| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Yesterday, when improving how `parsed_body` extracted a parser I wrote
77bbf1e. Then I thought that was too many changes in one commit
and broke it up locally... or so I thought.
When pushed the extra commits removed the changes! Wups!
In shame, lob those changes together here:
* 3b94c38 which meant to fix the CHANGELOG syntax error.
* 5007df5 which meant to mention `parsed_body` in the docs.
* 036a7a0 which meant to memoize the `parsed_body`.
|
|
|
|
|
|
|
| |
Add more info about the APIs added and how they work.
Use string keys when comparing the parsed response, like how JSON would
be parsed.
|
|
|
| |
since starting with Rails 5.x(beta) we prefer to use rails as the replacement of rake commands, may be change log will be the same
|
|
|
|
|
|
| |
- Fixed related documentation and usage all around
Fixes #23561
|
|
|
|
|
| |
Forgot to add this in the original pull request. No biggie, just show
some examples.
|
| |
|
|
|
| |
fix indentation to show it as code
|
|
|
|
|
|
| |
And improve changelongs.
[ci skip]
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add two options: `-c` and `-g`.
`-g` option returns the urls name, verb and path fields that match the pattern.
`-c` option returns the urls for specific controller.
Fixes #18902, and Fixes #20420
[Anton Davydov & Vipul A M]
|
|
|
|
|
|
| |
Based on https://github.com/rails/rails/pull/23167/files#r50507317
[ci skip]
|
|
|
|
| |
See bug #21032.
|
|
|
|
| |
ActionDispatch::Http::Cache::Response#etag= such that etags set in fresh_when and stale? are weak. For #17556.
|
| |
|
| |
|
|
|
|
|
| |
Also, refactor logic to convert between symbol and response code,
via the AssertionResponse class
|
| |
|
| |
|
|
|
|
|
|
|
| |
- `CONTROLLER` argument can now be supplied in different ways (Rails::WelcomeController, Rails::Welcome, rails/welcome)
- If `CONTROLLER` argument was supplied but it does not exist, will warn the user that this controller does not exist
- If `CONTROLLER` argument was supplied and no routes could be found matching this filter, will warn the user that no routes were found matching the supplied filter
- If no routes were defined in the config/routes.rb file, will warn the user with the original message
|
|
|
|
|
|
|
|
| |
- Earlier only Hash was allowed as params argument to url_helpers.
- Now ActionController::Parameters instances will also be allowed.
- If the params are not secured then it will raise an ArgumentError to
indicate that constructing URLs with non-secure params is not recommended.
- Fixes #22832.
|
| |
|
| |
|
|
|
|
|
|
|
| |
- AC::Parameters#convert_parameters_to_hashes should return filtered or
unfiltered values based on whether it is called from `to_h` or `to_unsafe_h`
instead of always defaulting to `to_h`.
- Fixes #22841
|
|
|
|
| |
Fixes #22818
|
|
|
|
| |
[ci skip]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During the `5.0.0.beta1` release, the CHANGELOGs got an entry like the
following:
```
* No changes.
```
It is kinda confusing as there are indeed changes after it. Not a
biggie, just a small pass over the CHANGELOGs.
[ci skip]
|
| |
|
|
|
|
|
|
|
| |
Applications that use `redirect_to :back` can be forced to 500 by
clients that do not send the HTTP `Referer` (sic) header.
`redirect_back` requires the user to consider this possibility up front
and avoids this trivially-caused application error.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`redirect_to :back` is a somewhat common pattern in Rails apps, but it
is not completely safe. There are a number of circumstances where HTTP
referrer information is not available on the request. This happens often
with bot traffic and occasionally to user traffic depending on browser
security settings.
When there is no referrer available on the request, `redirect_to :back`
will raise `ActionController::RedirectBackError`, usually resulting in
an application error.
`redirect_back` takes a required `fallback_location` keyword argument
that specifies the redirect when the referrer information is not
available. This prevents 500 errors caused by
`ActionController::RedirectBackError`.
|
|
|
|
| |
So that it appears correctly in the CHANGELOG on github.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Rails 5.1 `ActionController::TestCase` will be moved out of Rails
into it's own gem.
Please use `ActionDispatch::IntegrationTest` going foward.
Because this will be moved to a gem I used `# :stopdoc:` instead of
deleting the documentation. This will remove it from the Rails
documentation but still leave the method documented for when we move it
to a gem.
Guides have been updated to use the routing structure used in Integration
and all test examples have been updated to inherit from
`ActionDispatch::IntegrationTest` instead of `ActionController::TestCase.
Fixes #22496
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per this comment
https://github.com/rails/rails/pull/18334#issuecomment-69234050 we want
`protect_from_forgery` to default to `prepend: false`.
`protect_from_forgery` will now be insterted into the callback chain at the
point it is called in your application. This is useful for cases where you
want to `protect_from_forgery` after you perform required authentication
callbacks or other callbacks that are required to run after forgery protection.
If you want `protect_from_forgery` callbacks to always run first, regardless of
position they are called in your application, then you can add `prepend: true`
to your `protect_from_forgery` call.
Example:
```ruby
protect_from_forgery prepend: true
```
|
| |
|
|\
| |
| | |
In url_for, never append ? when the query string is empty anyway.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It used to behave like this:
url_for(controller: 'x', action: 'y', q: {})
# -> "/x/y?"
We previously avoided empty query strings in most cases by removing
nil values, then checking whether params was empty. But as you can
see above, even non-empty params can yield an empty query string. So
I changed the code to just directly check whether the query string
ended up empty.
(To make everything more consistent, the "removing nil values"
functionality should probably move to ActionPack's Hash#to_query, the
place where empty hashes and arrays get removed. However, this would
change a lot more behavior.)
|
|/
|
|
|
|
|
| |
The configuration for `config.static_cache_control`, and its replacement
`config.public_file_server.headers` are implemented in Railties.
People would configure this in environment files, which is Railties domain too.
|
|
|
|
| |
This reverts commit 9f93a5efbba3e1cbf0bfa700a17ec8d1ef60d7c6.
|
|
|
|
|
|
| |
rather than an action name and *args. The *args were not being used in regular
applications outside tests. This causes a backwards compatibility
issue, but reduces array allocations for most users.
|
| |
|
|
|
|
| |
parse RSS/ATOM responses as XML, not HTML
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this change, given a route:
# config/routes.rb
get ':a' => "foo#bar"
If one pointed to http://example.com/%BE (param `a` has invalid encoding),
a `BadRequest` would be raised with the following non-informative message:
ActionController::BadRequest
From now on the message displayed is:
Invalid parameter encoding: hi => "\xBE"
Fixes #21923.
|
|\
| |
| |
| | |
Add basic support for access control headers to ActionDispatch::Static
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Now ActionDispatch::Static can accept HTTP headers so that developers
will have control of returning arbitrary headers like
'Access-Control-Allow-Origin' when a response is delivered. They can
be configured through `#config.public_file_server.headers`:
config.public_file_server.headers = {
"Cache-Control" => "public, max-age=60",
"Access-Control-Allow-Origin" => "http://rubyonrails.org"
}
Also deprecate `config.static_cache_control` in favor of
`config.public_file_server.headers`.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When an application has multiple root entries with different
constraints, the current solution is to use `get '/'`. Example:
**Currently I have to do:**
```ruby
get '/', to: 'portfolio#show', constraints: ->(req) { Hostname.portfolio_site?(req.host) }
get '/', to: 'blog#show', constraints: ->(req) { Hostname.blog_site?(req.host) }
root 'landing#show'
```
**But I would like to do:**
```ruby
root 'portfolio#show', constraints: ->(req) { Hostname.portfolio_site?(req.host) }
root 'blog#show', constraints: ->(req) { Hostname.blog_site?(req.host) }
root 'landing#show'
```
Other URL matchers such as `get`, `post`, etc, already allows this, so I
think it's fair that `root` also allow it since it's just a shortcut for
a `get` internally.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When generating the url for a mounted engine through its proxy, the path should be the sum of three parts:
1. Any `SCRIPT_NAME` request header or the value of `ActionDispatch::Routing::RouteSet#relative_url_root`.
2. A prefix (the engine's mounted path).
3. The path of the named route inside the engine.
Since commit https://github.com/rails/rails/commit/44ff0313c121f528a68b3bd21d6c7a96f313e3d3, this has been broken. Step 2 has been changed to:
2. A prefix (the value of `ActionDispatch::Routing::RouteSet#relative_url_root` + the engine's mounted path).
The value of `ActionDispatch::Routing::RouteSet#relative_url_root` is taken into account in step 1 of the route generation and should be ignored when generating the mounted engine's prefix in step 2.
This commit fixes the regression by having `ActionDispatch::Routing::RouteSet#url_for` check `options[:relative_url_root]` before falling back to `ActionDispatch::Routing::RouteSet#relative_url_root`. The prefix generating code then sets `options[:relative_url_root]` to an empty string. This empty string is used instead of `ActionDispatch::Routing::RouteSet#relative_url_root` and avoids the duplicate `relative_url_root` value in the final result.
This resolves #20920 and resolves #21459
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rails 4.x and earlier didn't support `Mime::Type[:FOO]`, so libraries
that support multiple Rails versions would've had to feature-detect
whether to use `Mime::Type[:FOO]` or `Mime::FOO`.
`Mime[:foo]` has been around for ages to look up registered MIME types
by symbol / extension, though, so libraries and plugins can safely
switch to that without breaking backward- or forward-compatibility.
Note: `Mime::ALL` isn't a real MIME type and isn't registered for lookup
by type or extension, so it's not available as `Mime[:all]`. We use it
internally as a wildcard for `respond_to` negotiation. If you use this
internal constant, continue to reference it with `Mime::ALL`.
Ref. efc6dd550ee49e7e443f9d72785caa0f240def53
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I'm making this change so that I can construct response objects that
*don't* have the default headers applied. For example, I would like to
construct a response object from the return value of a controller.
If you need to construct a response object with the default headers,
then please use the alternate constructor:
`ActionDispatch::Response.create`
|
| | |
|
| | |
|