| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
specifically are checked for CSRF, when dealing with the browser.
[ci skip]
|
| |
|
|
|
|
|
|
|
| |
supercaracal/fix_force_ssl_redirection_flash_error"
This reverts commit d215620340be7cb29e2aa87aab22da5ec9e6e6a7, reversing
changes made to bbbbfe1ac02162ecb5e9a7b560134a3221f129f3.
|
| |
|
|\
| |
| | |
fix missing "if" in API docs for ActionController::Parameters#permit
|
| | |
|
|/
|
|
|
|
|
|
|
| |
After merging #19377 ActionPack tests were missing a require for
`ActiveSupport::LogSubscriber::TestHelper` and change didn't take
into account that logger could be nil. Added the require and only log to
info if logger exists.
This wasn't caught earlier because these tests only run after a merge.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/ruby/ruby/pull/579 - there is a new optimization
since ruby 2.2
Previously regexp patterns were faster (since a string was converted to
regexp underneath anyway). But now string patterns are faster and
better reflect the purpose.
Benchmark.ips do |bm|
bm.report('regexp') { 'this is ::a random string'.gsub(/::/, '/') }
bm.report('string') { 'this is ::a random string'.gsub('::', '/') }
bm.compare!
end
# string: 753724.4 i/s
# regexp: 501443.1 i/s - 1.50x slower
|
|\
| |
| | |
Return super in ActionController::Parameters.const_missing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The current implementation of ActionController::Parameters.const_missing
returns `ActionController::Parameters.always_permitted_parameters` even
if its `super` returns a constant without raising error. This prevents its
subclass in a autoloading module/class from taking advantage of
autoloading constants.
class SomeParameters < ActionController::Parameters
def do_something
DefinedSomewhere.do_something
end
end
In the code above, `DefinedSomewhere` is to be autoloaded with
`Module.const_missing` but `ActionController::Parameters.const_missing`
returns `always_permitted_parameters` instead of the autoloaded
constant.
This pull request fixes the issue respecting `const_missing`'s `super`.
|
|/
|
|
| |
Closes #18933.
|
|\
| |
| | |
Return truthy value from head method
|
| |
| |
| |
| |
| |
| | |
It was returning false in normal circumstances.
This broke the `head :ok and return if` construct.
Add appropriate test.
|
|/
|
|
|
|
|
|
|
| |
As of the upgrade to Rack 1.5, request.session_options[:id] is no
longer populated. Reflect this change in the tests by using
request.session.id instead.
Related change in Rack:
https://github.com/rack/rack/commit/83a270d6
|
|
|
|
|
|
|
|
|
|
|
| |
- The request needs to be instance of ActionDispatch::Request or an
object that responds to host, optional_port, protocol and
symbolized_path_parameter.
- This documentation was correctly added in
https://github.com/rails/rails/commit/e3b3f416b57f5642ea25078485f7e9394ad04526
but was changed to
https://github.com/rails/rails/commit/e1ceae576e3911f3e6708b5d19a0e3ef63769eb7.
- Fixes #16160.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
parts out of active_support.
|
|
|
|
|
| |
This approach will avoid us to check for NoMethodError when trying to
decode
|
|\
| |
| |
| | |
Handle non-string authenticity tokens
|
| |
| |
| |
| | |
Non-string authenticity tokens raised NoMethodError when decoding the
masked token.
|
| | |
|
|/
|
|
|
|
|
|
|
| |
Add http_cache_forever to ActionController, so we can cache results
forever.
Things like static pages are a good candidate for this type of caching.
This cache only controls caching headers, so it is up to the browser to
cache those requests.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The methods `fresh_when` and `stale?` from ActionController::ConditionalGet
accept a single record as a short form for a hash. For instance
```ruby
def show
@article = Article.find(params[:id])
fresh_when(@article)
end
```
is just a short form for:
```ruby
def show
@article = Article.find(params[:id])
fresh_when(etag: @article, last_modified: @article.created_at)
end
```
This commit extends `fresh_when` and `stale?` to also accept a collection
of records, so that a short form similar to the one above can be used in
an `index` action. After this commit, the following code:
```ruby
def index
@article = Article.all
fresh_when(etag: @articles, last_modified: @articles.maximum(:created_at))
end
```
can be simply written as:
```ruby
def index
@article = Article.all
fresh_when(@articles)
end
```
|
|
|
|
|
|
|
|
|
|
|
|
| |
PR #18772 changed the parameters of `stale?` to use `kwargs`.
[As for this comment](https://github.com/rails/rails/pull/18872/files#r24456288)
the default value for the `etag` parameter should be `record`, not `nil`.
This commit fixes the code and introduces a test that:
- passed before #18872
- fails on the current master (after #18772)
- passes again after setting the default value of `etag` to `record`.
|
| |
|
|\
| |
| | |
Migrating xhr methods to keyword arguments syntax
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
in `ActionController::TestCase` and
`ActionDispatch::Integration`
Old syntax:
`xhr :get, :create, params: { id: 1 }`
New syntax example:
`get :create, params: { id: 1 }, xhr: true`
|
|\ \
| | |
| | | |
Pre-discard flash messages
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Inside a controller functional test after the last flash is deleted it
still persists the flash because to_session_value is nil. We should
delete it from the session when the serialized version is nil, same as
the flash middleware.
|
| | | |
|
| |/
|/| |
|
| | |
|
|/
|
|
|
|
|
|
| |
Non-kwargs requests are deprecated now.
Guides are updated as well.
`post url, nil, nil, { a: 'b' }` doesn't make sense.
`post url, params: { y: x }, session: { a: 'b' }` would be an explicit way to do the same
|
| |
|
|
|
|
|
|
|
|
| |
Previously env was duplicated and then had it's keys mutated. This iterates through
the hash twice.
Using `transform_keys`, duplication and key mutation is a single iteration.
`convert_symbols` was renamed to `http_header_format`.
|
| |
|
|
|
|
| |
Render arbitrary templates outside of controller actions
|
|
|
|
|
| |
To have an easier way to setup a controller
instance with custom environment
|
|
|
|
|
| |
Add `ActionController::Metal#set_request!` to set a request
on controller instance without calling dispatch.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It is clearer and closer to reality to use `@article.updated_at` as
the `:last_modified` parameter of `fresh_when` and `stale?`.
Using `@article.created_at` would result in the cache never expiring,
since the creation timestamp never changes.
[ci skip]
|
| | |
|