aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #13345 from jeremy/get-csrfJeremy Kemper2013-12-171-13/+61
|\ | | | | CSRF protection from cross-origin <script> tags
| * CSRF protection from cross-origin <script> tagsJeremy Kemper2013-12-171-13/+61
| | | | | | | | Thanks to @homakov for sounding the alarm about JSONP-style data leaking
* | Some assorted fixes for the 4.1 release notes:Godfrey Chan2013-12-171-1/+1
|/ | | | | | | | | | | * Added release notes for secrets.yml and mentioned it in the highlights * Added release notes for Mailer previews and mentioned it in the highlights * Added release notes for Module#concerning * Removed mention for AV extraction from the highlights * Rearranged the major features to put highlighted features first * Various improvements and typo fixes [ci skip]
* Fix syntax error in redirect_to examplePhilipe Fatio2013-12-141-1/+1
| | | | | Without parenthesis, ruby assumes that curly braces denote the beginning of a block.
* Merge pull request #13293 from akshay-vishnoi/typoCarlos Antonio da Silva2013-12-121-1/+1
|\ | | | | Spelling and Grammar checks [ci skip]
| * Spelling and Grammar checksAkshay Vishnoi2013-12-121-1/+1
| |
* | Variants inline syntax documentation [ci skip]Łukasz Strzałkowski2013-12-121-0/+9
|/ | | | | | * Extend method documentation * Mention it in actionpack/CHANGELOG * Update release notes
* Merge pull request #13288 from dvsuresh/fix_typoDamien Mathieu2013-12-121-1/+1
|\ | | | | Fix typo in action_controller responder.rb [ci skip]
| * Fix typo in action_controller responder.rbdvsuresh2013-12-121-1/+1
| |
* | typos rectified [ci skip]Aayush khandelwal2013-12-121-1/+1
|/
* Inline variants syntaxŁukasz Strzałkowski2013-12-101-2/+24
| | | | | | | | | | | | | | | | | | | | | | | In most cases, when setting variant specific code, you're not sharing any code within format. Inline syntax can vastly simplify defining variants in those situations: respond_to do |format| format.js { render "trash" } format.html do |variant| variant.phone { redirect_to progress_path } variant.none { render "trash" } end end Becomes: respond_to do |format| format.js { render "trash" } format.html.phone { redirect_to progress_path } format.html.none { render "trash" } end
* Simplify @responses hash initializationŁukasz Strzałkowski2013-12-101-1/+2
| | | | | | | | | | | | | @responses hash needs to be initialized with mime types that we get from Collector#collect_mimes_from_class_level. Mime::Type class as key and nil as value. This need to happen before content negotiation. Before that, it was looping though mime types and executing mime-type-generated method inside collector (see AbstractController::Collector#generate_method_for_mime). That approach resulted in 2 unnecessary method calls for each mime type collected by Collector#collect_mimes_from_class_level. Now hash is initialized in place, without usage of Collector#custom method.
* Revert "Merge pull request #13235 from strzalek/variants-inline" -- needs a ↵David Heinemeier Hansson2013-12-081-15/+9
| | | | | | | little more work! This reverts commit 186161148a189839a1e0924043f068a8d155ce69, reversing changes made to cad9eb178ea5eec0e27d74e93518f4ed34e2f997.
* Merge pull request #13235 from strzalek/variants-inlineDavid Heinemeier Hansson2013-12-081-9/+15
|\ | | | | Inline syntax for variants
| * Inline variants syntaxŁukasz Strzałkowski2013-12-081-8/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In most cases, when setting variant specific code, you're not sharing any code within format. Inline syntax can vastly simplify defining variants in those sitiations: respond_to do |format| format.js { render "trash" } format.html do |variant| variant.phone { redirect_to progress_path } variant.none { render "trash" } end end ` Becomes: respond_to do |format| format.js { render "trash" } format.html.phone { redirect_to progress_path } format.html.none { render "trash" } end
| * Simplify @responses hash initializationŁukasz Strzałkowski2013-12-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | @responses hash needs to be initialized with mime types that we get from Collector#collect_mimes_from_class_level. Mime::Type class as key and nil as value. This need to happen before content negotiation. Before that, it was looping though mime types and executing mime-type-generated method inside collector (see AbstractController::Collector#generate_method_for_mime). That approach resulted in 2 unnecessary method calls for each mime type collected by Collector#collect_mimes_from_class_level. Now hash is initialized in place, without usage of Collector#custom method.
* | Require action_view explicitly in AC::BaseŁukasz Strzałkowski2013-12-081-0/+1
|/
* Variants can be declared without a block to signify their presence in the ↵David Heinemeier Hansson2013-12-071-1/+3
| | | | controller
* Allow code execution in case no variant has been set with variant.noneDavid Heinemeier Hansson2013-12-071-4/+5
|
* Merge pull request #13189 from strzalek/retain-ap-av-depJeremy Kemper2013-12-051-15/+3
|\ | | | | Retain ActionPack dependency on ActionView. Fixes #12979.
| * Retain ActionPack dependency on ActionViewŁukasz Strzałkowski2013-12-051-15/+3
| |
* | Improve a couple exception messages related to variants and mime typesCarlos Antonio da Silva2013-12-031-2/+4
| | | | | | | | | | Avoid one-liner conditionals when they are too big. Avoid concatenating strings to build error messages. Improve messages a bit.
* | Add nodoc to added VariantFilter classCarlos Antonio da Silva2013-12-031-3/+3
|/
* Action Pack VariantsŁukasz Strzałkowski2013-12-041-4/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default, variants in the templates will be picked up if a variant is set and there's a match. The format will be: app/views/projects/show.html.erb app/views/projects/show.html+tablet.erb app/views/projects/show.html+phone.erb If request.variant = :tablet is set, we'll automatically be rendering the html+tablet template. In the controller, we can also tailer to the variants with this syntax: class ProjectsController < ActionController::Base def show respond_to do |format| format.html do |html| @stars = @project.stars html.tablet { @notifications = @project.notifications } html.phone { @chat_heads = @project.chat_heads } end format.js format.atom end end end The variant itself is nil by default, but can be set in before filters, like so: class ApplicationController < ActionController::Base before_action do if request.user_agent =~ /iPad/ request.variant = :tablet end end end This is modeled loosely on custom mime types, but it's specifically not intended to be used together. If you're going to make a custom mime type, you don't need a variant. Variants are for variations on a single mime types.
* Cleanups in comment about conditionalGuillermo Iguaran2013-12-031-1/+2
|
* Merge branch 'format_localized_template' of https://github.com/acapilleri/railsGuillermo Iguaran2013-12-031-1/+1
|\ | | | | | | | | Conflicts: actionpack/CHANGELOG.md
| * Fix header Content-Type: #<Mime::NullType:...> in localized templateAngelo capilleri2013-12-031-1/+1
| | | | | | | | | | | | | | | | This PR fixes #13064 regression bug introduced by the #8085 Now in _process_format when the format is a Mime::NullType nothing is written in self.content_type. In this way the method Response#assign_default_content_type_and_charset can write the the default mime_type.
* | Use genderless pronouns in API docsGuillermo Iguaran2013-12-011-1/+1
|/
* Revert "Used Yield instead of block.call" -- this causes all of ↵David Heinemeier Hansson2013-11-141-2/+2
| | | | | | atom_feed_helper_test.rb to fail with "SystemStackError: stack level too deep". This reverts commit d3a1ce1cdc60d593de1682c5f4e3230c8db9a0fd.
* Merge pull request #12889 from kuldeepaggarwal/speed_upsRafael Mendonça França2013-11-141-2/+2
|\ | | | | Used Yield instead of block.call
| * Used Yield instead of block.callKuldeep Aggarwal2013-11-151-2/+2
| |
* | #presence usedAkshay Vishnoi2013-11-141-5/+1
| |
* | Remove order attribute from collectorLukasz Strzalkowski2013-11-101-4/+3
|/ | | | Ruby 1.8 legacy. Since 1.9 hash preserves insertion order. No need for additional array to achieve this
* calculate the ivars to remove in advance as a set and cache them in aAaron Patterson2013-11-061-3/+10
| | | | | | | constant. `view_assigns` can use the precalculated sets and remove instance variables without allocating any extra arrays
* Improve wording in AC::ParameterMissing error messageGuillermo Iguaran2013-11-021-1/+1
|
* Revert "Merge pull request #9660 from ↵Guillermo Iguaran2013-11-021-23/+9
| | | | | | | | | sebasoga/change_strong_parameters_require_behaviour" This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90. See: https://github.com/rails/rails/pull/9660#issuecomment-27627493
* Merge pull request #9660 from ↵Guillermo Iguaran2013-11-011-9/+23
|\ | | | | | | | | sebasoga/change_strong_parameters_require_behaviour Change ActionController::Parameters#require behavior when value is empty
| * Change ActionController::Parameters#require behavior when value is emptySebastian Sogamoso2013-03-111-9/+23
| | | | | | | | | | When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading. With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty.
* | Fix typo in method description in Responder classLin Reid2013-11-011-1/+1
| | | | | | | | Fixes a typo in the description for the call class method in Responder.
* | don't mutate hash with fetchDoug Cole2013-10-261-1/+8
| |
* | pass app config to controller helper proxyTima Maslyuchenko2013-10-241-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After this fix application config become available when calling helper outisde of view config/application.rb #... config.asset_host = 'http://mycdn.com' #... Somewhere else ActionController::Base.helpers.asset_path('fallback.png') # => http://mycdn.com/assets/fallback.png
* | Typo fix [ci skip]Arun Agrawal2013-10-091-1/+1
| | | | | | | | | | | | | | | | | | Fixing the typo which is formed a not required link. Check here http://api.rubyonrails.org/classes/ActionController/Base.html under paramters section keeping it under tt tag gets reverted here ec8ef1e1055c4e1598da13f49d30261f07f4a9b4
* | Fixing repond_with working directly on the options hashBlueHotDog2013-10-091-0/+1
| | | | | | | | | | | | | | | | This fixes an issue where the respond_with worked directly with the given options hash, so that if a user relied on it after calling respond_with, the hash wouldn't be the same. Fixes #12029
* | Strong parameters should permit nested number as key. Closes #12293kennyj2013-09-271-1/+5
| |
* | [ci skip] escape unintended url in docsChris Ciollaro2013-09-261-1/+1
| |
* | Fix regex used to find URI schemes in redirect_toDerek Prior2013-09-191-1/+1
| | | | | | | | | | The previous regex was allowing `_` in the URI scheme, which is not allowed by RFC 3986. This change brings the regex in line with the RFC.
* | Fix incorrect assert_redirected_to failure messageDerek Prior2013-09-191-19/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In some instances, `assert_redirected_to` assertion was returning an incorrect and misleading failure message when the assertion failed. This was due to a disconnect in how the assertion computes the redirect string for the failure message and how `redirect_to` computes the string that is actually used for redirection. I made the `_compute_redirect_to_loaction` method used by `redirect_to` public and call that from the method `assert_redirect_to` uses to calculate the URL. The reveals a new test failure due to the regex used by `_compute_redirect_to_location` allow `_` in the URL scheme.
* | NullSessionHash#destroy should be a no-opJonathan Baudanza2013-09-181-0/+3
| | | | | | | | Previously it was raising a NilException
* | Removing ActiveSupport::Concern, it's not neededAttila Domokos2013-09-131-2/+0
| |
* | Fixing comment typo in ActionController::BaseAttila Domokos2013-09-131-1/+1
| |