aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/CHANGELOG.md
Commit message (Collapse)AuthorAgeFilesLines
* tidy CHANGELOGs [ci skip]Yves Senn2014-01-301-2/+2
|
* Modify the session serializer implementationGuillermo Iguaran2014-01-301-7/+8
| | | | | Rename allowed options to :marshal and :json, for custom serializers only allow the use of custom classes.
* Update CHANGELOG properly with GH #13692 [ci-skip]Guillermo Iguaran2014-01-291-14/+14
|
* Allow session serializer key in config.session_storeLukasz Sarnacki2014-01-291-0/+14
| | | | | | | | | | | | | MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt.
* Log which keys were set to nil in deep_mungeLukasz Sarnacki2014-01-281-0/+8
| | | | | | | | deep_munge solves CVE-2013-0155 security vulnerability, but its behaviour is definately confuisng. This commit adds logging to deep_munge. It logs keys for which values were set to nil. Also mentions in guides were added.
* Clear filtered request attributes between requests in testsAndrew White2014-01-271-0/+7
| | | | | | | | The request attributes filtered_parameters, filtered_env and filtered_path are memoized for performance reasons. However this can cause unusual behavior in tests where there are multiple calls to get, post, etc. Fixes #13803.
* Fix `rake routes` error when `Rails::Engine` with empty routes is mounted; ↵Maurizio De Santis2014-01-241-0/+6
| | | | | | fixes rails/rails#13810 Squash
* Tidy up tests and CHANGELOG for #12598Andrew White2014-01-201-2/+13
|
* Automatically convert dashes to underscores for url helpersAmr Tamimi2014-01-201-0/+13
|
* Revert "Don't remove trailing slash from PATH_INFO for mounted apps"Piotr Sarnacki2014-01-161-6/+0
| | | | | | | The revert is needed because of a regression described in #13369, routes with trailing slash are no longer recognized properly. This reverts commit 50311f1391ddd8e0349d74eb57f04b7e0045a27d.
* Merge branch 'master' into laurocaetano-fix_send_fileAaron Patterson2014-01-101-3/+194
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master: (536 commits) doc, API example on how to use `Model#exists?` with multiple IDs. [ci skip] Restore DATABASE_URL even if it's nil in connection_handler test [ci skip] - error_messages_for has been deprecated since 2.3.8 - lets reduce any confusion for users Ensure Active Record connection consistency Revert "ask the fixture set for the sql statements" Check `respond_to` before delegation due to: https://github.com/ruby/ruby/commit/d781caaf313b8649948c107bba277e5ad7307314 Adding Hash#compact and Hash#compact! methods MySQL version 4.1 was EOL on December 31, 2009 We should at least recommend modern versions of MySQL to users. clear cache on body close so that cache remains during rendering add a more restricted codepath for templates fixes #13390 refactor generator tests to use block form of Tempfile Fix typo [ci skip] Move finish_template as the last public method in the generator Minor typos fix [ci skip] make `change_column_null` reversible. Closes #13576. create/drop test and development databases only if RAILS_ENV is nil Revert "Speedup String#to" typo fix in test name. [ci skip]. `core_ext/string/access.rb` test what we are documenting. Fix typo in image_tag documentation ... Conflicts: actionpack/CHANGELOG.md
| * add example to the CHANGELOG entry from 3a48b83e5 [ci skip].Yves Senn2014-01-061-2/+8
| | | | | | | | /cc @pixeltrix
| * quick formatting pass through CHANGELOGS. [ci skip].Yves Senn2014-01-061-6/+6
| |
| * Allow an absolute controller path inside a module scopeAndrew White2014-01-051-0/+4
| | | | | | | | Fixes #12777
| * Unique the segment keys array for non-optimized url helpersAndrew White2014-01-051-0/+12
| | | | | | | | | | | | | | | | | | | | In Rails 3.2 you only needed pass an argument for dynamic segment once so unique the segment keys array to match the number of args. Since the number of args is less than required parts the non-optimized code path is selected. This means to benefit from optimized url generation the arg needs to be specified as many times as it appears in the path. Fixes #12808
| * Show full route constraints in error messageAndrew White2014-01-051-0/+10
| | | | | | | | | | | | | | | | When an optimized helper fails to generate, show the full route constraints in the error message. Previously it would only show the contraints that were required as part of the path. Fixes #13592
| * Use a custom route vistor for optimized route generationAndrew White2014-01-051-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using a Regexp to replace dynamic segments in a path string is fraught with difficulty and can lead to odd edge cases like #13349. Since we already have a parsed representation of the path it makes sense to use that to generate an array of segments that can be used to build an optimized route's path quickly. Tests on a simple route (e.g. /posts/:id) show a speedup of 35%: https://gist.github.com/pixeltrix/8261932 Calculating ------------------------------------- Current Helper: 5274 i/100ms New Helper: 8050 i/100ms ------------------------------------------------- Current Helper: 79263.6 (±3.7%) i/s - 395550 in 4.997252s New Helper: 153464.5 (±4.9%) i/s - 772800 in 5.047834s Tests on a more complex route show even an greater performance boost: https://gist.github.com/pixeltrix/8261957 Calculating ------------------------------------- Current Helper: 2367 i/100ms New Helper: 5382 i/100ms ------------------------------------------------- Current Helper: 29506.0 (±3.2%) i/s - 149121 in 5.059294s New Helper: 78815.5 (±4.1%) i/s - 398268 in 5.062161s It also has the added benefit of fixing the edge cases described above. Fixes #13349
| * Allow engine root relative redirects using an empty string.Andrew White2014-01-011-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Example: # application routes.rb mount BlogEngine => '/blog' # engine routes.rb get '/welcome' => redirect('') This now redirects to the path `/blog`, whereas before it would redirect to the application root path. In the case of a path redirect or a custom redirect if the path returned contains a host then the path is treated as absolute. Similarly for option redirects, if the options hash returned contains a `:host` or `:domain` key then the path is treated as absolute. Fixes #7977
| * Merge pull request #13470 from strzalek/variants-all-anyDavid Heinemeier Hansson2013-12-311-0/+18
| |\ | | | | | | Add any/all support for variants
| | * Add any/all support for variantsŁukasz Strzałkowski2013-12-261-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Like `format.any`, you can do the same with variants. It works for both inline: respond_to do |format| format.html.any { render text: "any" } format.html.phone { render text: "phone" } end and block syntax: respond_to do |format| format.html do |variant| variant.any(:tablet, :phablet){ render text: "any" } variant.phone { render text: "phone" } end end
| * | Fix Encoding::CompatibilityError when public path is UTF-8Andrew White2013-12-291-0/+15
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | In #5337 we forced the path encoding to ASCII-8BIT to prevent static file handling from blowing up before an application has had chance to deal with possibly invalid urls. However this has a negative side effect of making it an incompatible encoding if the application's public path has UTF-8 characters in it. To work around the problem we check to see if the path has a valid encoding once it has been unescaped. If it is not valid then we can return early since it will not match any file anyway. Fixes #13518
| * AC::Parameters#permit! permits hashes in array valuesXavier Noria2013-12-231-0/+4
| |
| * Move the null mime type to request.formatCarlos Antonio da Silva2013-12-231-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TLDR: always return an object that responds to the query methods from request.format, and do not touch Mime::Type[] lookup to avoid bugs. --- Long version: The initial issue was about being able to do checks like request.format.html? for request with an unknown format, where request.format would be nil. This is where the issue came from at first in #7837 and #8085 (merged in cba05887dc3b56a46a9fe2779b6b228880b49622), but the implementation went down the path of adding this to the mime type lookup logic. This unfortunately introduced subtle bugs, for instance in the merged commit a test related to send_file had to be changed to accomodate the introduction of the NullType. Later another bug was found in #13064, related to the content-type being shown as #<Mime::NullType:...> for templates with localized extensions but no format included. This one was fixed in #13133, merged in 43962d6ec50f918c9970bd3cd4b6ee5c7f7426ed. Besides that, custom handlers were not receiving the proper template formats anymore when passing through the rendering process, because of the NullType addition. That was found while migrating an application from 3.2 to 4.0 that uses the Markerb gem (a custom handler that generates both text and html emails from a markdown template). --- This changes the implementation moving away from returning this null object from the mime lookup, and still fixes the initial issue where request.format.zomg? would raise an exception for unknown formats due to request.format being nil.
| * converts hashes in arrays of unfiltered params to unpermitted params [fixes ↵Xavier Noria2013-12-211-0/+6
| | | | | | | | #13382]
| * Merge pull request #13188 from imanel/skip_deep_mungeJeremy Kemper2013-12-191-0/+10
| |\ | | | | | | | | | | | | | | | | | | Add configuration option to optionally disable deep_munge Conflicts: actionpack/CHANGELOG.md
| | * Add configuration option to optionally disable deep_mungeBernard Potocki2013-12-051-0/+12
| | |
| * | Show routes defined under assets prefixRyunosuke SATO2013-12-191-0/+4
| | | | | | | | | | | | Closes #9625
| * | CSRF protection from cross-origin <script> tagsJeremy Kemper2013-12-171-0/+5
| | | | | | | | | | | | Thanks to @homakov for sounding the alarm about JSONP-style data leaking
| * | Merge pull request #13290 from strzalek/inline-syntax-docsRafael Mendonça França2013-12-121-0/+8
| |\ \ | | | | | | | | Variants inline syntax documentation
| | * | Variants inline syntax documentation [ci skip]Łukasz Strzałkowski2013-12-121-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | * Extend method documentation * Mention it in actionpack/CHANGELOG * Update release notes
| * | | Changelog improvements [ci skip]Carlos Antonio da Silva2013-12-121-4/+6
| |/ /
| * | Update CHANGELOG entry for Session#fetchTrent Ogren2013-12-111-3/+1
| | | | | | | | | | | | | | | This reverts the changes to CHANGELOG.md in commit 38f8872aa5fd8f0a1d0895e9eb41f73261acd040.
| * | Fix mounting engines inside a resources blockPiotr Sarnacki2013-12-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a route is mounted inside a resources block, it's automatically prefixed, so a following code: resources :users do mount Blog::Engine => '/blog' end will generate a user_blog path helper. In order to access engine helpers, we also use "mounted_helpers", a list of helpers associated with each mounted engine, so a path to blog's post can be generated using user_blog.post_path(user, post). The problem I'm fixing here is that mount used a raw :as option, without taking nestings into account. As a result, blog was added to a route set as a `user_blog`, but helper was generated for just `blog`. This commit applies the proper logic for defining a helper for a mounted engine nested in resources or resource block. (closes #8533)
| * | Add Mime::Type.register "text/vcard", :vcf to the default list of mime typesDavid Heinemeier Hansson2013-12-051-0/+4
| | |
| * | add missing CHANGELOG entry for d8c6f52. [ci skip]Yves Senn2013-12-051-0/+5
| | | | | | | | | | | | Discoverd by #13175.
| * | Escalate missing error when :raise is trueShota Fukumori (sora_h)2013-12-051-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before ec16ba75a5493b9da972eea08bae630eba35b62f, ActionView::Helpers::TranslationHelper#translate has raised errors with specifying options[:raise] to true. This should work by this fix: begin t(:"translations.missing", raise: true) rescue I18n::MissingTranslationData p :hello! end
| * | Update changelog [ci skip]Rafael Mendonça França2013-12-041-2/+2
| |/
| * Action Pack VariantsŁukasz Strzałkowski2013-12-041-0/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default, variants in the templates will be picked up if a variant is set and there's a match. The format will be: app/views/projects/show.html.erb app/views/projects/show.html+tablet.erb app/views/projects/show.html+phone.erb If request.variant = :tablet is set, we'll automatically be rendering the html+tablet template. In the controller, we can also tailer to the variants with this syntax: class ProjectsController < ActionController::Base def show respond_to do |format| format.html do |html| @stars = @project.stars html.tablet { @notifications = @project.notifications } html.phone { @chat_heads = @project.chat_heads } end format.js format.atom end end end The variant itself is nil by default, but can be set in before filters, like so: class ApplicationController < ActionController::Base before_action do if request.user_agent =~ /iPad/ request.variant = :tablet end end end This is modeled loosely on custom mime types, but it's specifically not intended to be used together. If you're going to make a custom mime type, you don't need a variant. Variants are for variations on a single mime types.
| * Changelog improvements [ci skip]Carlos Antonio da Silva2013-12-031-5/+5
| |
| * Merge branch 'format_localized_template' of https://github.com/acapilleri/railsGuillermo Iguaran2013-12-031-0/+9
| |\ | | | | | | | | | | | | Conflicts: actionpack/CHANGELOG.md
| | * Fix header Content-Type: #<Mime::NullType:...> in localized templateAngelo capilleri2013-12-031-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | This PR fixes #13064 regression bug introduced by the #8085 Now in _process_format when the format is a Mime::NullType nothing is written in self.content_type. In this way the method Response#assign_default_content_type_and_charset can write the the default mime_type.
| * | Try to escape each part of a path redirect route correctlyAndrew White2013-12-021-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A path redirect may contain any and all parts of a url which have different escaping rules for each part. This commit tries to escape each part correctly by splitting the string into three chunks - path (which may also include a host), query and fragment; then it applies the correct escape pattern to each part. Whilst using `URI.parse` would be better, unfortunately the possible presence of %{name} parameters in the path redirect string prevents us from using it so we have to use a regular expression instead. Fixes #13110.
* | | Fix stream closing when sending file with `ActionController::Live` included.Lauro Caetano2013-11-301-0/+6
|/ / | | | | | | Fixes #12381
* / first pass through CHANGELOGS to extract 4_1_release_notes. [ci skip]Yves Senn2013-11-281-5/+1
|/ | | | | | | | | | | | Extract **notable changes**, **deprecations** and **removals** from each CHANGELOG. I tried to reference the commits and pull requests for new features and deprecations. In the process I also made some minor changes to the CHANGELOGS. The 4_1_release_notes guide is declared WIP.
* Better error message for typos in assert_response argument.Victor Costan2013-11-251-0/+8
| | | | | This commit makes it really easy to debug errors due to typos like "assert_response :succezz".
* Improve changelogsCarlos Antonio da Silva2013-11-221-1/+1
| | | | | Also make Action Mailer changelog format more consistent with the others [ci skip]
* unify punctuation in Action Pack changelog. [ci skip]Yves Senn2013-11-211-5/+7
|
* Fix for routes taskSıtkı Bağdat2013-11-211-0/+4
| | | | This commit fixes formatting issue for `rake routes` task, when a section is shorter than a header.
* Fix CHANGELOG typo [ci skip]chocoby2013-11-151-1/+1
|
* Take Hash with options inside Array in #url_forAndrey Ognevsky2013-11-151-0/+9
|