| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
deep_munge solves CVE-2013-0155 security vulnerability, but its
behaviour is definately confuisng. This commit adds logging to deep_munge.
It logs keys for which values were set to nil.
Also mentions in guides were added.
|
|
|
|
|
|
|
|
| |
The request attributes filtered_parameters, filtered_env and filtered_path
are memoized for performance reasons. However this can cause unusual
behavior in tests where there are multiple calls to get, post, etc.
Fixes #13803.
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* master: (536 commits)
doc, API example on how to use `Model#exists?` with multiple IDs. [ci skip]
Restore DATABASE_URL even if it's nil in connection_handler test
[ci skip] - error_messages_for has been deprecated since 2.3.8 - lets reduce any confusion for users
Ensure Active Record connection consistency
Revert "ask the fixture set for the sql statements"
Check `respond_to` before delegation due to: https://github.com/ruby/ruby/commit/d781caaf313b8649948c107bba277e5ad7307314
Adding Hash#compact and Hash#compact! methods
MySQL version 4.1 was EOL on December 31, 2009 We should at least recommend modern versions of MySQL to users.
clear cache on body close so that cache remains during rendering
add a more restricted codepath for templates fixes #13390
refactor generator tests to use block form of Tempfile
Fix typo [ci skip]
Move finish_template as the last public method in the generator
Minor typos fix [ci skip]
make `change_column_null` reversible. Closes #13576.
create/drop test and development databases only if RAILS_ENV is nil
Revert "Speedup String#to"
typo fix in test name. [ci skip].
`core_ext/string/access.rb` test what we are documenting.
Fix typo in image_tag documentation
...
Conflicts:
actionpack/CHANGELOG.md
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Like `format.any`, you can do the same with variants.
It works for both inline:
respond_to do |format|
format.html.any { render text: "any" }
format.html.phone { render text: "phone" }
end
and block syntax:
respond_to do |format|
format.html do |variant|
variant.any(:tablet, :phablet){ render text: "any" }
variant.phone { render text: "phone" }
end
end
|
| |
| |
| |
| |
| | |
* Add "<tt>" or "+" to improve font of some code and filenames in API documentation
* Does not contain wording changes
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
TLDR: always return an object that responds to the query methods from
request.format, and do not touch Mime::Type[] lookup to avoid bugs.
---
Long version:
The initial issue was about being able to do checks like
request.format.html? for request with an unknown format, where
request.format would be nil.
This is where the issue came from at first in #7837 and #8085
(merged in cba05887dc3b56a46a9fe2779b6b228880b49622), but the
implementation went down the path of adding this to the mime type
lookup logic.
This unfortunately introduced subtle bugs, for instance in the merged
commit a test related to send_file had to be changed to accomodate the
introduction of the NullType.
Later another bug was found in #13064, related to the content-type being
shown as #<Mime::NullType:...> for templates with localized extensions
but no format included. This one was fixed in #13133, merged in
43962d6ec50f918c9970bd3cd4b6ee5c7f7426ed.
Besides that, custom handlers were not receiving the proper template
formats anymore when passing through the rendering process, because of
the NullType addition. That was found while migrating an application
from 3.2 to 4.0 that uses the Markerb gem (a custom handler that
generates both text and html emails from a markdown template).
---
This changes the implementation moving away from returning this null
object from the mime lookup, and still fixes the initial issue where
request.format.zomg? would raise an exception for unknown formats due to
request.format being nil.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| | |
AC::Parameters#fetch was refactored in 7171111 to prevent self mutation, but
in doing so it hardcodes logic #convert_hashes_to_parameters is supposed to
encapsulate.
Better leave the delegation, and add a way to avoid mutating self in there.
|
| |
| |
| |
| | |
#13382]
|
| |\ |
|
| | | |
|
| | | |
|
| |\ \
| | | |
| | | | |
CSRF protection from cross-origin <script> tags
|
| | | |
| | | |
| | | |
| | | | |
Thanks to @homakov for sounding the alarm about JSONP-style data leaking
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Added release notes for secrets.yml and mentioned it in the highlights
* Added release notes for Mailer previews and mentioned it in the highlights
* Added release notes for Module#concerning
* Removed mention for AV extraction from the highlights
* Rearranged the major features to put highlighted features first
* Various improvements and typo fixes
[ci skip]
|
| | |
| | |
| | |
| | |
| | | |
Without parenthesis, ruby assumes that curly braces denote the beginning
of a block.
|
| |\ \
| | | |
| | | | |
Spelling and Grammar checks [ci skip]
|
| | | | |
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
* Extend method documentation
* Mention it in actionpack/CHANGELOG
* Update release notes
|
| |\ \
| | | |
| | | | |
Fix typo in action_controller responder.rb [ci skip]
|
| | | | |
|
| |/ / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In most cases, when setting variant specific code, you're not sharing any code
within format.
Inline syntax can vastly simplify defining variants in those situations:
respond_to do |format|
format.js { render "trash" }
format.html do |variant|
variant.phone { redirect_to progress_path }
variant.none { render "trash" }
end
end
Becomes:
respond_to do |format|
format.js { render "trash" }
format.html.phone { redirect_to progress_path }
format.html.none { render "trash" }
end
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
@responses hash needs to be initialized with mime types that we get from
Collector#collect_mimes_from_class_level. Mime::Type class as key and nil as
value. This need to happen before content negotiation. Before that, it was
looping though mime types and executing mime-type-generated method inside
collector (see
AbstractController::Collector#generate_method_for_mime). That approach resulted
in 2 unnecessary method calls for each mime type
collected by Collector#collect_mimes_from_class_level.
Now hash is initialized in place, without usage of Collector#custom method.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
little more work!
This reverts commit 186161148a189839a1e0924043f068a8d155ce69, reversing
changes made to cad9eb178ea5eec0e27d74e93518f4ed34e2f997.
|
| |\ \
| | | |
| | | | |
Inline syntax for variants
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In most cases, when setting variant specific code, you're not sharing any code
within format.
Inline syntax can vastly simplify defining variants in those sitiations:
respond_to do |format|
format.js { render "trash" }
format.html do |variant|
variant.phone { redirect_to progress_path }
variant.none { render "trash" }
end
end
`
Becomes:
respond_to do |format|
format.js { render "trash" }
format.html.phone { redirect_to progress_path }
format.html.none { render "trash" }
end
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
@responses hash needs to be initialized with mime types that we get from
Collector#collect_mimes_from_class_level. Mime::Type class as key and nil as
value. This need to happen before content negotiation. Before that, it was
looping though mime types and executing mime-type-generated method inside
collector (see
AbstractController::Collector#generate_method_for_mime). That approach resulted
in 2 unnecessary method calls for each mime type
collected by Collector#collect_mimes_from_class_level.
Now hash is initialized in place, without usage of Collector#custom method.
|
| |/ / |
|
| | |
| | |
| | |
| | | |
controller
|
| | | |
|
| |\ \
| | | |
| | | | |
Retain ActionPack dependency on ActionView. Fixes #12979.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Avoid one-liner conditionals when they are too big. Avoid concatenating
strings to build error messages. Improve messages a bit.
|
| |/ / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
By default, variants in the templates will be picked up if a variant is set
and there's a match. The format will be:
app/views/projects/show.html.erb
app/views/projects/show.html+tablet.erb
app/views/projects/show.html+phone.erb
If request.variant = :tablet is set, we'll automatically be rendering the
html+tablet template.
In the controller, we can also tailer to the variants with this syntax:
class ProjectsController < ActionController::Base
def show
respond_to do |format|
format.html do |html|
@stars = @project.stars
html.tablet { @notifications = @project.notifications }
html.phone { @chat_heads = @project.chat_heads }
end
format.js
format.atom
end
end
end
The variant itself is nil by default, but can be set in before filters, like
so:
class ApplicationController < ActionController::Base
before_action do
if request.user_agent =~ /iPad/
request.variant = :tablet
end
end
end
This is modeled loosely on custom mime types, but it's specifically not
intended to be used together. If you're going to make a custom mime type,
you don't need a variant. Variants are for variations on a single mime
types.
|
| | | |
|
| |\ \
| | | |
| | | |
| | | |
| | | | |
Conflicts:
actionpack/CHANGELOG.md
|
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This PR fixes #13064 regression bug introduced by the #8085
Now in _process_format when the format is a Mime::NullType nothing is written in self.content_type.
In this way the method Response#assign_default_content_type_and_charset can
write the the default mime_type.
|
| |/ |
|
|/
|
|
| |
Fixes #12381
|
|
|
|
|
|
| |
atom_feed_helper_test.rb to fail with "SystemStackError: stack level too deep".
This reverts commit d3a1ce1cdc60d593de1682c5f4e3230c8db9a0fd.
|
|\
| |
| | |
Used Yield instead of block.call
|
| | |
|
| | |
|
|/
|
|
| |
Ruby 1.8 legacy. Since 1.9 hash preserves insertion order. No need for additional array to achieve this
|
|
|
|
|
|
|
| |
constant.
`view_assigns` can use the precalculated sets and remove instance
variables without allocating any extra arrays
|
| |
|