aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* enforce a depth limit on XML documentsAaron Patterson2015-06-163-10/+15
| | | | | | | XML documents that are too deep can cause an stack overflow, which in turn will cause a potential DoS attack. CVE-2015-3227
* Escape HTML entities in JSON keysRafael Mendonça França2015-06-162-0/+11
| | | | Fixes CVE-2015-3226
* Merge pull request #20578 from dcrec1/regressionSean Griffin2015-06-162-1/+5
|\ | | | | raise ActiveModel::MissingAttributeError when trying to access a relationship without the foreign key attribute
| * raise ActiveModel::MissingAttributeError when trying to access a ↵Diego Carrion2015-06-162-1/+5
|/ | | | | | | | relationship without the foreign key attribute fixes regression reported on #20253 ActiveRecord::Base#[] was not used cause of 8b95420
* Merge pull request #20572 from arthurnn/db_resetYves Senn2015-06-161-4/+1
|\ | | | | Small refactor on db:reset
| * Small refactor on db:resetArthur Neves2015-06-151-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | db:reset should not prematurely load the environment, so, for instance, if there is any initializer that touches th DB, it will not touch that before droping it. Also this makes the code simpler. This changed was made back in 15fb4302b6ff16e641b6279a3530eb8ed97f2899 , not sure why. But I am pretty much sure we should do it like this, as drop and setup should load its dependencies tasks if necessary.
* | remove `header=` on the response object.Aaron Patterson2015-06-153-13/+16
| | | | | | | | | | | | People should be free to mutate the header object, but not to set a new header object. That header object may be specific to the webserver, and we need to hide it's internals.
* | set the default charset in response initializeAaron Patterson2015-06-151-4/+12
| | | | | | | | | | this way we don't have to mutate the instance (as much) when writing a rack response
* | Merge pull request #20407 from vngrs/deprecate_implicit_status_for_head_methodMatthew Draper2015-06-165-12/+47
|\ \ | | | | | | Deprecate passing hash as first parameter into ActionController::Head
| * | Deprecate passing hash as first parameter into ActionController::HeadMehmet Emin İNAÇ2015-06-155-12/+47
| | |
* | | Merge pull request #20108 from akshay-vishnoi/button-tagArthur Nogueira Neves2015-06-152-2/+22
|\ \ \ | | | | | | | | Add missing spec and documentation for button_tag helper
| * | | Add missing spec and documentation for button_tag helperAkshay Vishnoi2015-05-242-2/+22
| | | |
* | | | Merge pull request #20257 from ↵Arthur Nogueira Neves2015-06-151-0/+6
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | prathamesh-sonpatki/test-for-serial-for-quoted-sequence Added test case for serial? method when sequence name is not quoted
| * | | Added test case for serial? method when sequence name is not quotedPrathamesh Sonpatki2015-05-221-0/+6
| | | | | | | | | | | | | | | | - Followup of https://github.com/rails/rails/pull/20190/.
* | | | Merge pull request #20107 from ankit8898/av_refac_record_tag_helperArthur Nogueira Neves2015-06-151-2/+1
|\ \ \ \ | | | | | | | | | | Removed not needed includes, As record_tag_helper is moved to a gem we..
| * | | | Removed not needed includes, As record_tag_helper is moved to a gem we are notAnkit Gupta2015-05-101-2/+1
| | | | | | | | | | | | | | | | | | | | testing is completely here now. RenderErbUtils and AM::Conversion are not used
* | | | | Merge pull request #20573 from kaspth/fix-caching-test-for-realskiesMatthew Draper2015-06-161-0/+1
|\ \ \ \ \ | | | | | | | | | | | | Fix flakyness.
| * | | | | Fix flakyness.Kasper Timm Hansen2015-06-151-0/+1
|/ / / / / | | | | | | | | | | | | | | | Brought on by my own stupidity :)
* | | | | i18n guide: warn about default_url_options caching and locale selectors [ci ↵Xavier Noria2015-06-151-4/+6
| | | | | | | | | | | | | | | | | | | | skip]
* | | | | document that default_url_options is cached per request [ci skip]Xavier Noria2015-06-151-1/+3
| | | | |
* | | | | Merge pull request #20564 from repinel/fix-generators-named-base-template-docArthur Nogueira Neves2015-06-151-2/+2
|\ \ \ \ \ | | | | | | | | | | | | [ci skip] Fix the Rails::Generators::NamedBase#template doc
| * | | | | [ci skip] Fix the Rails::Generators::NamedBase#template docRoque Pinel2015-06-151-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since #13612, `template` is no longer being used to generate migrations.
* | | | | | Merge pull request #20440 from repinel/fix-message-verifier-encoding-issueMatthew Draper2015-06-162-1/+2
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | Fix the message verifier encoding issue
| * | | | | Fix the message verifier encoding issueRoque Pinel2015-06-142-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ```ruby verifier = ActiveSupport::MessageVerifier.new('secret') verifier.verify("\xff") # => ArgumentError: invalid byte sequence in UTF-8 ```
* | | | | | Merge pull request #20016 from steved/sdavidovitz/abort_if_pendingArthur Nogueira Neves2015-06-151-1/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | make sure to load_config for db:abort_if_pending_migrations
| * | | | | | make sure to load_config for db:abort_if_pending_migrationsSteven Davidovitz2015-05-041-1/+1
| | | | | | |
* | | | | | | A few documentation edits [ci skip]Robin Dupret2015-06-153-12/+14
| | | | | | |
* | | | | | | Merge pull request #20563 from repinel/fix-inflector-testMatthew Draper2015-06-161-86/+68
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix inflector test by using dup inflections when it needs to be changed
| * | | | | | | Fix inflector test by using dup inflections when it needs to be changedRoque Pinel2015-06-151-86/+68
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is not something that is failing at the moment, but can do it eventually. I had the issue with db62081 as the HEAD and with the following change: ``` --- a/activesupport/test/inflector_test.rb +++ b/activesupport/test/inflector_test.rb @@ -101,6 +101,7 @@ class InflectorTest < ActiveSupport::TestCase def test_acronyms ActiveSupport::Inflector.inflections do |inflect| inflect.acronym("API") + inflect.acronym("HTM") inflect.acronym("HTML") inflect.acronym("HTTP") inflect.acronym("RESTful") ``` I was expecting only `test_acronyms` to fail, but with a specific `seed` others were also failing: `ruby -w -I"lib:test" test/inflector_test.rb --seed 4313`. Now, `inflections` instance is duplicated on `setup` and restored on `teardown`. I decided to benchmark and check the impact of the patch and it seems to me to be fine. ``` Calculating ------------------------------------- without changes 1.000 i/100ms with setup dup 1.000 i/100ms with block dup 1.000 i/100ms ------------------------------------------------- without changes 0.817 (± 0.0%) i/s - 5.000 in 6.119916s with setup dup 0.784 (± 0.0%) i/s - 4.000 with block dup 0.797 (± 0.0%) i/s - 4.000 ``` Where `with setup dup` duplicates on setup for each test and `with block` duplicates for just for tests that actually modify `inflections`.
* | | | | | | A pass over the API application guide [ci skip]Robin Dupret2015-06-151-375/+348
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix a few remaining typos * Wrap lines to 80 chars * Fix the conversion from Textile to Markdown * Update the part about `Rack::Cache` which isn't included anymore and speak about Active Support's provided middleware * Remove references to out-of-date methods and middlewares (e.g. respond_with) and update the list of modules and middlewares to match the actual code-base. * Remove the middleware's description and links to the Rack guide
* | | | | | | pg guide, explain the state of using UUID primary keys. Closes #20518.Yves Senn2015-06-151-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ci skip] The PostgreSQL 9.4 docs suggest to use `pgcrypto`. Howerver `create_table id: :uuid` will still default to `uuid_generate_v4()`
* | | | | | | make `remove_index :table, :column` reversible.Yves Senn2015-06-155-14/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This used to raise a `IrreversibleMigration` error (since #10437). However since `remove_index :table, :column` is probably the most basic use-case we should make it reversible again. Conflicts: activerecord/CHANGELOG.md
* | | | | | | quick pass over changelogs. [ci skip]Yves Senn2015-06-152-7/+8
| | | | | | |
* | | | | | | Merge pull request #20550 from maurogeorge/add_reference-rdocYves Senn2015-06-151-0/+3
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add RDoc about add_reference to ActiveRecord::Migration [ci skip]
| * | | | | | | Add RDoc about add_reference to ActiveRecord::MigrationMauro George2015-06-131-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ci skip]
* | | | | | | | Merge pull request #20562 from 8398a7/change_link_gembundlerRafael Mendonça França2015-06-154-4/+4
|\ \ \ \ \ \ \ \ | |_|_|_|/ / / / |/| | | | | | | Updated bundler link [ci skip]
| * | | | | | | Updated bundler link [ci skip]8392015-06-154-4/+4
|/ / / / / / /
* | | | | | | Merge pull request #20559 from mtsmfm/fix-header-modification-by-sslGuillermo Iguaran2015-06-142-1/+12
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | ActionDispatch::SSL should keep original header's behavior
| * | | | | | | ActionDispatch::SSL should keep original header's behaviorFumiaki MATSUSHIMA2015-06-142-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `ActionDispatch::SSL` changes headers to `Hash`. So some headers will be broken if there are some middlewares on ActionDispatch::SSL and if it uses `Rack::Utils::HeaderHash`.
* | | | | | | | Merge pull request #20558 from prathamesh-sonpatki/missing-header-wordKasper Timm Hansen2015-06-141-1/+1
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Add missing "header" word in documentation of Token#authentication_request [ci skip]
| * | | | | | | | Add missing "header" word in documentation of Token#authentication_request ↵Prathamesh Sonpatki2015-06-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ci skip]
* | | | | | | | | Merge pull request #20560 from vngrs/wrong_doc_of_active_jobMatthew Draper2015-06-151-19/+0
|\ \ \ \ \ \ \ \ \ | |_|/ / / / / / / |/| | | | | | | | Wrong documentation about Rails autoload on active_jobs_basics doc [ci skip]
| * | | | | | | | Wrong documentation about Rails autoload on active_jobs_basics doc [ci skip]Mehmet Emin İNAÇ2015-06-141-19/+0
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | By default Rails automaticaly loads all files under the app directory
* | | | | | | | Merge pull request #20548 from maurogeorge/collection_check_boxes-rdoc-gotchaZachary Scott2015-06-141-0/+21
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Add gotcha to RDoc of collection_check_boxes
| * | | | | | | | Add gotcha to RDoc of collection_check_boxesMauro George2015-06-131-0/+21
| | |/ / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | [ci skip]
* | | | | | | | Merge pull request #20511 from ZeroMax-dev/masterZachary Scott2015-06-141-12/+41
|\ \ \ \ \ \ \ \ | |_|_|_|/ / / / |/| | | | | | | Extended 'Active Job Basics' guide with more detailed information
| * | | | | | | Extended 'Active Job Basics' edge guide with more detailed information and ↵Andreas Metzger2015-06-141-12/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | an additional step [ci skip] Normalized use of 'queueing'/'queuing' in the document.
* | | | | | | | Merge pull request #20554 from kuldeepaggarwal/fix/enum_docsKasper Timm Hansen2015-06-141-1/+1
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | [ci skip] fix typo mistake
| * | | | | | | | [ci skip] fix typo mistakeKuldeep Aggarwal2015-06-141-1/+1
|/ / / / / / / /
* | | | | | | | Merge pull request #20553 from jhubert/patch-1Kasper Timm Hansen2015-06-141-1/+1
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | [ci skip] Fix the dynamic fixtures example
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 12:29:13 +0000