| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
| |
This is a follow up to #15058.
This exception is regularly raised during development. This means it will enter
the user realm. We should provide an API page to show that this exception is public API.
/cc @schneems
|
| |
|
|
|
|
|
|
|
|
|
| |
This will avoid directory traversal in implicit render.
Fixes: CVE-2014-0130
Conflicts:
actionpack/lib/abstract_controller/base.rb
|
|
|
|
| |
There are too many "action name" variables around the process method.
|
| |
|
|
|
|
| |
closes #14125
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an option for sending a raw content back to browser. Note that
this rendering option will unset the default content type and does not
include "Content-Type" header back in the response.
You should only use this option if you are expecting the "Content-Type"
header to not be set. More information on "Content-Type" header can be
found on RFC 2616, section 7.2.1.
Please see #12374 for more detail.
|
|
|
|
|
| |
Previously, requiring action_view/view_paths did cause an uninitialized
constant error for ENCODING_FLAG, which is defined in action_view.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TLDR: always return an object that responds to the query methods from
request.format, and do not touch Mime::Type[] lookup to avoid bugs.
---
Long version:
The initial issue was about being able to do checks like
request.format.html? for request with an unknown format, where
request.format would be nil.
This is where the issue came from at first in #7837 and #8085
(merged in cba05887dc3b56a46a9fe2779b6b228880b49622), but the
implementation went down the path of adding this to the mime type
lookup logic.
This unfortunately introduced subtle bugs, for instance in the merged
commit a test related to send_file had to be changed to accomodate the
introduction of the NullType.
Later another bug was found in #13064, related to the content-type being
shown as #<Mime::NullType:...> for templates with localized extensions
but no format included. This one was fixed in #13133, merged in
43962d6ec50f918c9970bd3cd4b6ee5c7f7426ed.
Besides that, custom handlers were not receiving the proper template
formats anymore when passing through the rendering process, because of
the NullType addition. That was found while migrating an application
from 3.2 to 4.0 that uses the Markerb gem (a custom handler that
generates both text and html emails from a markdown template).
---
This changes the implementation moving away from returning this null
object from the mime lookup, and still fixes the initial issue where
request.format.zomg? would raise an exception for unknown formats due to
request.format being nil.
|
|\ |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Retain ActionPack dependency on ActionView. Fixes #12979.
|
| | | |
|
|/ /
| |
| |
| |
| | |
Avoid one-liner conditionals when they are too big. Avoid concatenating
strings to build error messages. Improve messages a bit.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default, variants in the templates will be picked up if a variant is set
and there's a match. The format will be:
app/views/projects/show.html.erb
app/views/projects/show.html+tablet.erb
app/views/projects/show.html+phone.erb
If request.variant = :tablet is set, we'll automatically be rendering the
html+tablet template.
In the controller, we can also tailer to the variants with this syntax:
class ProjectsController < ActionController::Base
def show
respond_to do |format|
format.html do |html|
@stars = @project.stars
html.tablet { @notifications = @project.notifications }
html.phone { @chat_heads = @project.chat_heads }
end
format.js
format.atom
end
end
end
The variant itself is nil by default, but can be set in before filters, like
so:
class ApplicationController < ActionController::Base
before_action do
if request.user_agent =~ /iPad/
request.variant = :tablet
end
end
end
This is modeled loosely on custom mime types, but it's specifically not
intended to be used together. If you're going to make a custom mime type,
you don't need a variant. Variants are for variations on a single mime
types.
|
|
|
|
|
|
|
| |
constant.
`view_assigns` can use the precalculated sets and remove instance
variables without allocating any extra arrays
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The methods:
* #render_to_body
* #render_to_string
* #_normalize_render
Haven't had anything specyfic to ActionView. This was common code which should belong to AbstractController
|
| |
|
|
|
|
| |
This reverts commit 7de994fa215e9f4c2856d85034bc4dd7b65d0c01.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
This interface should be use when implementing renderers.
|
|
|
|
| |
This reverts commit 6fe91ec5008838338e54ab8570f7c95ee0cdd8e8.
|
|
|
|
| |
Since all rendering stuff was extracted to AV, the only thing that left was single class with error so file name wasn't relevant anymore
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
:only and :except options for controller filters are now added before
:if and :unless. This prevents running :if and :unless procs when not
on the specified. Closes #11786.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When helper try to require missing file rails will throw exception about
missing helper.
# app/helpers/my_helper.rb
require 'missing'
module MyHelper
end
And when we try do load helper
class ApplicationController
helper :my
end
Rails will throw exception. This is wrong because there is a helper
file.
Missing helper file helpers/my_helper.rb
Now when helper try to require non-existed file rails will throw proper
exception.
No such file to load -- missing
|
| |
|
| |
|
| |
|