| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Previously rendering a partial without giving :object or :collection
would generate a local variable with the partial name by default.
This was noticed due to warnings in Ruby 2.0 of not used variables,
which turned out to be the generation of not used variables inside
partials that do not contain objects related to them.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Proxy servers add X-Forwarded-For headers, resulting in a list of IPs. We
remove trusted IP values, and then take the last given value, assuming that
it is the most likely to be the correct, unfaked value. See [1] for a very
thorough discussion of why that is the best option we have at the moment.
[1]: http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection/
Fixes #7979
|
| |
|
| |
|
| |
|
|
|
|
| |
This is version of #8640 for master
|
| |
|
|
|
|
|
|
|
| |
1) Failure:
test_head_created_with_image_png_content_type(RenderTest) [test/controller/render_test.rb:1238]:
Expected: "image/png"
Actual: "image/png; charset=utf-8"
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If a request has an unknown format, the methods html?, xml?, json? ...etc
not raise an Exception.
This patch add a class Mime::NullType, that is returned when request.format is unknown
and it responds false to the methods that ends with '?' and true to 'nil?'.
It refers to #7837, this issue is considered a improvement not a bug.
|
|
|
| |
I missed attribution on this :flushed:
|
|
|
|
|
|
|
|
| |
Move the Journey code underneath the ActionDispatch namespace so
that we don't pollute the global namespace with names that may
be used for models.
Fixes rails/journey#49.
|
| |
|
|
|
|
|
|
| |
Removes support for :encode, :replace_at, and :replace_dot
options from the mail_to helper. Support for these options
has been extracted to the 'actionview-encoded_mail_to' gem.
|
|
|
|
| |
closes #8388
|
| |
|
|\
| |
| |
| | |
Removed :if / :unless conditions to fragment cache in favour of *cache_i...
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
cache_if(condition, option, &block) and cache_unless(condition, option, &block).
In the PR #8371 was introduced conditional options :if and :unless in
the cache method.
Example:
<%= cache @model, if: some_condition(@model) do %>
...
<%end%>
This is a good feature but *cache_if* and and *cache_unless*
are more concise and close to the standard of rails view helpers
(ex: link_to_if and link_to_unless).
Example:
<%= cache_if condition, @model do %>
...
<%end%>
|
| |
| |
| |
| |
| | |
Remove all the old url helper methods when clear! is called on the
route set because it's possible that some routes have been removed.
|
|/
|
|
|
|
|
|
|
|
| |
This doesn't actually remove old url helper methods as they are
defined in a different module.
This reverts commit 96bcef947bf713b7d9fc88f26dff69f568111262.
Conflicts:
actionpack/CHANGELOG.md
|
|
|
|
|
|
|
|
|
| |
If env['RAW_POST_DATA'] is nil, #raw_post will attempt to set it to
the result of #body (which will return env['rack.input'] if
env['RAW_POST_DATA'] is nil). #raw_post will then attempt to rewind
the result of another call to #body. Since env['RAW_POST_DATA'] has
already been set, the result of #body is not env['rack.input'] anymore.
This causes env['rack.input'] to never be rewound.
|
| |
|
|\
| |
| | |
Prevent raising EOFError on multipart GET request.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Such request can happen on Internet Explorer. When we redirect
after multipart form submission, the request type is changed
to GET, but Content-Type is preserved as multipart. GET request
cannot have multipart body and that caused Rails to fail.
It's similar fix to Rack's one:
https://github.com/chneukirchen/rack/blob/8025a4ae9477d1e6231344c2b7d795aa9b3717b6/lib/rack/request.rb#L224
|
| | |
|
|/ |
|
|
|
|
| |
This reverts commit c59734f756b79c39486c45273d2cc5d42cd0c864.
|
|
|
|
|
|
|
|
|
|
| |
This commit inverts the precedence in ActionDispatch::Static so that
dynamic content will be served before static content. This is so that
precompiled assets do not inadvertently get included when running in
development mode - it should have no effect in production where static
files are usually handled by the web server.
Closes #6421
|
|
|
|
| |
[Stephen Ausman + Fabrizio Regini]
|
| |
|
|
|
|
|
|
| |
be ignored. A regular expression constraint gets overwritten when the
routes.rb file is processed. Changed the overwriting to an ||= instead
of an = assignment.
|
| |
|
|
|
|
| |
[ci skip]
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
This was forgotten when we did the merge.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
For instance, it prevents false positive in this case:
file = nil
get :index
assert_template("#{file}")
|
|
|
|
| |
[ci skip]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Was surprising found that this example doesn't work:
scope :api do
resources :users
end
and the right form to use it is:
scope 'api' do
resources :users
end
I think this should work similary as `namespace` where both are allowed.
These two are equivalent:
namespace :api do
resources :users
end
namespace 'api' do
resources :user
end
|
|
|
|
| |
Merge url for tests and add changelog entry for #8233.
|
|
|
|
|
|
|
|
| |
This resolves issues when rendering nested partials.
Previously the `PartialRenderer` was reused which led to
situations where the state of the renderer was reset.
Closes #8197
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is a list of mime types where template text is not html escaped
by default. It prevents `Jack & Joe` from rendering as
`Jack & Joe` for the whitelisted mime types. The default whitelist
contains text/plain.
This follows a whitelist approach where plain text templates are
not escaped, and all the others (json, xml) are. The mime type is
assumed to be set by the abstract controller.
|