| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| |
| |
| |
| | |
This is the compination of #10057 and 10534.
Closes #10320
|
| | |
|
| |\
| | |
| | |
| | |
| | |
| | |
| | | |
Escape of U+2028 and U+2029 in the JSON Encoder
Conflicts:
activesupport/lib/active_support/json/encoding.rb
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
U+2028 and U+2029 are allowed inside strings in JSON (as all literal
Unicode characters) but JavaScript defines them as newline
seperators. Because no literal newlines are allowed in a string, this
causes a ParseError in the browser. We work around this issue by
replacing them with the escaped version. The resulting JSON is still
valid and can be parsed in the browser.
This commit has been coauthored with Viktor Kelemen @yikulju
|
| | |
| | |
| | |
| | |
| | | |
Since Ruby 2.0 is UTF-8 by default we need to explictly say that the
encoding of this file is US-ASCII
|
|/| |
| | |
| | |
| | | |
Escape multibyte line terminators in JSON encoding
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, json/encoding respects the JSON spec (as it should) which
disallows \n and \r inside strings, escaping them as expected.
Unfortunately, ECMA-262 (Javascript) disallows not only \n and \r in
strings, but "Line Terminators" which includes U+2028 and U+2029.
See here: http://bclary.com/2004/11/07/#a-7.3
This pull request adds U+2028 and U+2029 to be escaped.
# Why?
It's very common to see something like this in a Rails template:
<script type="text/javascript">
var posts = <%= @posts.to_json %>;
</script>
If U+2028 or U+2029 are part of any attributes output in the to_json
call, you will end up with an exception.
In Chrome: Uncaught SyntaxError: Unexpected token ILLEGAL
# Why not?
This is JSON encoding, and the JSON spec is specific about how to
encode strings. U+2028 and U+2029 don't get special treatment.
Just trying to start a discussion... what do you do in your apps
to deal with this? Is there a convention I'm missing?
|
|\ \ \
| | | |
| | | | |
Cleanup finder methods
|
| | | |
| | | |
| | | |
| | | | |
#join_associations.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
is always a new object.
Thanks to the #except we call at the top of the method.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
to pair it closely with its motivation.
|
|/ / /
| | |
| | |
| | | |
used at all on non-postgres adapters.
|
| | | |
|
|\ \ \
| | | |
| | | | |
Fix that #exists? can produce invalid SQL: "SELECT DISTINCT DISTINCT"
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The combination of a :uniq => true association and the #distinct call
in #construct_limited_ids_condition combine to create invalid SQL, because
we're explicitly selecting DISTINCT, and also sending #distinct on to AREL,
via the relation#distinct_value.
Rather than build a select distinct clause in #construct_limited_ids_condition,
I set #distinct! and pass just the columns into the select statement.
This requires introducing a #columns_for_distinct method to return the
select columns but not the statement itself.
|
|\ \ \ \
| | | | |
| | | | | |
Don't try to EXPLAIN select_db calls
|
|/ / / / |
|
|\ \ \ \
| | | | |
| | | | | |
Can you improve the commit message a little bit? It's good to describe why the change is happening.
|
| | | | | |
|
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Suppose Man has_many interests, and inverse_of is used.
Man.first.interests.first.man will correctly execute two queries,
avoiding the need for a third query when Interest#man is called. This is
because CollectionAssociation#first calls set_inverse_instance.
However Man.first.interests.where("1=1").first.man will execute three
queries, even though this is obviously a subset of the records in the
association.
This is because calling where("1=1") spawns a new Relation object from
the CollectionProxy object, and the Relation has no knowledge of the
association, so it cannot set the inverse instance.
This commit solves the problem by making relations spawned from
CollectionProxies return a new Relation subclass called
AssociationRelation, which does know about associations. Records loaded
from this class will get the inverse instance set properly.
Fixes #5717.
Live commit from La Conf! :sparkles:
|
|\ \ \ \
| |/ / /
|/| | | |
[ci skip] document protect_against_forgery? method
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
remove redundant var
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
remove variable and fix warning
|
| |/ / / / |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Require different core extensions correctly.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The begin rescue block is specifically to catch LoadError while loading
i18n gem. Other core extensions, under active support, should be
required outside of the begin rescue block.
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
rails -> Rails [ci skip]
|
|/ / / / / |
|
|/ / / / |
|
| | | |
| | | |
| | | |
| | | | |
for their status, by default, not the message from the underlying exception
|
|\ \ \ \
| | | | |
| | | | | |
Extraction to enable fixing #10421
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In order to fix #10421 I need to enable merge to take an option
so that relations could be merged without making the last where
condition to win.
That fix would forever reside in 4-0-stable branch and would not be
merged to master since using scope without lambda has been deprecated.
In this commit I have extracted code into a method and I think it
makes code look better. Hence the request to merge it in both
master and 4-0-stable.
If there is any concern then this code can be merged only in
4-0-stable and that would be fine too.
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| |_|_|/
|/| | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* polycb:
separate identification computation
separate filters from source code
if the callbacks are not the same class, they cannot be duplicates
fix object comparison case
polymorphic comparison operator
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Using define method instead of class eval when defining model callbacks.
|