aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal
Commit message (Collapse)AuthorAgeFilesLines
...
* | adding some docsAaron Patterson2012-07-291-1/+26
| |
* | Controller actions are processed in a separate thread for liveAaron Patterson2012-07-291-2/+26
| | | | | | | | | | | | | | | | | | | | responses. Processing controller actions in a separate thread allows us to work around the rack api - we can allow the user to set status and headers, then block until the first bytes are written. As soon as the first bytes are written, the main thread can return the status, headers, and (essentially) a queue for the body.
* | raise exceptions on header set after response committedAaron Patterson2012-07-291-0/+21
| |
* | added live responses which can be written and read in separate threadsAaron Patterson2012-07-291-0/+42
| |
* | * Do not convert digest auth strings to symbols. CVE-2012-3424Aaron Patterson2012-07-261-2/+2
|/ | | | | Conflicts: actionpack/lib/action_controller/metal/http_authentication.rb
* copy-edits 9674d2cXavier Noria2012-07-211-2/+2
|
* Clarification to doc of ActionController::MimeResponse.respond_toShigeya Suzuki2012-07-191-1/+2
| | | | | - #respond_to's documentation refer to .respond_to, but it was written as just <respond_to>. Added class name for clarification.
* Fix code comment to reflect its intent.Selem Delul2012-07-111-1/+1
|
* Don't raise an error if http auth token isn't well formattedPiotr Sarnacki2012-07-111-4/+6
| | | | | | | | | | | | | | When someone sends malformed authorization header, like: Authorization: Token foobar given token should be just ignored and resource should not be authorized, instead of raising error. Before this patch controller would return 401 header only for well formed tokens, like: Authorization: Token token=foobar and would return 500 in former case.
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-07-071-3/+0
|\
| * ActionDispatch::ClosedError no longer is raised. See d142572567 for more info.Nick Howard2012-06-301-3/+0
| |
* | Use "instance_accessor" for flash types class attributeCarlos Antonio da Silva2012-07-071-3/+3
| |
* | Added support add_flash_typeskennyj2012-07-071-8/+23
| |
* | group things that are alikeAaron Patterson2012-07-031-0/+3
| |
* | push functional test specific methods to it's own moduleAaron Patterson2012-07-031-8/+10
| |
* | push the cookie writing stuff out of the controllerAaron Patterson2012-07-031-23/+2
| | | | | | | | merging cookies is responsibility of the test runner
* | extend the controller with special logic on recycleAaron Patterson2012-07-031-10/+25
| | | | | | | | | | | | For some reason, this special logic is only supposed to be executed on the second request. For now, we'll extend on recycle, but we should figure out why this functionality can't be run on every request
* | push req / res setting to the test runnerAaron Patterson2012-07-031-4/+0
| | | | | | | | | | Try to avoid making the controller mutate itself so that we can eventually make the response async
* | extract response setting to a methodAaron Patterson2012-07-031-2/+8
| |
* | push response creation down since third param is never used.Aaron Patterson2012-07-021-3/+3
|/
* moar copy edits [ci skip]Vijay Dev2012-06-141-2/+1
|
* copy editing [ci skip]Vijay Dev2012-06-141-4/+7
|
* fixed http token authentication formattingJakub Kuźma2012-06-121-8/+13
|
* on CSRF whitelisting the argument for :if must be a symbolDaniel Lopes2012-06-071-1/+1
|
* fix typos on the CSRF whitelisting docDaniel Lopes2012-06-071-3/+3
|
* Document the CSRF whitelisting on get requestsDaniel Lopes2012-06-071-5/+16
|
* Extracted redirect logic from ActionController::Force::ClassMethods.force_sslJeremy Friesen2012-05-311-7/+15
| | | | | | | | | | | | | Prior to this patch the existing .force_ssl method handles both defining the filter and handling the logic for performing the redirect. With this patch the logic for redirecting to the HTTPS protocol is separated from the filter logic that determines if a redirect should occur. By separating the two levels of behavior, an instance method for ActionController (i.e. #force_ssl_redirect) is exposed and available for more granular SSL enforcement. Cleaned up indentation.
* Fix sorting of helpers from different pathsPiotr Sarnacki2012-05-281-2/+2
| | | | | | | | | | | | | | | | When more than one directory for helpers is provided to a controller, it should preserver the order of directories. Given 2 paths: MyController.helpers_paths = ["dir1/helpers", "dir2/helpers"] helpers from dir1 should be loaded first. Before this commit, all helpers were mixed and then sorted alphabetically, which essentially would require to rename helpers to get desired order. This is a problem especially for engines, where you would like to be able to predict accurately which engine helpers will load first. (closes #6496)
* Raise ActionController::BadRequest for malformed parameter hashes.Andrew White2012-05-201-1/+4
| | | | | | | | | | | | | | Currently Rack raises a TypeError when it encounters a malformed or ambiguous hash like `foo[]=bar&foo[4]=bar`. Rather than pass this through to the application this commit captures the exception and re-raises it using a new ActionController::BadRequest exception. The new ActionController::BadRequest exception returns a 400 error instead of the 500 error that would've been returned by the original TypeError. This allows exception notification libraries to ignore these errors if so desired. Closes #3051
* Show in log correct wrapped keysDmitry Vorotilin2012-05-201-1/+2
|
* Merge pull request #2237 from jackdempsey/log_redirect_toAaron Patterson2012-05-161-0/+1
|\ | | | | log at debug level what line caused the redirect_to
| * log at debug level what line caused the redirect_toJack Dempsey2012-05-161-0/+1
| |
* | Removing ==Examples and last blank lines of docs from actionpackFrancesco Rodriguez2012-05-157-19/+0
| |
* | Move HTTP Token auth docs above the Token moduleElia Schito2012-05-111-42/+44
| |
* | If content_type is explicitly passed to the :head method use the value or ↵Kunal Shah2012-05-081-1/+2
| | | | | | | | fallback
* | remove .new from raise ActionController::UnknownFormatSteven Soroka2012-05-061-1/+1
| |
* | Raise a rescuable exception when Rails doesn't know what to do with the ↵Steven Soroka2012-05-062-2/+4
| | | | | | | | format, rather than responding with a head :not_acceptable (406)
* | Use Hash#fetch instead of has_key? checkCarlos Antonio da Silva2012-05-041-1/+1
| |
* | Merge pull request #4445 from nragaz/role_based_params_wrappingJosé Valim2012-05-041-2/+3
| | | | | | | | specify a role for identifying accessible attributes when wrapping params
* | Merge pull request #6148 from twinturbo/head-fixJosé Valim2012-05-031-1/+21
|\ \ | | | | | | Make ActionController#head pass rack-link
| * | Remove content-length as welltwinturbo2012-05-031-2/+3
| | |
| * | Make ActionController#head pass rack-linktwinturbo2012-05-031-1/+20
| | |
* | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-05-012-2/+2
|\ \ \ | |/ / |/| |
| * | Code-format references to config settingsMark Rushakoff2012-04-271-1/+1
| | |
| * | More using <tt>x</tt> instead of +x+ when the latter renders improperly.Mark Rushakoff2012-04-271-1/+1
| | |
* | | no need to dup options in send_dataSergey Nartimov2012-04-301-1/+1
| | | | | | | | | | | | options aren't modified inside send_file_headers!
* | | allow send_file/send_data to skip disposition header, closes #2973Sergey Nartimov2012-04-301-17/+11
| | |
* | | Add note about using 303 See Other for XHR requests other than GET/POSTAndrew White2012-04-301-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IE since version 6 and recently Chrome and Firefox have started following 302 redirects from XHR requests other than GET/POST using the original request method. This can lead to DELETE requests being redirected amongst other things. Although it doesn't directly affect the Rails framework since it doesn't return a 302 redirect to any non-GET/POST request a note has been added to raise awareness of the issue. Some references: Original article from @technoweenie: http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/ Hacker News discussion of the article: http://news.ycombinator.com/item?id=2903493 WebKit bug report: https://bugs.webkit.org/show_bug.cgi?id=46183 Firefox bug report and changeset: https://bugzilla.mozilla.org/show_bug.cgi?id=598304 https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d Chrome bug report: http://code.google.com/p/chromium/issues/detail?id=56373 HTTPbis bug report and changeset: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160 http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428 Roy T. Fielding's history of the issue: http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html Automated browser tests for the issue: http://www.mnot.net/javascript/xmlhttprequest/ Fixes #4144
* | | Avoid calling content type multiple timesJosé Valim2012-04-291-4/+6
| | |
* | | Merge pull request #2321 from omjokine/masterJosé Valim2012-04-291-1/+4
|\ \ \ | |/ / |/| | JSONP should use mimetype application/javascript
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-09 00:18:19 +0000