aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller
Commit message (Collapse)AuthorAgeFilesLines
* AS::Callbacks: deprecate monkey patch codeBogdan Gusiev2012-06-261-0/+6
| | | | | Deprecate usage of filter object with #before and #after methods as around callback
* Merge pull request #6805 from tim-vandecasteele/uploadedfile-paramifyCarlos Antonio da Silva2012-06-231-1/+1
|\ | | | | Don't paramify ActionDispatch::Http::UploadedFile in tests
| * Don't paramify ActionDispatch::Http::UploadedFile in testsTim Vandecasteele2012-06-221-1/+1
| | | | | | | | | | | | | | | | | | | | To test uploading a file without using fixture_file_upload, a posted ActionDispatch::Http::UploadedFile should not be paramified (just like Rack::Test::UploadedFile). (Rack::Test::UploadedFile and ActionDispatch::Http::UploadedFile don't share the same API, tempfile is not accessible on Rack::Test::UploadedFile as discussed in https://github.com/brynary/rack-test/issues/30)
* | add :nodoc: to internal implementations [ci skip]Francesco Rodriguez2012-06-221-1/+1
|/
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-06-142-8/+26
|\
| * moar copy edits [ci skip]Vijay Dev2012-06-141-2/+1
| |
| * copy editing [ci skip]Vijay Dev2012-06-141-4/+7
| |
| * fixed http token authentication formattingJakub Kuźma2012-06-121-8/+13
| |
| * on CSRF whitelisting the argument for :if must be a symbolDaniel Lopes2012-06-071-1/+1
| |
| * fix typos on the CSRF whitelisting docDaniel Lopes2012-06-071-3/+3
| |
| * Document the CSRF whitelisting on get requestsDaniel Lopes2012-06-071-5/+16
| |
* | ActionController::Caching depends on RackDelegation and ↵Santiago Pastorino2012-06-131-0/+3
| | | | | | | | AbstractController::Callbacks
* | Symbol responds_to :upcase & :downcase in Ruby >= 1.9Akira Matsuda2012-06-061-1/+1
|/
* Extracted redirect logic from ActionController::Force::ClassMethods.force_sslJeremy Friesen2012-05-311-7/+15
| | | | | | | | | | | | | Prior to this patch the existing .force_ssl method handles both defining the filter and handling the logic for performing the redirect. With this patch the logic for redirecting to the HTTPS protocol is separated from the filter logic that determines if a redirect should occur. By separating the two levels of behavior, an instance method for ActionController (i.e. #force_ssl_redirect) is exposed and available for more granular SSL enforcement. Cleaned up indentation.
* Fix sorting of helpers from different pathsPiotr Sarnacki2012-05-281-2/+2
| | | | | | | | | | | | | | | | When more than one directory for helpers is provided to a controller, it should preserver the order of directories. Given 2 paths: MyController.helpers_paths = ["dir1/helpers", "dir2/helpers"] helpers from dir1 should be loaded first. Before this commit, all helpers were mixed and then sorted alphabetically, which essentially would require to rename helpers to get desired order. This is a problem especially for engines, where you would like to be able to predict accurately which engine helpers will load first. (closes #6496)
* Escape the extension when normalizing the action cache path.Andrew White2012-05-201-2/+3
| | | | | | | | | Although no recognized formats use non-ASCII characters, sometimes they can be included in the :format parameter because of invalid URLS. To prevent encoding incompatibility errors we need to escape them before passing the path to URI.unescape. Closes #4379
* Raise ActionController::BadRequest for malformed parameter hashes.Andrew White2012-05-201-1/+4
| | | | | | | | | | | | | | Currently Rack raises a TypeError when it encounters a malformed or ambiguous hash like `foo[]=bar&foo[4]=bar`. Rather than pass this through to the application this commit captures the exception and re-raises it using a new ActionController::BadRequest exception. The new ActionController::BadRequest exception returns a 400 error instead of the 500 error that would've been returned by the original TypeError. This allows exception notification libraries to ignore these errors if so desired. Closes #3051
* Show in log correct wrapped keysDmitry Vorotilin2012-05-201-1/+2
|
* Make AC::LogSubscriber#send_file like #send_dataAlexey Vakhov2012-05-191-3/+1
|
* Fix incorrect assert_block -> assert conversion. Assumed too much from the ↵Jeremy Kemper2012-05-171-2/+2
| | | | MiniTest deprecation message.
* MiniTest deprecated #assert_block in favor of calling #assert with a blockJeremy Kemper2012-05-171-1/+1
|
* Merge pull request #2237 from jackdempsey/log_redirect_toAaron Patterson2012-05-161-0/+1
|\ | | | | log at debug level what line caused the redirect_to
| * log at debug level what line caused the redirect_toJack Dempsey2012-05-161-0/+1
| |
* | Removing ==Examples and last blank lines of docs from actionpackFrancesco Rodriguez2012-05-1510-34/+12
| |
* | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-05-121-42/+44
|\ \ | | | | | | | | | | | | Conflicts: activesupport/lib/active_support/callbacks.rb
| * | Move HTTP Token auth docs above the Token moduleElia Schito2012-05-111-42/+44
| | |
* | | Move require to where it's neededSantiago Pastorino2012-05-111-0/+1
| | |
* | | remove duplicate usage of Rack::Utils.status_code in ↵Rafael Magana2012-05-101-1/+1
|/ / | | | | | | LogSubscriber#process_action
* | If content_type is explicitly passed to the :head method use the value or ↵Kunal Shah2012-05-081-1/+2
| | | | | | | | fallback
* | remove .new from raise ActionController::UnknownFormatSteven Soroka2012-05-061-1/+1
| |
* | Raise a rescuable exception when Rails doesn't know what to do with the ↵Steven Soroka2012-05-062-2/+4
| | | | | | | | format, rather than responding with a head :not_acceptable (406)
* | Use Hash#fetch instead of has_key? checkCarlos Antonio da Silva2012-05-041-1/+1
| |
* | Merge pull request #4445 from nragaz/role_based_params_wrappingJosé Valim2012-05-041-2/+3
| | | | | | | | specify a role for identifying accessible attributes when wrapping params
* | Improve assert_template layout checkingAlexey Vakhov2012-05-041-3/+15
| |
* | Fix assert_template :layout => nil assertionAlexey Vakhov2012-05-041-2/+5
| |
* | Fix assert_template assertion with :layout optionAlexey Vakhov2012-05-041-1/+1
| |
* | Merge pull request #6148 from twinturbo/head-fixJosé Valim2012-05-031-1/+21
|\ \ | | | | | | Make ActionController#head pass rack-link
| * | Remove content-length as welltwinturbo2012-05-031-2/+3
| | |
| * | Make ActionController#head pass rack-linktwinturbo2012-05-031-1/+20
| | |
* | | added proc evaluation for action cache's layout parameterNico2012-05-021-2/+4
| | |
* | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-05-012-2/+2
|\ \ \ | |/ / |/| |
| * | Code-format references to config settingsMark Rushakoff2012-04-271-1/+1
| | |
| * | More using <tt>x</tt> instead of +x+ when the latter renders improperly.Mark Rushakoff2012-04-271-1/+1
| | |
* | | Merge pull request #6078 from lest/patch-4José Valim2012-04-301-18/+12
|\ \ \ | | | | | | | | allow send_file/send_data to skip disposition header, closes #2973
| * | | no need to dup options in send_dataSergey Nartimov2012-04-301-1/+1
| | | | | | | | | | | | | | | | options aren't modified inside send_file_headers!
| * | | allow send_file/send_data to skip disposition header, closes #2973Sergey Nartimov2012-04-301-17/+11
| | | |
* | | | Merge pull request #6034 from ↵Piotr Sarnacki2012-04-301-1/+0
|\ \ \ \ | |/ / / |/| | | | | | | | | | | willbryant/flash_must_not_load_session_on_every_request_master Fix the Flash middleware loading the session on every request
| * | | fix the Flash middleware loading the session on every request (very ↵Will Bryant2012-04-281-1/+0
| |/ / | | | | | | | | | dangerous especially with Rack::Cache), it should only be loaded when the flash method is called
* | | Add note about using 303 See Other for XHR requests other than GET/POSTAndrew White2012-04-301-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IE since version 6 and recently Chrome and Firefox have started following 302 redirects from XHR requests other than GET/POST using the original request method. This can lead to DELETE requests being redirected amongst other things. Although it doesn't directly affect the Rails framework since it doesn't return a 302 redirect to any non-GET/POST request a note has been added to raise awareness of the issue. Some references: Original article from @technoweenie: http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/ Hacker News discussion of the article: http://news.ycombinator.com/item?id=2903493 WebKit bug report: https://bugs.webkit.org/show_bug.cgi?id=46183 Firefox bug report and changeset: https://bugzilla.mozilla.org/show_bug.cgi?id=598304 https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d Chrome bug report: http://code.google.com/p/chromium/issues/detail?id=56373 HTTPbis bug report and changeset: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160 http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428 Roy T. Fielding's history of the issue: http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html Automated browser tests for the issue: http://www.mnot.net/javascript/xmlhttprequest/ Fixes #4144
* | | Fix controller_class_name for anonymous controllers.Michael Schuerig2012-04-291-1/+1
| | |