aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal
Commit message (Collapse)AuthorAgeFilesLines
...
* | Spelling/typo/grammatical fixes [ci skip]karanarora2015-05-234-5/+5
| | | | | | | | | | | | | | | | | | | | spelling fix [ci skip] example to be consistent [ci skip] grammatical fix typo fixes [ci skip]
* | [ci skip] Remove comments about Rails 3.1claudiob2015-05-112-5/+4
|/ | | | | | | | | Stems from https://github.com/rails/rails/pull/20105#issuecomment-100900939 where @senny said: > From my point of view, all the docs (guides, API) are version bound. > They should describe that version and continue to be available when newer versions are released. > The cross referencing can be done by the interested user.
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-05-081-1/+1
|\
| * Add missing "of" to RequestForgeryProtection doc.Hendy Tanata2015-04-271-1/+1
| | | | | | | | [ci skip]
* | Give authentication methods the ability to customize response message.Keenan Brock2015-05-031-14/+16
| | | | | | | | Digest allowed the messages. Add the same feature to basic and token
* | Updated request_forgery_protection docs [ci skip]Prathamesh Sonpatki2015-04-281-5/+6
| | | | | | | | | | | | - Changed Javascript to JavaScript. - Added full-stop which was missing, also wrapped the sentence to 80 chars. - Changed proc to Proc and oauth to OAuth.
* | Tiny optimization of http auth Realm unquotingStrech (Sergey Fedorov)2015-04-141-2/+2
|/
* Add note regarding CSRF for APIs, as a use-case for skipping it [ci skip]Zachary Scott2015-04-121-0/+4
|
* Apply comments from @jeremy regarding why HTML and Javascript requestsZachary Scott2015-04-121-0/+5
| | | | | | specifically are checked for CSRF, when dealing with the browser. [ci skip]
* update request_forgery_protection docs [ci skip]Vladimir Lyzo2015-04-121-7/+8
|
* Revert "Merge pull request #19682 from ↵Santiago Pastorino2015-04-121-1/+1
| | | | | | | supercaracal/fix_force_ssl_redirection_flash_error" This reverts commit d215620340be7cb29e2aa87aab22da5ec9e6e6a7, reversing changes made to bbbbfe1ac02162ecb5e9a7b560134a3221f129f3.
* fix fails to force_ssl_redirection if session_store is disabledTaishi Kasuga2015-04-091-1/+1
|
* Merge pull request #19666 from mikej/masterSantiago Pastorino2015-04-061-1/+1
|\ | | | | fix missing "if" in API docs for ActionController::Parameters#permit
| * fix missing "if" in API docs for ActionController::Parameters#permitMichael Josephson2015-04-061-1/+1
| |
* | Fix ActionPack tests after changes to missing template loggereileencodes2015-04-061-1/+1
|/ | | | | | | | | After merging #19377 ActionPack tests were missing a require for `ActiveSupport::LogSubscriber::TestHelper` and change didn't take into account that logger could be nil. Added the require and only log to info if logger exists. This wasn't caught earlier because these tests only run after a merge.
* head no_content when there is no template or action performedStephen Bussey2015-04-051-1/+6
|
* Fix a few typos [ci skip]Robin Dupret2015-04-051-3/+3
|
* Freeze static arguments for gsubbrainopia2015-04-022-3/+3
|
* Prefer string patterns for gsubbrainopia2015-04-022-3/+3
| | | | | | | | | | | | | | | | | https://github.com/ruby/ruby/pull/579 - there is a new optimization since ruby 2.2 Previously regexp patterns were faster (since a string was converted to regexp underneath anyway). But now string patterns are faster and better reflect the purpose. Benchmark.ips do |bm| bm.report('regexp') { 'this is ::a random string'.gsub(/::/, '/') } bm.report('string') { 'this is ::a random string'.gsub('::', '/') } bm.compare! end # string: 753724.4 i/s # regexp: 501443.1 i/s - 1.50x slower
* Merge pull request #19544 from shuhei/fix-parameters-const-missingXavier Noria2015-03-281-1/+1
|\ | | | | Return super in ActionController::Parameters.const_missing
| * Return super in ActionController::Parameters.const_missingShuhei Kagawa2015-03-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current implementation of ActionController::Parameters.const_missing returns `ActionController::Parameters.always_permitted_parameters` even if its `super` returns a constant without raising error. This prevents its subclass in a autoloading module/class from taking advantage of autoloading constants. class SomeParameters < ActionController::Parameters def do_something DefinedSomewhere.do_something end end In the code above, `DefinedSomewhere` is to be autoloaded with `Module.const_missing` but `ActionController::Parameters.const_missing` returns `always_permitted_parameters` instead of the autoloaded constant. This pull request fixes the issue respecting `const_missing`'s `super`.
* | Provide friendlier access to request variantsGeorge Claghorn2015-03-241-6/+7
|/ | | | Closes #18933.
* Return true from head methodJoel Hayhurst2015-03-121-0/+2
| | | | | | It was returning false in normal circumstances. This broke the `head :ok and return if` construct. Add appropriate test.
* Fix documentation of url_for module [ci skip]Prathamesh Sonpatki2015-03-061-1/+4
| | | | | | | | | | | - The request needs to be instance of ActionDispatch::Request or an object that responds to host, optional_port, protocol and symbolized_path_parameter. - This documentation was correctly added in https://github.com/rails/rails/commit/e3b3f416b57f5642ea25078485f7e9394ad04526 but was changed to https://github.com/rails/rails/commit/e1ceae576e3911f3e6708b5d19a0e3ef63769eb7. - Fixes #16160.
* Doc fix [ci skip]Sushruth Sivaramakrishnan2015-03-051-1/+1
|
* Doc fix [ci skip]Sushruth Sivaramakrishnan2015-03-051-1/+1
|
* Doc fix [ci skip]Sushruth Sivaramakrishnan2015-03-051-1/+1
|
* Tiny documentation edits [ci skip]Robin Dupret2015-03-031-1/+1
|
* [ci skip] Add documentation for Helpers#all_helpers_from_pathAnton Davydov2015-03-031-0/+4
|
* Removed non-standard and unused require 'active_support/deprecation' from ↵Vipul A M2015-02-271-1/+0
| | | | parts out of active_support.
* Try only to decode stringsRafael Mendonça França2015-02-181-2/+4
| | | | | This approach will avoid us to check for NoMethodError when trying to decode
* Merge pull request #18917 from lautis/non-string-csrf-tokenRafael Mendonça França2015-02-181-1/+1
|\ | | | | | | Handle non-string authenticity tokens
| * Handle non-string authenticity tokensVille Lautanala2015-02-121-1/+1
| | | | | | | | Non-string authenticity tokens raised NoMethodError when decoding the masked token.
* | Tiny documentation edits [ci skip]Robin Dupret2015-02-151-3/+3
| |
* | Implement http_cache_forever to ActionControllerArthur Neves2015-02-151-0/+18
|/ | | | | | | | | Add http_cache_forever to ActionController, so we can cache results forever. Things like static pages are a good candidate for this type of caching. This cache only controls caching headers, so it is up to the browser to cache those requests.
* Accept a collection in fresh_when and stale?claudiob2015-02-101-10/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The methods `fresh_when` and `stale?` from ActionController::ConditionalGet accept a single record as a short form for a hash. For instance ```ruby def show @article = Article.find(params[:id]) fresh_when(@article) end ``` is just a short form for: ```ruby def show @article = Article.find(params[:id]) fresh_when(etag: @article, last_modified: @article.created_at) end ``` This commit extends `fresh_when` and `stale?` to also accept a collection of records, so that a short form similar to the one above can be used in an `index` action. After this commit, the following code: ```ruby def index @article = Article.all fresh_when(etag: @articles, last_modified: @articles.maximum(:created_at)) end ``` can be simply written as: ```ruby def index @article = Article.all fresh_when(@articles) end ```
* Fix wrong kwarg "record" from #18872claudiob2015-02-101-1/+1
| | | | | | | | | | | | PR #18772 changed the parameters of `stale?` to use `kwargs`. [As for this comment](https://github.com/rails/rails/pull/18872/files#r24456288) the default value for the `etag` parameter should be `record`, not `nil`. This commit fixes the code and introduces a test that: - passed before #18872 - fails on the current master (after #18772) - passes again after setting the default value of `etag` to `record`.
* Convert stale? and fresh_when to use keyword arguments.Kasper Timm Hansen2015-02-101-12/+10
|
* Fixed undefined method error when doing authentication.Zhang Kai Yu2015-01-241-2/+2
|
* Add ActionController::Base.renderbrainopia2015-01-221-0/+3
|
* Add ActionController::Rendererbrainopia2015-01-221-0/+8
| | | | Render arbitrary templates outside of controller actions
* Add ActionController#build_with_envbrainopia2015-01-221-0/+6
| | | | | To have an easier way to setup a controller instance with custom environment
* Add `ActionController::Metal#set_request!`brainopia2015-01-211-2/+2
| | | | | Add `ActionController::Metal#set_request!` to set a request on controller instance without calling dispatch.
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-01-151-2/+2
|\
| * Better examples for fresh_when and stale?claudiob2015-01-061-2/+2
| | | | | | | | | | | | | | | | | | | | It is clearer and closer to reality to use `@article.updated_at` as the `:last_modified` parameter of `fresh_when` and `stale?`. Using `@article.created_at` would result in the cache never expiring, since the creation timestamp never changes. [ci skip]
* | Add prepend option to protect_from_forgery.Josef Šimánek2015-01-081-1/+8
| |
* | Remove ActionController::HideActions (closes #18336)brainopia2015-01-061-40/+0
| |
* | Improve protect_from_forgery documentation. [ci skip].Josef Šimánek2015-01-061-3/+3
| |
* | Document all options for protect_from_forgery.Josef Šimánek2015-01-041-8/+2
| | | | | | | | [ci skip]
* | Remove unused requireCarlos Antonio da Silva2015-01-041-1/+0
| | | | | | | | | | This was used by the respond_to/respond_with implementation on this file, which is now extracted to the responders gem.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 06:17:44 +0000