aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller
Commit message (Collapse)AuthorAgeFilesLines
...
| * | | fix the Flash middleware loading the session on every request (very ↵Will Bryant2012-04-281-1/+0
| |/ / | | | | | | | | | dangerous especially with Rack::Cache), it should only be loaded when the flash method is called
* | | Add note about using 303 See Other for XHR requests other than GET/POSTAndrew White2012-04-301-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IE since version 6 and recently Chrome and Firefox have started following 302 redirects from XHR requests other than GET/POST using the original request method. This can lead to DELETE requests being redirected amongst other things. Although it doesn't directly affect the Rails framework since it doesn't return a 302 redirect to any non-GET/POST request a note has been added to raise awareness of the issue. Some references: Original article from @technoweenie: http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/ Hacker News discussion of the article: http://news.ycombinator.com/item?id=2903493 WebKit bug report: https://bugs.webkit.org/show_bug.cgi?id=46183 Firefox bug report and changeset: https://bugzilla.mozilla.org/show_bug.cgi?id=598304 https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d Chrome bug report: http://code.google.com/p/chromium/issues/detail?id=56373 HTTPbis bug report and changeset: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160 http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428 Roy T. Fielding's history of the issue: http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html Automated browser tests for the issue: http://www.mnot.net/javascript/xmlhttprequest/ Fixes #4144
* | | Fix controller_class_name for anonymous controllers.Michael Schuerig2012-04-291-1/+1
| | |
* | | Merge pull request #6017 from larzconwell/remove_sanitize_dom_idJeremy Kemper2012-04-291-6/+1
|\ \ \ | | | | | | | | Removed the sanitize_dom_id method
| * | | Removed the sanitize_dom_id method because HTML5 doctype let's us use ↵Larz Conwell2012-04-271-6/+1
| | | | | | | | | | | | | | | | anything except nothing and whitespace for id's
* | | | Don't convert params if the request isn't HTML - fixes #5341Andrew White2012-04-291-6/+18
| | | |
* | | | Avoid calling content type multiple timesJosé Valim2012-04-291-4/+6
| | | |
* | | | Merge pull request #2321 from omjokine/masterJosé Valim2012-04-291-1/+4
|\ \ \ \ | | | | | | | | | | JSONP should use mimetype application/javascript
| * \ \ \ Merge remote-tracking branch 'upstream/master'Olli Jokinen2011-12-0129-102/+134
| |\ \ \ \
| * | | | | Change mimetype to Mime::JS if JSONP is usedOlli Jokinen2011-07-281-1/+4
| | | | | |
* | | | | | Merge session arg with existing session instead of overwritingAndrew White2012-04-281-1/+1
| |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This may break existing tests that are asserting the whole session contents but should not break existing tests that are asserting individual keys - e.g: class SomeControllerTest < ActionController::TestCase setup do session['user_id'] = 1 end test "some test" do get :some_action, nil, { 'another_var' => 2 } # This assertion will now fail assert_equal({ 'another_var' => 2 }, session) # This assertion will still pass assert_equal 2, session['another_var] end end Fixes #1529.
* | | | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-04-282-4/+4
|\ \ \ \ \ | |_|_|/ / |/| | | |
| * | | | Use <tt>Foo::Bar</tt> instead of +Foo::Bar+Mark Rushakof2012-04-272-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The latter doesn't render as code in HTML output. Regex used in Rubymine to locate the latter form: (\+)(:*\w+:(?::|\w)+)(\+)
* | | | | remove unnecessary else statementVasiliy Ermolovich2012-04-261-3/+3
|/ / / /
* | | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-04-181-1/+1
|\ \ \ \
| * | | | Fix HTML sanitizer allowed_css_properties commentAlexey Vakhov2012-04-131-1/+1
| | | | |
* | | | | Remove obsolete codeAlexey Vakhov2012-04-121-3/+0
| | | | |
* | | | | #send_file leans on Rack::Sendfile to X-Accel-Redirect the file's path, so ↵Jeremy Kemper2012-04-121-1/+21
|/ / / / | | | | | | | | | | | | opening the file to set the response body is wasteful. Set a FileBody wrapper instead that responds to to_path and streams the file if needed.
* | | | Merge pull request #5748 from ai/no_type_in_html5Jeremy Kemper2012-04-081-1/+1
|\ \ \ \ | | | | | | | | | | Remove unnecessary in HTML 5 type attribute with default value
| * | | | Remove unnecessary in HTML 5 type attribute with default valueAndrey A.I. Sitnik2012-04-051-1/+1
| | | | |
* | | | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-04-051-0/+1
|\ \ \ \ \
| * | | | | Add AC record identifier example with not-persisted objectAlexey Vakhov2012-04-051-0/+1
| | | | | |
* | | | | | Merge pull request #4446 from ayamomiji/patch-1José Valim2012-04-051-1/+1
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | prevent the cache sweeper ignores NoMethodError
| * | | | | prevent the cache sweeper ignores NoMethodErrorayaya2012-03-291-1/+1
| | | | | |
* | | | | | Merge pull request #5716 from jurriaan/tr-gsub-cleanupSantiago Pastorino2012-04-043-3/+3
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Updated/changed unneeded tr/gsubs
| * | | | | Updated/changed useless tr/gsubsJurriaan Pruis2012-04-033-3/+3
| | | | | |
* | | | | | Fix AC responder exampleAlexey Vakhov2012-04-041-1/+1
| | | | | |
* | | | | | Remove non-obligatory params in AC respond_to examplesAlexey Vakhov2012-04-031-2/+2
|/ / / / /
* | | | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-04-011-1/+0
|\ \ \ \ \
| * | | | | CSRF messages are no longer controlled by 422.html because ↵Tony Primerano2012-03-281-1/+0
| |/ / / / | | | | | | | | | | | | | | | InvalidAuthenticityToken is not raised
* | | | | Remove obsolete reader from AC::MethodNotAllowed exception classAlexey Vakhov2012-03-311-2/+0
| | | | |
* | | | | Remove AC::RenderError class second declarationAlexey Vakhov2012-03-311-3/+0
|/ / / /
* | | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-03-272-2/+2
|\ \ \ \
| * | | | Proc objects for caches_page no need controller objectAlexey Vakhov2012-03-271-1/+1
| | | | |
| * | | | Fix AC actions caching commentAlexey Vakhov2012-03-241-1/+1
| | | | |
* | | | | Don't ignore non Enumerable values passed to sanitize (closes #5585)Piotr Sarnacki2012-03-271-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When someone accidentally passes a string to sanitize like: sanitize("<span>foo</span>", :tags => "b") there is no indication that it's the wrong way and span will not be removed.
* | | | | ActionController caching small String#split optimizationAlexey Vakhov2012-03-241-2/+2
|/ / / /
* | | | We dont need to merge in the parameters as thats all being reset by the rack ↵David Heinemeier Hansson2012-03-201-1/+0
| | | | | | | | | | | | | | | | headers (and its causing problems for Strong Parameters attempt of wrapping request.parameters because it will change in testing)
* | | | respond_with description: changed 'response' to 'format'Mark Thomson2012-03-181-1/+1
| | | |
* | | | Revised comments for respond_withMark Thomson2012-03-181-17/+18
| | | |
* | | | Merge remote-tracking branch 'origin/master'Mark Thomson2012-03-1712-56/+86
|\ \ \ \
| * | | | fixed - warning: instance variable @controller not initializedSandeep2012-03-161-0/+5
| | | | |
| * | | | strip null bytes from Location header as wellBrian Lopez2012-03-151-1/+1
| | | | | | | | | | | | | | | | | | | | add tests for stripping \r\n chars since that's already happening
| * | | | Simplify helpers handling. Ensure Metal can run AC hooks.José Valim2012-03-154-35/+34
| | | | |
| * | | | Remove ActionController::TestCase#rescue_action_in_public!Piotr Sarnacki2012-03-151-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This method has no effect since exception handling was moved to middlewares and ActionController tests do not use any middlewares.
| * | | | Remove --http.José Valim2012-03-141-134/+0
| | | | |
| * | | | Merge pull request #5357 from bagilevi/sweeper-undefined-method-ignoredPiotr Sarnacki2012-03-141-1/+1
| |\ \ \ \ | | | | | | | | | | | | Don't ignore call to undefined method in Sweeper
| | * | | | Don't ignore call to undefined method in SweeperLevente Bagi2012-03-061-1/+1
| | | | | |
| * | | | | Add ActionController::HTTPSantiago Pastorino2012-03-145-6/+146
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | More info http://edgeguides.rubyonrails.org/api_app.html [Carlos Antonio da Silva & Santiago Pastorino]
| * | | | | Remove Active Resource source files from the repositoryPrem Sichanugrist2012-03-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dear Active Resource, It's not that I hate you or anything, but you didn't get much attention lately. There're so many alternatives out there, and I think people have made their choice to use them than you. I think it's time for you to have a big rest, peacefully in this Git repository. I will miss you, @sikachu.
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-03 21:53:38 +0000