| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
method [ci skip]
Related to #30850
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When puma/puma#1403 is merged Puma will support the Early Hints status
code for sending assets before a request has finished.
While the Early Hints spec is still in draft, this PR prepares Rails to
allowing this status code.
If the proxy server supports Early Hints, it will send H2 pushes to the
client.
This PR adds a method for setting Early Hints Link headers via Rails,
and also automatically sends Early Hints if supported from the
`stylesheet_link_tag` and the `javascript_include_tag`.
Once puma supports Early Hints the `--early-hints` argument can be
passed to the server to enable this or set in the puma config with
`early_hints(true)`. Note that for Early Hints to work
in the browser the requirements are 1) a proxy that can handle H2,
and 2) HTTPS.
To start the server with Early Hints enabled pass `--early-hints` to
`rails s`.
This has been verified to work with h2o, Puma, and Rails with Chrome.
The commit adds a new option to the rails server to enable early hints
for Puma.
Early Hints spec:
https://tools.ietf.org/html/draft-ietf-httpbis-early-hints-04
[Eileen M. Uchitelle, Aaron Patterson]
|
| |
|
|
|
|
|
|
| |
Using the action_dispatch.cookies_rotations interface, key rotation is
now possible with cookies. Thus the secret_key_base as well as salts,
ciphers, and digests, can be rotated without expiring sessions.
|
| |
|
|
|
|
| |
[ci skip]
|
|
|
|
|
|
|
|
| |
* Documentation for Duration support added to signed/encrypted cookies
* Changelog entries for the duration support and expiry metadata added to cookies
[ci skip]
|
|
|
|
|
|
|
|
|
|
| |
In Rails engine `Rails.root `returns the path of the dummy application.
Therefore, there is no `tmp` directly where the test is running, so can
not get the screenshot.
For this reason, instead of directly specifying tmp, retrive screenshot by
relative path from the current directory.
Fixes #30405
|
|
|
|
| |
https://github.com/rails/rails/issues/30072
|
|
|
|
|
|
| |
Fixes a few grammar things.
[ci skip]
|
| |
|
|
|
|
|
|
|
|
| |
Rather than protecting from forgery in the generated
ApplicationController, add it to ActionController::Base by config. This
configuration defaults to false to support older versions which have
removed it from their ApplicationController, but is set to true for
Rails 5.2.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
drivers.
When using `driver_by` with capybara-webkit or poltergeist,
SystemTesting::Driver will register the driver while passing
`screen_size` and `options` parameteres.
`options` could contain any option supported by the underlying driver.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes encrypted cookies from AES in CBC HMAC mode to
Authenticated Encryption using AES-GCM. It also provides a cookie jar
to transparently upgrade encrypted cookies to this new scheme. Some
other notable changes include:
- There is a new application configuration value:
+use_authenticated_cookie_encryption+. When enabled, AEAD encrypted
cookies will be used.
- +cookies.signed+ does not raise a +TypeError+ now if the name of an
encrypted cookie is used. Encrypted cookies using the same key as
signed cookies would be verified and serialization would then fail
due the message still be encrypted.
|
|
|
|
|
| |
* Fix indentation.
* Add backticks.
|
| |
|
|
|
|
|
|
| |
* Remove trailing spaces.
* Add backticks around method and command.
* Fix indentation.
|
|
|
|
|
|
|
| |
Was looking through #28402, and realized the CHANGELOG.md entry is in the wrong
place. Sorry we didn't catch this during code review :cry:
[ci skip]
|
| |
|
|
|
|
|
|
| |
Reads easier, and removes extra tick marks.
[ci skip]
|
|
|
|
| |
`env` is undefined.
|
| |
|
| |
|
|
|
|
|
| |
- This PR adds the `reverse_merge` and `reverse_merge!` method to `ActionController::Parameters`
- Fixes #28353
|
| |
|
|
|
|
|
|
| |
This reverts commit 84c1b107b9daab90b3ccf520f0f09752e4eaf425.
Reverted #28283 so reverted it's changelog update as well.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ca324a0 the flash middleware was effectively removed by its
constructor returning the app it was passed and the `commit_flash`
call was moved to the `ActionController::Metal#dispatch` method.
This broke any redirect routes that modified the flash because the
redirect happens before `dispatch` gets called.
To fix it, this commit adds a `commit_flash` call in the `serve`
method of `ActionDispatch::Routing::Redirect`.
Fixes #27992.
|
| |
|
| |
|
| |
|
|\
| |
| | |
Implement custom url helpers and polymorphic mapping
|
| |
| |
| |
| |
| | |
Use a separate method called `resolve` for the custom polymorphic
mapping to clarify the API.
|
| |
| |
| |
| |
| |
| | |
Using `undef_method` means that when a route is removed any other
implementations of that method in the ancestor chain are inaccessible
so instead use `remove_method` which restores access to the ancestor.
|
| | |
|
|/
|
|
| |
[ci skip]
|
|
|
|
| |
[ci skip]
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
`Metal#env` --> `ActionController::Metal#env`
[ci skip]
|
| |
|
| |
|
|
|
|
|
|
|
| |
[ci skip]
- change a period to a comma
- add backticks for class + method
|
|
|
|
| |
[ci skip]
|
| |
|