aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal
Commit message (Collapse)AuthorAgeFilesLines
* Handle non-string authenticity tokensVille Lautanala2015-02-121-1/+1
| | | | Non-string authenticity tokens raised NoMethodError when decoding the masked token.
* Accept a collection in fresh_when and stale?claudiob2015-02-101-10/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The methods `fresh_when` and `stale?` from ActionController::ConditionalGet accept a single record as a short form for a hash. For instance ```ruby def show @article = Article.find(params[:id]) fresh_when(@article) end ``` is just a short form for: ```ruby def show @article = Article.find(params[:id]) fresh_when(etag: @article, last_modified: @article.created_at) end ``` This commit extends `fresh_when` and `stale?` to also accept a collection of records, so that a short form similar to the one above can be used in an `index` action. After this commit, the following code: ```ruby def index @article = Article.all fresh_when(etag: @articles, last_modified: @articles.maximum(:created_at)) end ``` can be simply written as: ```ruby def index @article = Article.all fresh_when(@articles) end ```
* Fix wrong kwarg "record" from #18872claudiob2015-02-101-1/+1
| | | | | | | | | | | | PR #18772 changed the parameters of `stale?` to use `kwargs`. [As for this comment](https://github.com/rails/rails/pull/18872/files#r24456288) the default value for the `etag` parameter should be `record`, not `nil`. This commit fixes the code and introduces a test that: - passed before #18872 - fails on the current master (after #18772) - passes again after setting the default value of `etag` to `record`.
* Convert stale? and fresh_when to use keyword arguments.Kasper Timm Hansen2015-02-101-12/+10
|
* Fixed undefined method error when doing authentication.Zhang Kai Yu2015-01-241-2/+2
|
* Add ActionController::Base.renderbrainopia2015-01-221-0/+3
|
* Add ActionController::Rendererbrainopia2015-01-221-0/+8
| | | | Render arbitrary templates outside of controller actions
* Add ActionController#build_with_envbrainopia2015-01-221-0/+6
| | | | | To have an easier way to setup a controller instance with custom environment
* Add `ActionController::Metal#set_request!`brainopia2015-01-211-2/+2
| | | | | Add `ActionController::Metal#set_request!` to set a request on controller instance without calling dispatch.
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-01-151-2/+2
|\
| * Better examples for fresh_when and stale?claudiob2015-01-061-2/+2
| | | | | | | | | | | | | | | | | | | | It is clearer and closer to reality to use `@article.updated_at` as the `:last_modified` parameter of `fresh_when` and `stale?`. Using `@article.created_at` would result in the cache never expiring, since the creation timestamp never changes. [ci skip]
* | Add prepend option to protect_from_forgery.Josef Šimánek2015-01-081-1/+8
| |
* | Remove ActionController::HideActions (closes #18336)brainopia2015-01-061-40/+0
| |
* | Improve protect_from_forgery documentation. [ci skip].Josef Šimánek2015-01-061-3/+3
| |
* | Document all options for protect_from_forgery.Josef Šimánek2015-01-041-8/+2
| | | | | | | | [ci skip]
* | Remove unused requireCarlos Antonio da Silva2015-01-041-1/+0
| | | | | | | | | | This was used by the respond_to/respond_with implementation on this file, which is now extracted to the responders gem.
* | Remove respond_to/respond_with placeholder methodsCarlos Antonio da Silva2015-01-041-20/+0
| | | | | | | | This functionality has been extracted to the responders gem.
* | Remove Struct#to_h backportRafael Mendonça França2015-01-041-1/+0
|/
* Merge pull request #17978 from kommen/fixed-pr-14903Rafael Mendonça França2015-01-021-4/+7
|\ | | | | | | | | | | | | Ensure append_info_to_payload is called even if an exception is raised. Conflicts: actionpack/CHANGELOG.md
| * Ensure append_info_to_payload is called even if an exception is raised.Dieter Komendera2014-12-101-4/+7
| | | | | | | | | | | | | | | | See: * https://github.com/rails/rails/pull/14903 * https://github.com/roidrage/lograge/issues/37 Some code by mxrguspxrt from #14903.
* | Correctly use the response's status code calling headRobin Dupret2014-12-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 20fece1 introduced the `_status_code` method to fix calls to `head :ok`. This method has been added on both ActionController::Metal and ActionDispatch::Response. As for the latter, this method is just equivalent to the `response_code` one so commit aefec3c removed it from the `Reponse` object so call to the `_status_code` method on an ActionController::Base instance would be handled by the `Metal` class (which `Base` inherits from) but the status code is not updated according to the response at this level. The fix is to actually rely on `response_code` for ActionController::Base instances but this method doesn't exist for bare Metal controllers so we need to define it.
* | stop referencing `env` in url_forAaron Patterson2014-12-301-1/+1
| | | | | | | | | | encapsulate env in the request so that we can eventually move away from the env hash
* | use methods on the request rather than direct hash accessAaron Patterson2014-12-301-2/+2
| | | | | | | | this will help decouple us from using the rack env hash
* | Remove single space response body for head requestPrathamesh Sonpatki2014-12-301-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - The single space response was added due to a bug in safari in https://github.com/rails/rails/commit/cb0f8fda9652c4d24d04693bdb82cecd3b067e5c and https://github.com/rails/rails/commit/807df4fcf021fc4d15972aa1c17ba7398d43ab0d. - This was removed from the `render nothing: true` in https://github.com/rails/rails/pull/14883. - Removing it from response of :head also. As :head is more obvious alternative to call `render nothing: true`(http://guides.rubyonrails.org/layouts_and_rendering.html#using-head-to-build-header-only-responses), removing it from head method also. - Closes #18253.
* | Minor documentation edits [ci skip]Robin Dupret2014-12-281-1/+1
| |
* | Update example test documentationBen Prew2014-12-281-4/+2
| | | | | | Example does not work with session headers, should use request headers. [ci skip]
* | Merge pull request #18102 from arthurnn/nodoc_constantArthur Nogueira Neves2014-12-191-0/+1
| | | | | | | | Add nodoc to some constants [skip ci]
* | Revert "Merge pull request #18003 from ↵Godfrey Chan2014-12-191-11/+6
| | | | | | | | | | | | | | | | | | | | sikachu/permit_all_parameters-thread-safety" This reverts commit da5cc10e945552da54234f858470238a3fc36767. Fixes #18091 See also https://github.com/rails/rails/pull/18003#commitcomment-9030909
* | Fix typo in nodoc should be `:nodoc:` for RDoc to parse correctlyZachary Scott2014-12-171-1/+1
| |
* | Merge pull request #18006 from sikachu/add-params-to_unsafe_hRafael Mendonça França2014-12-121-0/+6
|\ \ | | | | | | Add AC::Parameters#to_unsafe_h
| * | Add AC::Parameters#to_unsafe_hPrem Sichanugrist2014-12-121-0/+6
| |/ | | | | | | | | | | | | | | | | As suggested in #16299([1]), this method should be a new public API for retrieving unfiltered parameters from `ActionController::Parameters` object, given that `Parameters#to_hash` will no longer work in Rails 5.0+ as we stop inheriting `Parameters` from `Hash`. [1]: https://github.com/rails/rails/pull/16299#issuecomment-50220919
* / Make AC::Params.permit_all_parameters thread safePrem Sichanugrist2014-12-121-1/+10
|/ | | | | | | As discussed in #16299[1], this attribute is not thread safe and could potentially create a security issue. [1]: https://github.com/rails/rails/pull/16299#discussion_r15424533
* remove unused #await_closeSergey Alekseev2014-12-041-6/+0
| | | | | | | | | The method was added in https://github.com/rails/rails/commit/30d21dfcb7fafe49b3805b8249454485a90097b6#diff-5055d9f16b442adb1d2f0f65903a196bR141. With the method call in https://github.com/rails/rails/commit/30d21dfcb7fafe49b3805b8249454485a90097b6#diff-cc7bb557df2247c0a42bc180fdb6eb05R47. Later one more method call was added in https://github.com/rails/rails/commit/401787db4bc428dce88b04e343a64c6a6c3b681c#diff-cc7bb557df2247c0a42bc180fdb6eb05R183. And both method calls were deleted in https://github.com/rails/rails/commit/3df07d093a1e4207caa63fd2e3b67599211f5800#diff-cc7bb557df2247c0a42bc180fdb6eb05L47 and https://github.com/rails/rails/commit/3df07d093a1e4207caa63fd2e3b67599211f5800#diff-cc7bb557df2247c0a42bc180fdb6eb05L189. Just do `grep -nr 'await_close' .`.
* Pass symbol as an argument instead of a blockErik Michaels-Ober2014-11-291-1/+1
|
* Merge pull request #17186 from tgxworld/header_authentication_tokenMatthew Draper2014-11-271-2/+9
|\ | | | | | | Allow authentication header to not have to specify 'token=' key.
| * Allow authentication header to not have to specify 'token=' key.Guo Xiang Tan2014-10-101-2/+9
| | | | | | | | Fixes: https://github.com/rails/rails/issues/17108.
* | Wrap code snippets in +, not backticks, in sdocclaudiob2014-11-202-5/+5
| | | | | | | | | | | | | | | | I grepped the source code for code snippets wrapped in backticks in the comments and replaced the backticks with plus signs so they are correctly displayed in the Rails documentation. [ci skip]
* | Use request method instead of ActionDispatch::Request#request_method instead ↵Ilya Katz2014-11-201-1/+1
| | | | | | | | of ActionDispatch::Request#method to pick up overrides by the middleware
* | Removed documentation that still mentioned using respond_with in placeRobert Evans2014-11-052-18/+5
| | | | | | | | | | of respond_to. respond_with was moved into the responders gem and deprecated inside rails, so there is no need to mention it within rails itself.
* | Call gsub with a Regexp instead of a String for better performancePablo Herrero2014-11-011-1/+1
| |
* | let's warn with heredocsXavier Noria2014-10-281-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | The current style for warning messages without newlines uses concatenation of string literals with manual trailing spaces where needed. Heredocs have better readability, and with `squish` we can still produce a single line. This is a similar use case to the one that motivated defining `strip_heredoc`, heredocs are super clean.
* | UrlGenerationError are not catched as 404 anymoreJean Boussier2014-10-271-1/+1
| |
* | Use AS secure_compare for CSRF token comparisonGuillermo Iguaran2014-10-231-2/+2
| |
* | remove duplicate method (_status_code) in action_dispatchAbdelkader Boudih2014-10-191-1/+1
| |
* | Merge pull request #17302 from ↵Rafael Mendonça França2014-10-181-2/+2
| | | | | | | | | | | | claudiob/replace-slower-block-call-with-faster-yield Replace (slower) block.call with (faster) yield
* | Revert "Replace (slower) block.call with (faster) yield"Zachary Scott2014-10-181-2/+2
| | | | | | | | This reverts commit 0ab075e75f58bf403f7ebe20546c7005f35db1f6.
* | Replace (slower) block.call with (faster) yieldclaudiob2014-10-181-2/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | Performance optimization: `yield` with an implicit `block` is faster than `block.call`. See http://youtu.be/fGFM_UrSp70?t=10m35s and the following benchmark: ```ruby require 'benchmark/ips' def fast yield end def slow(&block) block.call end Benchmark.ips do |x| x.report('fast') { fast{} } x.report('slow') { slow{} } end # => fast 154095 i/100ms # => slow 71454 i/100ms # => # => fast 7511067.8 (±5.0%) i/s - 37445085 in 4.999660s # => slow 1227576.9 (±6.8%) i/s - 6145044 in 5.028356s ```
* Rephrasing sentencesNeeraj Singh2014-10-071-2/+2
|
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2014-09-281-6/+6
|\
| * Consistently markup etag options.Steven Harman2014-09-161-3/+3
| |