| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| | |
Conflicts:
actionpack/lib/action_controller/metal/mime_responds.rb
actionview/lib/action_view/vendor/html-scanner/html/sanitizer.rb
activerecord/lib/active_record/type/value.rb
|
| |
| |
| |
| | |
[skip ci]
|
|\ \
| | |
| | |
| | | |
Use #model_name on instances instead of classes
|
| | |
| | |
| | |
| | |
| | |
| | | |
This allows rails code to be more confdent when asking for a model name, instead of having to ask for the class.
Rails core discussion here: https://groups.google.com/forum/#!topic/rubyonrails-core/ThSaXw9y1F8
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
Conflicts:
actionpack/CHANGELOG.md
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
respond_with (and consequently the class-level respond_to)
are being removed from Rails. Instead of moving it to a 3rd
library, the functionality will be moved to responders gem
(at github.com/plataformatec/responders) which already provides
some responders extensions.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
New default: the template digest is automatically included in your ETags.
When you call `fresh_when @post`, the digest for `posts/show.html.erb`
is mixed in so future changes to the HTML will blow HTTP caches for you.
This makes it easy to HTTP-cache many more of your actions.
If you render a different template, you can now pass the `:template`
option to include its digest instead:
fresh_when @post, template: 'widgets/show'
Pass `template: false` to skip the lookup. To turn this off entirely, set:
config.action_controller.etag_with_template_digest = false
|
| |\ \ \
| | | | |
| | | | | |
Fixes to ActionController::TemplateAssertions
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The test was not failing for `assert_template file: nil` when a file
has been rendered.
|
| |/ / / |
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Conflicts:
actionpack/CHANGELOG.md
actionpack/test/controller/integration_test.rb
actionview/CHANGELOG.md
|
| | | |
| | | |
| | | |
| | | | |
This follows the good practice listed on http://guides.rubyonrails.org/debugging_rails_applications.html#impact-of-logs-on-performance.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
The latest modification to the code was done in https://github.com/rails/rails/commit/5e3517ea. In Rails 3.2,
`ActionController#rescue_action` was deprecated and `rescue_action_without_handler` is no longer being used.
|
| | | | |
|
| | |/
| |/|
| | |
| | |
| | | |
we know that this call only wants the path returned, so lets call a
method that returns the path.
|
| |\ \
| | | |
| | | |
| | | |
| | | | |
Conflicts:
guides/source/testing.md
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
[ci skip]
|
| | | |
| | | |
| | | |
| | | | |
See https://github.com/rails/rails/pull/16234#commitcomment-7115670.
|
| | | |
| | | |
| | | |
| | | | |
Fixes https://github.com/rails/rails/issues/16119.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The Logger by default includes a guard which checks for the
logging level. By removing the custom logging guards, we can decouple
the logging guard from the logging action to be done.
This also follows the good practice listed on http://guides.rubyonrails.org/debugging_rails_applications.html#impact-of-logs-on-performance.
|
| |/ /
| | |
| | |
| | | |
Closes #16170
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
`render nothing: true` or rendering a `nil` body no longer add a single
space to the response body.
The old behavior was added as a workaround for a bug in an early version of
Safari, where the HTTP headers are not returned correctly if the response
body has a 0-length. This is been fixed since and the workaround is no
longer necessary.
Use `render body: ' '` if the old behavior is desired.
|
| | |
| | |
| | |
| | | |
We can just use nokogiri
|
|\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | | |
Loofah-integration
Conflicts:
actionpack/CHANGELOG.md
actionview/CHANGELOG.md
|
| | |
| | |
| | |
| | | |
Rails::Dom::Testing::Assertions there as well.
|
| | | |
|
| | |
| | |
| | |
| | | |
abstract_unit.rb.
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
gcampbell-rosetta_flash
* 'rosetta_flash' of https://github.com/gcampbell/rails:
Address CVE-2014-4671 (JSONP Flash exploit)
Conflicts:
actionpack/CHANGELOG.md
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Adds a comment before JSONP callbacks. See
http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/ for more
details on the exploit in question.
|
|/ / / |
|
|\ \ \
| | | |
| | | | |
Remove symbolized_path_parameters.
|
| | | |
| | | |
| | | |
| | | | |
This pull request is a continuation of https://github.com/rails/rails/commit/925bd975 and https://github.com/rails/rails/commit/8d8ebe3d.
|
|\ \ \ \
| | | | |
| | | | | |
Improve token_and_options regex and test
|
| |/ / /
| | | |
| | | |
| | | | |
add a test case to test the regex for the helper method raw_params
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
The controller can set the response format as 'JSON' before the renderer code be
evaluated, so we must replace it when necessary.
Fixes #15081
|
|\ \ \
| |_|/
|/| |
| | |
| | |
| | | |
Add always permitted parameters as a configurable option.
[Rafael Mendonça França + Gary S. Weaver]
|
| | |
| | |
| | |
| | |
| | |
| | | |
* General style fixes.
* Add changes to configuration guide.
* Add missing tests.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* This commit adds back the always_permitted_parameters
configuration option to strong paramaters.
* The initial pull requests where this feature was added
are the following:
- https://github.com/rails/rails/pull/12682
- https://github.com/rails/strong_parameters/pull/174
|
| | |
| | |
| | |
| | |
| | | |
Need to add individual `:nodoc:` for nested classes / modules to completely
remove the constants from the API.
|