+1
\|/ / / / /
* \| \| \| \|	Sync Action Mailer release notes [ci skip]	Godfrey Chan	2014-08-18	1	-0/+9
\| \| \| \| \|
* \| \| \| \|	Sync Action View release notes [ci skip]	Godfrey Chan	2014-08-18	1	-0/+6
\| \| \| \| \|
* \| \| \| \|	Mention deprecation of assert_select and friends in the release notes [ci skip]	Godfrey Chan	2014-08-18	1	-0/+4
\| \| \| \| \|
* \| \| \| \|	Add missing require	Godfrey Chan	2014-08-18	1	-0/+2
\| \| \| \| \|
* \| \| \| \|	require 'test_help' -> require 'rails/test_help'	Sean Griffin	2014-08-18	1	-1/+1
\| \|_\|_\|/ \|/\| \| \|
* \| \| \|	Merge pull request #16542 from ↵	Rafael Mendonça França	2014-08-18	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	seamusabshere/numerify-pool-checkout-timeout-from-urls-4-1-stable Make sure :checkout_timeout and :dead_connection_timeout are numbers Conflicts: activerecord/lib/active_record/connection_adapters/abstract/connection_pool.rb
* \| \| \|	Merge pull request #16550 from ↵	Rafael Mendonça França	2014-08-18	1	-2/+2
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	eileencodes/remove-unnecessary-to_s-from-add_constraints-method Remove to_s from reflection.type in add_constraints
\| * \| \| \|	Remove to_s from reflection.type in add_constraints	eileencodes	2014-08-18	1	-2/+2
\|/ / / / \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The instance var is already saved as a string in the initialization method of AssociationReflection. See https://github.com/rails/rails/blob/master/activerecord/lib/active_record/reflection.rb#L273
* \| \| \|	Point to unreleased deprecated_sanitizer	Rafael Mendonça França	2014-08-18	1	-0/+1
\| \| \| \|
* \| \| \|	Removed warning	Rafael Mendonça França	2014-08-18	1	-1/+1
\| \| \| \|
* \| \| \|	Deprecate TagAssertion instead of removing	Rafael Mendonça França	2014-08-18	2	-1/+2
\| \| \| \|
* \| \| \|	Merge pull request #16548 from arthurnn/fix_warn_message	David Heinemeier Hansson	2014-08-18	1	-1/+1
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \|	Fix after_commit warning message
\| * \| \| \|	Fix after_commit warning message	Arthur Neves	2014-08-18	1	-1/+1
\|/ / / /
* \| \| \|	Merge pull request #16545 from jonatack/patch-9	Zachary Scott	2014-08-18	1	-1/+1
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \|	Fix broken link to Upgrading Ruby on Rails Guide [ci skip]