aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller
Commit message (Collapse)AuthorAgeFilesLines
...
* fix shadowing outer local variable warningSergey Nartimov2012-09-191-3/+3
|
* Merge pull request #7251 from rails/integrate-strong_parametersDavid Heinemeier Hansson2012-09-184-7/+132
|\ | | | | Integrate strong_parameters in Rails 4
| * AC::ParameterMissing inherits from KeyError since it's more appropiated than ↵Guillermo Iguaran2012-09-161-1/+1
| | | | | | | | IndexError
| * Support fields_for attributes, which may have numeric symbols as hash keysGuillermo Iguaran2012-09-161-0/+4
| |
| * Add config.action_controller.permit_all_attributes to bypass ↵Guillermo Iguaran2012-09-162-1/+6
| | | | | | | | StrongParameters protection
| * Remove integration between attr_accessible/protected and ↵Guillermo Iguaran2012-09-161-7/+2
| | | | | | | | AC::Metal::ParamsWrapper
| * Integrate ActionController::Parameters from StrongParameters gemGuillermo Iguaran2012-09-162-0/+121
| |
* | log 404 status when ActiveRecord::RecordNotFound was raised (#7646)Yves Senn2012-09-171-1/+2
| |
* | removes unnecessary selfXavier Noria2012-09-171-1/+1
| |
* | revises the RDoc of AC::Base.without_modulesXavier Noria2012-09-171-2/+2
| |
* | documents the request and response methods in AC::BaseXavier Noria2012-09-171-3/+21
| |
* | revises RDoc in AC::Metal [ci skip]Xavier Noria2012-09-171-14/+7
| |
* | removes unnecessary selfXavier Noria2012-09-171-1/+1
|/
* Build fix for ActionMailerArun Agrawal2012-09-141-0/+1
| | | | | | See http://travis-ci.org/#!/rails/rails/jobs/2444632
* Implement :null_session CSRF protection methodSergey Nartimov2012-09-131-22/+70
| | | | | | | | It's further work on CSRF after 245941101b1ea00a9b1af613c20b0ee994a43946. The :null_session CSRF protection method provide an empty session during request processing but doesn't reset it completely (as :reset_session does).
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-09-091-1/+1
|\ | | | | | | | | Conflicts: activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb
| * Doc: sweepers only work on Active Record Modelsschneems2012-09-051-1/+1
| | | | | | In response to this rails issue: https://github.com/rails/rails/issues/3729
* | Use merge! to merge additional options onto default optionsCarlos Antonio da Silva2012-09-071-4/+3
| |
* | AS::Callbacks: deprecate monkey patch of object callbacksBogdan Gusiev2012-09-071-1/+1
| |
* | Fix example code: use tasks instead of commentsErik Behrends2012-09-021-1/+1
|/
* Sprockets-rails tests failDmitry Vorotilin2012-09-012-14/+1
| | | | | | | Method invalid_asset_host! was delegated to controller but sprockets compile assets in their own scope without controller. And if we set asset_host with second parameter it should raise error through invalid_asset_host!. But since controller is nil it cannot be reached.
* Instrumentation requires RackDelegationJosé Valim2012-08-301-0/+1
| | | Since it uses request and response methods
* Fixes warning: & interpreted as argument prefixkennyj2012-08-301-1/+1
|
* Use class_attribute so we dont bleedDavid Heinemeier Hansson2012-08-291-1/+6
|
* Added controller-level etag additions that will be part of the action etag ↵David Heinemeier Hansson2012-08-291-4/+34
| | | | computation *Jeremy Kemper/DHH*
* Fix spacingDavid Heinemeier Hansson2012-08-291-8/+8
|
* Fix spacingDavid Heinemeier Hansson2012-08-291-5/+4
|
* Add Missing Keys from Journey on failed URL formatschneems2012-08-281-0/+3
| | | | | | | | | | | | | | | | | | | | | | | Many named routes have keys that are required to successfully resolve. If a key is left off like this: <%= link_to 'user', user_path %> This will produce an error like this: No route matches {:action=>"show", :controller=>"users"} Since we know that the :id is missing, we can add extra debugging information to the error message. No route matches {:action=>"show", :controller=>"users"} missing required keys: [:id] This will help new and seasoned developers look closer at their parameters. I've also subclassed the routing error to be clear that this error is a result of attempting to generate a url and not because the user is trying to visit a bad url. While this may sound trivial this error message is misleading and confuses most developers. The important part isn't what's in the options its's what's missing. Adding this information to the error message will make debugging much more obvious. This is the sister pull request of https://github.com/rails/journey/pull/44 which will be required to get they missing keys into the correct error message. Example Development Error in Rails: http://cl.ly/image/3S0T0n1T3421
* Deprecate AV::RecordIdentifier in controllersPiotr Sarnacki2012-08-282-4/+16
| | | | | | | | Methods provided by RecordIdentifier are not widely used in controllers nowadays as they're view specific (this is probably a legacy left after RJS rendering directly in controllers). However if people still need to use it, it's trivial to include ActionView::RecordIdentifier by themselves.
* No need to use included hook for includePiotr Sarnacki2012-08-281-3/+1
| | | | | When module is extended ActiveSupport::Concern, include calls are lazily loaded, so there is no need to wrap it with included hook.
* Add deprecation horizon to html-scannerPiotr Sarnacki2012-08-281-1/+2
|
* Move action_controller/vendor/html-scanner to action_viewPiotr Sarnacki2012-08-287-1755/+3
| | | | | | This is another step in moving Action View's dependencies in Action Pack to Action View itself. Also, HtmlScanner seems to be better suited for views rather than controllers.
* Deprecate ActionController::RecordIdentifierPiotr Sarnacki2012-08-281-0/+8
|
* Move ActionController::RecordIdentifier to ActionViewPiotr Sarnacki2012-08-282-84/+1
| | | | | | | Since it's more about DOM classes and ids it belongs to Action View better. What's more, it's more convenient to make it part of Action View to follow the rule that Action Pack can depend on Action View, but not the other way round.
* Remove dependency on actionpack in ActionView::AssetPathsPiotr Sarnacki2012-08-282-1/+16
| | | | | | Since Action View should not depend on actionpack, it's best to delegate invalid_asset_host! to controller and just rely on such simple contract instead of raising ActionController::RoutingError directly.
* Extract ActiveRecord::SessionStore from RailsPrem Sichanugrist2012-08-241-9/+0
| | | | | This functionality will be available from gem `active_record-session_store` instead.
* Get rid of config.preload_frameworks in favor of config.eager_load_namespacesJosé Valim2012-08-211-0/+2
| | | | | | | The new option allows any Ruby namespace to be registered and set up for eager load. We are effectively exposing the structure existing in Rails since v3.0 for all developers in order to make their applications thread-safe and CoW friendly.
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-08-161-2/+2
|\
| * Minor language fix. [ci skip]Erich Menge2012-08-151-2/+2
| |
* | push header merge down to a private method so that live responses can have ↵Aaron Patterson2012-08-131-5/+4
| | | | | | | | their own header object
* | live response headers can be merged with a hashAaron Patterson2012-08-131-0/+4
| |
* | Missing closing tagEllis Berner2012-08-121-1/+1
| |
* | Fix handling SCRIPT_NAME from within mounted engine'sPiotr Sarnacki2012-08-111-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you mount your application at a path, for example /myapp, server should set SCRIPT_NAME to /myapp. With such information, rails application knows that it's mounted at /myapp path and it should generate routes relative to that path. Before this patch, rails handled SCRIPT_NAME correctly only for regular apps, but it failed to do it for mounted engines. The solution was to hardcode default_url_options[:script_name], which is not the best answer - it will work only when application is mounted at a fixed path. This patch fixes the situation by respecting original value of SCRIPT_NAME when generating application's routes from engine and the other way round - when you generate engine's routes from application. This is done by using one of 2 pieces of information in env - current SCRIPT_NAME or SCRIPT_NAME for a corresponding router. This is because we have 2 cases to handle: - generating engine's route from application: in this situation SCRIPT_NAME is basically SCRIPT_NAME set by the server and it indicates the place where application is mounted, so we can just pass it as :original_script_name in url_options. :original_script_name is used because if we use :script_name, router will ignore generating prefix for engine - generating application's route from engine: in this situation we already lost information about the SCRIPT_NAME that server used. For example if application is mounted at /myapp and engine is mounted at /blog, at this point SCRIPT_NAME is equal /myapp/blog. Because of that we need to keep reference to /myapp SCRIPT_NAME by binding it to the current router. Later on we can extract it and use when generating url Please note that starting from now you *should not* use default_url_options[:script_name] explicitly if your server already passes correct SCRIPT_NAME to rack env. (closes #6933)
* | use a sized buffer to prevent the queue being too largeAaron Patterson2012-08-081-10/+10
| |
* | Modernize the documentation for view caching somewhatDavid Heinemeier Hansson2012-08-081-37/+7
| |
* | removes usage of Object#in? from the code base (the method remains defined ↵Xavier Noria2012-08-061-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | by Active Support) Selecting which key extensions to include in active_support/rails made apparent the systematic usage of Object#in? in the code base. After some discussion in https://github.com/rails/rails/commit/5ea6b0df9a36d033f21b52049426257a4637028d we decided to remove it and use plain Ruby, which seems enough for this particular idiom. In this commit the refactor has been made case by case. Sometimes include? is the natural alternative, others a simple || is the way you actually spell the condition in your head, others a case statement seems more appropriate. I have chosen the one I liked the most in each case.
* | Renamed _path_segments to _recallBogdan Gusiev2012-08-042-2/+2
|/
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-08-041-1/+1
|\ | | | | | | | | | | Conflicts: activemodel/lib/active_model/secure_password.rb activerecord/lib/active_record/associations/collection_proxy.rb
| * use 'HTTP_AUTHORIZATION' instead of :authorization as key when dealing with ↵Francesco Rodriguez2012-07-271-1/+1
| | | | | | | | HTTP Token authentication in integration tests
* | Collapsed dual checks (one for content headers and one for content) into a ↵Armand du Plessis2012-08-021-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | single check. Rails includes a single character body to a head(:no_content) response to work around an old Safari bug where headers were ignored if no body sent. This patch brings the behavior slightly closer to spec if :no_content/204 is explicity requested via a head only response. Status comparison done on symbolic and numeric values Not returning any content when responding with head and limited to a status code that explicitly states no content will be returned - 100..199, 204, 205, 304.