| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Make cache max-age durations self-explanatory
|
| | |
|
|\ \
| | |
| | | |
Pass over changelogs
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
They are not part of the public API
|
|\ \ \
| |_|/
|/| | |
Update example in Http::Headers object to use `.from_hash`
|
|/ /
| |
| | |
When initializing an `ActionDispatch::Http::Headers` object it takes a request object (Rails 5) whereas before it took a hash (Rails 4.x) but the documented example still shows a hash given to the constructor (due to commit 34fa6658dd1b779b21e586f01ee64c6f59ca1537) so this is just a documentation change to use the new `from_hash` method introduced in that earlier commit.
|
|\ \
| | |
| | | |
Ensure values are strings before calling gsub
|
|/ / |
|
|\ \
| | |
| | | |
[ci skip] Fix the wrong ActionCable documentation in the guide.
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
[ci skip] Add documentation to Parameter Encoding
|
| |/ / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix unsafe query generation risk.
Redo of CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155
CVE-2016-6317
|
|\ \ \
| | | |
| | | | |
Creating a new Topic class instead of class_eval for the existing one
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
since it affects another test `ReflectionTest#test_read_attribute_names`
Address #26099
|
|\ \ \
| | | |
| | | | |
Fix warning: ambiguous first argument
|
|/ / / |
|
|/ /
| |
| |
| |
| |
| | |
Many helpers mark content as HTML-safe without escaping double quotes -- including `sanitize`. Regardless of whether or not the attribute values are HTML-escaped, we want to be sure they don't include double quotes, as that can cause XSS issues. For example: `content_tag(:div, "foo", title: sanitize('" onmouseover="alert(1);//'))`
CVE-2016-6316
|
|\ \
| | |
| | | |
add missing require rake
|
| | |
| | |
| | |
| | |
| | | |
In ff8035dfeed8c86594c32ef8e9204806e190cb58, require rake is deferred.
Therefore, it is necessary to require rake even `Engine::CommandsTasks.
|
|\ \ \
| |/ /
|/| | |
Fix actionview test failure
|
|/ /
| |
| |
| | |
Caused by #26092.
|
|\ \
| | |
| | | |
Minor doc fix related to ActiveModel::SecurePassword [ci skip]
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
Thinking .. relative to files is not natural, we are used
to think "parent of a directory", and we have __dir__
nowadays.
|
|\ \ \
| | | |
| | | | |
Add documentation for `http_cache_forever`. [ci skip]
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Allow specifying encoding of parameters by action
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
At GitHub we need to handle parameter encodings that are not UTF-8. This
patch allows us to specify encodings per parameter per action.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Fix a NoMethodError schema_statements.rb
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If you call `remove_index` with wrong options, say a type, like I did,
you get:
```
== 20160810072541 RemoveUniqueIndexOnGoals: migrating =========================
-- remove_index(:goal, {:coulmn=>:kid_id, :unique=>true})
rails aborted!
StandardError: An error has occurred, this and all later migrations canceled:
undefined method `ArgumentError' for #<ActiveRecord::ConnectionAdapters::PostgreSQLAdapter:0x007fb7dec91b28>
```
What happened is that I mistyped column (coulmn) and got a
`NoMethodError`, because of a missing comma during the raise. This made
Ruby think we're calling the method `ArgumentError`.
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In c546a2b parameter handling in AC test cases was changed to
round tripping through encoders/decoders so that they matched
reality and in 0adb8f8 the old methods were removed but the
`html_format?` method was overlooked.
|
|\ \ \ \
| |_|/ /
|/| | | |
Fix broken alignments caused by auto-correct commit 411ccbd
|
|/ / /
| | |
| | |
| | | |
Hash syntax auto-correcting breaks alignments. 411ccbdab2608c62aabdb320d52cb02d446bb39c
|
|\ \ \
| | | |
| | | | |
Document know limitation about using `references` in conjunction with custom select clauses [ci skip]
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | | |
loading causing it to ignore custom select clauses.
[ci skip]
Fixes #24314
|
|\ \ \
| |/ /
|/| | |
Add link to 'Pry' in debugging guide [ci skip]
|
| | | |
|
|\ \ \
| |_|/
|/| | |
update list of rescue_responses default [ci skip]
|
|/ /
| |
| |
| | |
Follow up to fe859a54219740fa8b4e09a592820d2ee12ba222
|
| | |
|
|\ \
| | |
| | | |
Use `FETCH FIRST` for Oracle12 and test `ROWNUM <=` for Oracle 11g or older version to test sql limit behavior
|
|/ /
| |
| |
| |
| | |
also test `ROWNUM <=` for Oracle 11g or older version of Oracle and Oracle visitor
Oracle 12c database and Arel Oracle12 visitor supports better top N query.
|
| |
| |
| |
| |
| |
| |
| | |
This code has too much duplication and the rationale for the concatenation
may not be obvious to the reader. You define the ones at class-level, explain
why does the code concatenates there, and then the convenience ones at
instance-level just delegate.
|
|\ \
| | |
| | |
| | | |
Fix `thread_mattr_accessor` share variable superclass with subclass
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The current implementation of `thread_mattr_accessor` set variable
sharing superclass with subclass. So the method doesn't work as documented.
Precondition
class Account
thread_mattr_accessor :user
end
class Customer < Account
end
Account.user = "DHH"
Account.user #=> "DHH"
Customer.user = "Rafael"
Customer.user # => "Rafael"
Documented behavior
Account.user # => "DHH"
Actual behavior
Account.user # => "Rafael"
Current implementation set variable statically likes `Thread[:attr_Account_user]`,
and customer also use it.
Make variable name dynamic to use own thread-local variable.
|
| | | |
|