Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge pull request #15692 from sromano/falseClass | Matthew Draper | 2014-06-14 | 1 | -1/+6 |
|\ | | | | | | | ActionController::Parameters#require now accepts FalseClass values | ||||
| * | ActionController::Parameters#require now accepts FalseClass values | Sergio Romano | 2014-06-13 | 1 | -0/+1 |
|/ | | | | Fixes #15685. | ||||
* | adds some details to the rationale of converted_arrays [ci skip] | Xavier Noria | 2014-06-07 | 1 | -0/+4 |
| | |||||
* | Revert "Convert StrongParameters cache to a hash. This fixes an unbounded" | Xavier Noria | 2014-06-07 | 1 | -6/+6 |
| | | | | | | | | | | | | | | | | | | | | We cannot cache keys because arrays are mutable. We rather want to cache the arrays. This behaviour is tailor-made for the usage pattern strongs params is designed for. In a forthcoming commit I am going to add a test that covers why we need to cache by value. Every strong params instance has a live span of a request, the cache goes away with the object. Since strong params have such a concrete intention, it would be interesting to see if there are actually any real-world use cases that are an actual leak, one that practically may matter. I am not convinced that the theoretical leak has any practical consequences, but if it can be shown there are, then I believe we should either get rid of the cache (which is an optimization), or else wipe it in the mutating API. This reverts commit e63be2769c039e4e9ada523a8497ce3206cc8a9b. | ||||
* | Avoid misuse of underscore argument | Corey Ward | 2014-06-05 | 1 | -2/+2 |
| | | | Per convention, underscore-only argument names should be used for unused parameters. | ||||
* | Convert StrongParameters cache to a hash. This fixes an unbounded | Ryan Davis | 2014-06-03 | 1 | -6/+6 |
| | | | | | | memory leak demonstrated on @tenderlove's latest blog post: http://tenderlovemaking.com/2014/06/02/yagni-methods-are-killing-me.html | ||||
* | Tiny doc fix for Strong Parameters | Ian C. Anderson | 2014-03-30 | 1 | -1/+1 |
| | | | - accepts_nested_attribute_for -> accepts_nested_attributes_for | ||||
* | Simple Sungularize ActionController::UnpermittedParameters error in case ↵ | Serj L | 2014-02-24 | 1 | -1/+1 |
| | | | | when only 1 parameter is unpermitted. | ||||
* | AC::Parameters#permit! permits hashes in array values | Xavier Noria | 2013-12-23 | 1 | -2/+4 |
| | |||||
* | optimizes array conversion in AC::Parameters | Xavier Noria | 2013-12-21 | 1 | -2/+12 |
| | |||||
* | refactors AC::Parameters#fetch | Xavier Noria | 2013-12-21 | 1 | -10/+3 |
| | | | | | | | | AC::Parameters#fetch was refactored in 7171111 to prevent self mutation, but in doing so it hardcodes logic #convert_hashes_to_parameters is supposed to encapsulate. Better leave the delegation, and add a way to avoid mutating self in there. | ||||
* | converts hashes in arrays of unfiltered params to unpermitted params [fixes ↵ | Xavier Noria | 2013-12-21 | 1 | -3/+10 |
| | | | | #13382] | ||||
* | Improve wording in AC::ParameterMissing error message | Guillermo Iguaran | 2013-11-02 | 1 | -1/+1 |
| | |||||
* | Revert "Merge pull request #9660 from ↵ | Guillermo Iguaran | 2013-11-02 | 1 | -23/+9 |
| | | | | | | | | | sebasoga/change_strong_parameters_require_behaviour" This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90. See: https://github.com/rails/rails/pull/9660#issuecomment-27627493 | ||||
* | Merge pull request #9660 from ↵ | Guillermo Iguaran | 2013-11-01 | 1 | -9/+23 |
|\ | | | | | | | | | sebasoga/change_strong_parameters_require_behaviour Change ActionController::Parameters#require behavior when value is empty | ||||
| * | Change ActionController::Parameters#require behavior when value is empty | Sebastian Sogamoso | 2013-03-11 | 1 | -9/+23 |
| | | | | | | | | | | When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading. With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty. | ||||
* | | don't mutate hash with fetch | Doug Cole | 2013-10-26 | 1 | -1/+8 |
| | | |||||
* | | Strong parameters should permit nested number as key. Closes #12293 | kennyj | 2013-09-27 | 1 | -1/+5 |
| | | |||||
* | | do not break params filtering on nil values | Vasiliy Ermolovich | 2013-09-07 | 1 | -1/+1 |
| | | | | | | | | closes #12149 | ||||
* | | Stop messing up with instance variables, use protected as it was meant for | Carlos Antonio da Silva | 2013-08-30 | 1 | -2/+7 |
| | | |||||
* | | Added data for permit array into scalar value | Rahul P. Chaudhari | 2013-08-05 | 1 | -0/+1 |
| | | |||||
* | | fixed missing comma in example | Ilya Vorontsov | 2013-04-24 | 1 | -1/+1 |
| | | |||||
* | | Fix some typos | Vipul A M | 2013-03-24 | 1 | -1/+1 |
| | | |||||
* | | Fix documentation markup [ci skip] | Rafael Mendonça França | 2013-03-23 | 1 | -0/+2 |
| | | |||||
* | | StringIO is not required by default in JRuby | Arun Agrawal | 2013-03-22 | 1 | -0/+1 |
|/ | |||||
* | Use the instrumentation framework to instrument Strong Params | Daniel Schierbeck | 2013-03-07 | 1 | -1/+2 |
| | |||||
* | Rack::Test::UploadedFile is a permitted scalar | Fabio Kreusch | 2013-02-21 | 1 | -3/+4 |
| | |||||
* | ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051] | Xavier Noria | 2013-01-23 | 1 | -2/+5 |
| | |||||
* | Only check for unpermmited parameters if | Rafael Mendonça França | 2013-01-22 | 1 | -1/+1 |
| | | | | action_on_unpermitted_parameters is present | ||||
* | avoid creating an object in every call | Xavier Noria | 2013-01-22 | 1 | -1/+2 |
| | | | | This was a suggestion of @carlosantoniodasilva, thanks! | ||||
* | Refactor grep call to remove .each | Carlos Antonio da Silva | 2013-01-20 | 1 | -1/+1 |
| | | | | Grep already yields the matching keys to the given block. | ||||
* | Use 1.9 hash style in docs/comments [ci skip] | Carlos Antonio da Silva | 2013-01-20 | 1 | -3/+3 |
| | |||||
* | Removing warning: shadowing outer local variable | Arun Agrawal | 2013-01-20 | 1 | -3/+3 |
| | |||||
* | strong parameters filters permitted scalars | Xavier Noria | 2013-01-20 | 1 | -22/+92 |
| | |||||
* | Restore and adapt the implementation reverted at | Rafael Mendonça França | 2013-01-19 | 1 | -19/+46 |
| | | | | | | https://github.com/rails/rails/commit/cc1c3c5be061e7572018f734e5239750ab449e3f Now instead of raise, we log by default in development and test | ||||
* | Added ability to raise or log on unpermitted params. | Thomas Drake-Brockman | 2013-01-20 | 1 | -0/+25 |
| | |||||
* | strong parameters exception handling | Brian Alexander | 2013-01-15 | 1 | -6/+0 |
| | |||||
* | Merge branch 'master' of github.com:lifo/docrails | Vijay Dev | 2013-01-09 | 1 | -1/+1 |
|\ | | | | | | | | | Conflicts: guides/source/getting_started.md | ||||
| * | prefer american spelling of 'behavior' | Gosha Arinich | 2013-01-07 | 1 | -1/+1 |
| | | |||||
* | | Revert "unpermitted params" exception -- it's just not going to work. See ↵ | David Heinemeier Hansson | 2013-01-08 | 1 | -49/+4 |
| | | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75. | ||||
* | | Never treat action or controller as unpermitted params | David Heinemeier Hansson | 2013-01-08 | 1 | -6/+15 |
| | | |||||
* | | improve StrongParameters documentation [ci skip] | Francesco Rodriguez | 2013-01-07 | 1 | -8/+7 |
| | | |||||
* | | These are already required through AS/rails | Akira Matsuda | 2013-01-06 | 1 | -1/+0 |
| | | | | | | | | | | | | | | * core_ext/object/blank * concern * core_ext/class/attribute * deprecation | ||||
* | | Wrong copy and paste :bomb: | Rafael Mendonça França | 2013-01-05 | 1 | -1/+1 |
| | | | | | | | | [ci skip] | ||||
* | | Add documentation to raise_on_unpermitted_parameters option | Rafael Mendonça França | 2013-01-05 | 1 | -2/+17 |
| | | | | | | | | [ci skip] | ||||
* | | Rename the configuration to raise_on_unpermitted_parameters | Rafael Mendonça França | 2013-01-05 | 1 | -9/+9 |
| | | | | | | | | Also changed the exception to UnpermittedParameters | ||||
* | | Allow developers to enable raising of exception when unexpected params are ↵ | Thomas Drake-Brockman | 2013-01-05 | 1 | -0/+22 |
| | | | | | | | | provided. | ||||
* | | Change docs to use update instead of update_attributes | Amparo Luna + Guillermo Iguaran | 2013-01-03 | 1 | -2/+2 |
|/ | |||||
* | Add missing require. | Rafael Mendonça França | 2012-12-13 | 1 | -0/+1 |
| | | | | | I was trying to use those files without Rails and that require was missing. | ||||
* | Replace comments' non-breaking spaces with spaces | claudiob | 2012-12-04 | 1 | -2/+2 |
| | | | | | | | | | | Sometimes, on Mac OS X, programmers accidentally press Option+Space rather than just Space and don’t see the difference. The problem is that Option+Space writes a non-breaking space (0XA0) rather than a normal space (0x20). This commit removes all the non-breaking spaces inadvertently introduced in the comments of the code. |