| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
This avoids potential format string vulnerabilities where user-provided
data is interpolated into the log message before String#% is called.
|
|
|
|
|
|
| |
use canonical #controller_path logic in controller test cases
Conflicts:
actionpack/lib/action_controller/test_case.rb
|
| |
|
|
|
|
|
|
| |
df36c5f - Fix assert_template assertion with :layout option
4bd05a7 - Fix assert_template :layout => nil assertion
0d19a08 - Improve assert_template layout checking
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix missing action_missing
Conflicts:
actionpack/CHANGELOG.md
Conflicts:
actionpack/test/controller/base_test.rb
Fixes #9799
|
|
|
|
|
| |
Conflicts:
actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
|
| |
|
|
|
|
|
|
| |
Ruby 2.0 changed the behavior of `respond_to?` without argument to
return only search for public method. We actually want to perform the
action only if `method_missing` is either in public or protected.
|
| |
|
| |
|
|
|
|
|
|
| |
force response body to be read in assert_template
Conflicts:
actionpack/lib/action_controller/test_case.rb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7d17cd2cbfc086f5aa9dd636e1207eb130150428.
Conflicts:
actionpack/CHANGELOG.md
Reason: This added a regression since people were relying on this buggy behavior.
This will introduce back #3849 but we will be backward compatible in
stable release.
Fixes #8068.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
senny/7459_prefix_tempalte_assertion_variables"
This reverts commit 2bad605873b5b720d77ae6388a995827ab7fe705.
Conflicts:
actionpack/CHANGELOG.md
Reason: This added a regression related with shoulda-matchers, since it
is expecting the instance variable @layouts
See https://github.com/thoughtbot/shoulda-matchers/blob/9e1188eea68c47d9a56ce6280e45027da6187ab1/lib/shoulda/matchers/action_controller/render_with_layout_matcher.rb#L74
This will introduce back #7459 but this stable release will be backward compatible.
Related with #8068.
|
|
|
|
|
|
| |
can't pass :locals to #assert_template without a view test case (#3415)
Conflicts:
actionpack/CHANGELOG.md
|
|
|
|
|
|
|
|
|
| |
prefix TemplateAssertions ivars.
Closes #7459
Conflicts:
actionpack/lib/action_controller/test_case.rb
actionpack/lib/action_view/test_case.rb
|
|
|
|
|
|
|
| |
REBASED: fixing assert_template bug when template matches expected, but not ends with
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_controller/test_case.rb
|
|
|
|
|
|
|
|
|
|
| |
To test uploading a file without using fixture_file_upload, a posted
ActionDispatch::Http::UploadedFile should not be paramified (just like
Rack::Test::UploadedFile).
(Rack::Test::UploadedFile and ActionDispatch::Http::UploadedFile don't
share the same API, tempfile is not accessible on
Rack::Test::UploadedFile as discussed in
https://github.com/brynary/rack-test/issues/30)
|
|
|
|
|
|
| |
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_controller/log_subscriber.rb
|
|
|
|
| |
file's path, so opening the file to set the response body is wasteful. Set a FileBody wrapper instead that responds to to_path and streams the file if needed.
|
| |
|
| |
|
|
|
|
| |
AbstractController::Callbacks
|
|
|
|
|
|
|
|
|
| |
dangerous especially with Rack::Cache), it should only be loaded when the flash method is called"
This reverts commits e3069c64b2c5ddc7a5789b55b8efd4902d9e9729 and 2b2983d76fd11efc219273036a612f47cfaa5bfa.
Reason: This add a non-backward compatible change in the way that flash
works now (swept in every request).
|
|
|
|
| |
fallback
|
|
|
|
| |
The role option identifies which parameters are accessible and should be wrapped. The default role is :default.
|
|
|
|
| |
dangerous especially with Rack::Cache), it should only be loaded when the flash method is called
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IE since version 6 and recently Chrome and Firefox have started following
302 redirects from XHR requests other than GET/POST using the original request
method. This can lead to DELETE requests being redirected amongst other things.
Although it doesn't directly affect the Rails framework since it doesn't return
a 302 redirect to any non-GET/POST request a note has been added to raise
awareness of the issue. Some references:
Original article from @technoweenie:
http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/
Hacker News discussion of the article:
http://news.ycombinator.com/item?id=2903493
WebKit bug report:
https://bugs.webkit.org/show_bug.cgi?id=46183
Firefox bug report and changeset:
https://bugzilla.mozilla.org/show_bug.cgi?id=598304
https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d
Chrome bug report:
http://code.google.com/p/chromium/issues/detail?id=56373
HTTPbis bug report and changeset:
http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160
http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428
Roy T. Fielding's history of the issue:
http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html
Automated browser tests for the issue:
http://www.mnot.net/javascript/xmlhttprequest/
Fixes #4144
(cherry picked from commit 24f143789a8989f3bccde14ff28067de25cafd87)
|
|
|
|
|
|
|
|
| |
(cherry picked from commit 7a80b69e00f68e673c6ceb5cc684aa9196ed3d9f)
Conflicts:
actionpack/test/controller/test_test.rb
|
|
|
|
| |
headers (and its causing problems for Strong Parameters attempt of wrapping request.parameters because it will change in testing)
|
|
|
|
| |
Strip null bytes from Location header
|
|
|
|
|
|
| |
This method has no effect since exception handling was
moved to middlewares and ActionController tests do not
use any middlewares.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
We should let the responder to decide what to do with the given
overridden response block, and not short circuit it.
Fixes #5280
|
|
|
|
|
|
| |
is being rendered
Closes #5025 part 2
|
| |
|
|
|
|
|
|
|
| |
This fixes undef `to_str' for Rack::Chunked::Body when using
caches_action + streaming on an action
Closes #5027
|
|
|
|
|
|
| |
`ActionController.force_ssl` redirects http URLs to their https equivalent;
however, when a URL contains a query string, the resulting redirect lacked the
original query string.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Default responder was only using the given respond block when user
requested for HTML format, or JSON/XML format with valid resource. This
fix the responder so that it will use the given block regardless of the
validity of the resource. Note that in this case you'll have to check
for object's validity by yourself in the controller.
Fixes #4796
|
| |
|
| |
|
|
|
|
|
| |
ActionController::ActionControllerError is already defined in
action_controller/metal/exceptions.
|
|
|
|
|
| |
Use the constants AbstractController::ActionNotFound and
AbstractController::DoubleRenderError respectively instead.
|
| |
|
| |
|
| |
|
| |
|