aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal/strong_parameters.rb
Commit message (Collapse)AuthorAgeFilesLines
* adds some details to the rationale of converted_arrays [ci skip]Xavier Noria2014-06-071-0/+4
|
* Revert "Convert StrongParameters cache to a hash. This fixes an unbounded"Xavier Noria2014-06-071-6/+6
| | | | | | | | | | | | | | | | | | | | We cannot cache keys because arrays are mutable. We rather want to cache the arrays. This behaviour is tailor-made for the usage pattern strongs params is designed for. In a forthcoming commit I am going to add a test that covers why we need to cache by value. Every strong params instance has a live span of a request, the cache goes away with the object. Since strong params have such a concrete intention, it would be interesting to see if there are actually any real-world use cases that are an actual leak, one that practically may matter. I am not convinced that the theoretical leak has any practical consequences, but if it can be shown there are, then I believe we should either get rid of the cache (which is an optimization), or else wipe it in the mutating API. This reverts commit e63be2769c039e4e9ada523a8497ce3206cc8a9b.
* Avoid misuse of underscore argumentCorey Ward2014-06-051-2/+2
| | | Per convention, underscore-only argument names should be used for unused parameters.
* Convert StrongParameters cache to a hash. This fixes an unboundedRyan Davis2014-06-031-6/+6
| | | | | | memory leak demonstrated on @tenderlove's latest blog post: http://tenderlovemaking.com/2014/06/02/yagni-methods-are-killing-me.html
* Tiny doc fix for Strong ParametersIan C. Anderson2014-03-301-1/+1
| | | - accepts_nested_attribute_for -> accepts_nested_attributes_for
* Simple Sungularize ActionController::UnpermittedParameters error in case ↵Serj L2014-02-241-1/+1
| | | | when only 1 parameter is unpermitted.
* AC::Parameters#permit! permits hashes in array valuesXavier Noria2013-12-231-2/+4
|
* optimizes array conversion in AC::ParametersXavier Noria2013-12-211-2/+12
|
* refactors AC::Parameters#fetchXavier Noria2013-12-211-10/+3
| | | | | | | | AC::Parameters#fetch was refactored in 7171111 to prevent self mutation, but in doing so it hardcodes logic #convert_hashes_to_parameters is supposed to encapsulate. Better leave the delegation, and add a way to avoid mutating self in there.
* converts hashes in arrays of unfiltered params to unpermitted params [fixes ↵Xavier Noria2013-12-211-3/+10
| | | | #13382]
* Improve wording in AC::ParameterMissing error messageGuillermo Iguaran2013-11-021-1/+1
|
* Revert "Merge pull request #9660 from ↵Guillermo Iguaran2013-11-021-23/+9
| | | | | | | | | sebasoga/change_strong_parameters_require_behaviour" This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90. See: https://github.com/rails/rails/pull/9660#issuecomment-27627493
* Merge pull request #9660 from ↵Guillermo Iguaran2013-11-011-9/+23
|\ | | | | | | | | sebasoga/change_strong_parameters_require_behaviour Change ActionController::Parameters#require behavior when value is empty
| * Change ActionController::Parameters#require behavior when value is emptySebastian Sogamoso2013-03-111-9/+23
| | | | | | | | | | When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading. With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty.
* | don't mutate hash with fetchDoug Cole2013-10-261-1/+8
| |
* | Strong parameters should permit nested number as key. Closes #12293kennyj2013-09-271-1/+5
| |
* | do not break params filtering on nil valuesVasiliy Ermolovich2013-09-071-1/+1
| | | | | | | | closes #12149
* | Stop messing up with instance variables, use protected as it was meant forCarlos Antonio da Silva2013-08-301-2/+7
| |
* | Added data for permit array into scalar valueRahul P. Chaudhari2013-08-051-0/+1
| |
* | fixed missing comma in exampleIlya Vorontsov2013-04-241-1/+1
| |
* | Fix some typosVipul A M2013-03-241-1/+1
| |
* | Fix documentation markup [ci skip]Rafael Mendonça França2013-03-231-0/+2
| |
* | StringIO is not required by default in JRubyArun Agrawal2013-03-221-0/+1
|/
* Use the instrumentation framework to instrument Strong ParamsDaniel Schierbeck2013-03-071-1/+2
|
* Rack::Test::UploadedFile is a permitted scalarFabio Kreusch2013-02-211-3/+4
|
* ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051]Xavier Noria2013-01-231-2/+5
|
* Only check for unpermmited parameters ifRafael Mendonça França2013-01-221-1/+1
| | | | action_on_unpermitted_parameters is present
* avoid creating an object in every callXavier Noria2013-01-221-1/+2
| | | | This was a suggestion of @carlosantoniodasilva, thanks!
* Refactor grep call to remove .eachCarlos Antonio da Silva2013-01-201-1/+1
| | | | Grep already yields the matching keys to the given block.
* Use 1.9 hash style in docs/comments [ci skip]Carlos Antonio da Silva2013-01-201-3/+3
|
* Removing warning: shadowing outer local variable Arun Agrawal2013-01-201-3/+3
|
* strong parameters filters permitted scalarsXavier Noria2013-01-201-22/+92
|
* Restore and adapt the implementation reverted atRafael Mendonça França2013-01-191-19/+46
| | | | | | https://github.com/rails/rails/commit/cc1c3c5be061e7572018f734e5239750ab449e3f Now instead of raise, we log by default in development and test
* Added ability to raise or log on unpermitted params.Thomas Drake-Brockman2013-01-201-0/+25
|
* strong parameters exception handlingBrian Alexander2013-01-151-6/+0
|
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-01-091-1/+1
|\ | | | | | | | | Conflicts: guides/source/getting_started.md
| * prefer american spelling of 'behavior'Gosha Arinich2013-01-071-1/+1
| |
* | Revert "unpermitted params" exception -- it's just not going to work. See ↵David Heinemeier Hansson2013-01-081-49/+4
| | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75.
* | Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-081-6/+15
| |
* | improve StrongParameters documentation [ci skip]Francesco Rodriguez2013-01-071-8/+7
| |
* | These are already required through AS/railsAkira Matsuda2013-01-061-1/+0
| | | | | | | | | | | | | | * core_ext/object/blank * concern * core_ext/class/attribute * deprecation
* | Wrong copy and paste :bomb:Rafael Mendonça França2013-01-051-1/+1
| | | | | | | | [ci skip]
* | Add documentation to raise_on_unpermitted_parameters optionRafael Mendonça França2013-01-051-2/+17
| | | | | | | | [ci skip]
* | Rename the configuration to raise_on_unpermitted_parametersRafael Mendonça França2013-01-051-9/+9
| | | | | | | | Also changed the exception to UnpermittedParameters
* | Allow developers to enable raising of exception when unexpected params are ↵Thomas Drake-Brockman2013-01-051-0/+22
| | | | | | | | provided.
* | Change docs to use update instead of update_attributesAmparo Luna + Guillermo Iguaran2013-01-031-2/+2
|/
* Add missing require.Rafael Mendonça França2012-12-131-0/+1
| | | | | I was trying to use those files without Rails and that require was missing.
* Replace comments' non-breaking spaces with spacesclaudiob2012-12-041-2/+2
| | | | | | | | | | Sometimes, on Mac OS X, programmers accidentally press Option+Space rather than just Space and don’t see the difference. The problem is that Option+Space writes a non-breaking space (0XA0) rather than a normal space (0x20). This commit removes all the non-breaking spaces inadvertently introduced in the comments of the code.
* hash filters should be accessed with symbols or stringsFrancesco Rodriguez2012-11-301-3/+5
|
* Fix Strong Parameters docs.Uģis Ozols2012-11-271-2/+1
| | | | | It's only possible to inherit from ActiveRecord::Base and not include it.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 16:59:37 +0000