aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller
Commit message (Collapse)AuthorAgeFilesLines
...
* Missing require hash/keysAkira Matsuda2013-02-012-0/+3
|
* Missing or unneeded require extract_optionsAkira Matsuda2013-02-012-0/+2
|
* Use \A in RegexpsEgor Homakov2013-02-011-1/+1
| | | | | So, if there is redirect_to params[:q] i can send ?q=javascript:asdf()%0A/localpath Or something more nasty, so please use \A
* Remove caching_allowed? from ActionController::CachingMichiel Sikkes2013-01-281-4/+0
| | | | | Where is this used? No other code references to this method and it isn't being tested anywhere. No tests fail when commented out.
* Merge pull request #9032 from firmhouse/head-breaks-csrfSantiago Pastorino2013-01-281-2/+2
|\ | | | | Make HEAD work / convert to GET once more
| * Added request.head? to forgery protection codeMichiel Sikkes2013-01-221-2/+2
| |
* | Add keys/values methods to TestSessionCarlos Antonio da Silva2013-01-251-0/+8
| | | | | | | | Bring back the same API we have with Request::Session.
* | Integrate Action Pack with Rack 1.5Carlos Antonio da Silva2013-01-252-4/+18
| | | | | | | | | | | | All ActionPack and Railties tests are passing. Closes #8891. [Carlos Antonio da Silva + Santiago Pastorino]
* | ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051]Xavier Noria2013-01-231-2/+5
|/
* Only check for unpermmited parameters ifRafael Mendonça França2013-01-221-1/+1
| | | | action_on_unpermitted_parameters is present
* avoid creating an object in every callXavier Noria2013-01-221-1/+2
| | | | This was a suggestion of @carlosantoniodasilva, thanks!
* Refactor grep call to remove .eachCarlos Antonio da Silva2013-01-201-1/+1
| | | | Grep already yields the matching keys to the given block.
* Use 1.9 hash style in docs/comments [ci skip]Carlos Antonio da Silva2013-01-201-3/+3
|
* Removing warning: shadowing outer local variable Arun Agrawal2013-01-201-3/+3
|
* strong parameters filters permitted scalarsXavier Noria2013-01-201-22/+92
|
* Restore and adapt the implementation reverted atRafael Mendonça França2013-01-192-29/+58
| | | | | | https://github.com/rails/rails/commit/cc1c3c5be061e7572018f734e5239750ab449e3f Now instead of raise, we log by default in development and test
* Added ability to raise or log on unpermitted params.Thomas Drake-Brockman2013-01-202-6/+34
|
* Revert "Merge pull request #8989 from robertomiranda/use-rails-4-find-by"Guillermo Iguaran2013-01-182-3/+3
| | | | | This reverts commit 637a7d9d357a0f3f725b0548282ca8c5e7d4af4a, reversing changes made to 5937bd02dee112646469848d7fe8a8bfcef5b4c1.
* User Rails 4 find_byrobertomiranda2013-01-182-3/+3
|
* Remove useless || operationCarlos Antonio da Silva2013-01-171-2/+1
|
* Deprecate direct calls to AC::RecordIdentifier.dom_id and dom_classCarlos Antonio da Silva2013-01-161-5/+17
| | | | Also add some generic tests to ensure they're properly deprecated.
* strong parameters exception handlingBrian Alexander2013-01-151-6/+0
|
* Revert "log at debug level what line caused the redirect_to"Carlos Antonio da Silva2013-01-151-1/+0
| | | | | | | | This reverts commit 3fa00070047b5d019d39e691598ee2890283d052. Reason: This message is usually not accurate and annoying: Redirected by ~/.rbenv/versions/1.9.3-p327-perf/lib/ruby/1.9.1/logger.rb:371:in `add'`
* Merge pull request #8876 from senny/extract_performance_testsGuillermo Iguaran2013-01-101-3/+0
|\ | | | | Extract ActionDispatch::PerformanceTest
| * extract PerformanceTest into rails-performance_tests gemYves Senn2013-01-101-3/+0
| |
* | Merge pull request #8821 from jamis/masterRafael Mendonça França2013-01-101-5/+1
|\ \ | |/ |/| | | | | | | | | Evaluate view_cache_dependencies at the instance level Conflicts: actionpack/lib/action_controller/caching.rb
| * evaluate the dependency blocks at the instance level, not class levelJamis Buck2013-01-081-5/+1
| |
* | Fix typo in deprecation warningNathaniel Jones2013-01-091-1/+1
| |
* | Fix warning: & interpreted as argument prefixCarlos Antonio da Silva2013-01-081-1/+1
| |
* | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-01-094-10/+10
|\ \ | |/ |/| | | | | Conflicts: guides/source/getting_started.md
| * prefer american spelling of 'behavior'Gosha Arinich2013-01-071-1/+1
| |
| * HTTP 302 means Found, not MovedChase DuBois2013-01-051-1/+1
| |
| * PUT => PATCHAkira Matsuda2013-01-031-1/+1
| |
| * find_or_create_by is deprecated in AR 4Akira Matsuda2013-01-021-3/+3
| |
| * Model.scoped is deprecated in favour of Model.allAkira Matsuda2013-01-021-4/+4
| |
* | view_cache_dependency APIJamis Buck2013-01-081-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | A declarative API for specifying dependencies that affect template cache digest computation. In your controller, specify any of said dependencies: view_cache_dependency { "phone" if using_phone? } When the block is evaluated, the resulting value is included in the cache digest calculation, allowing you to generate different digests for effectively the same template. (Mostly useful if you're mucking with template load paths.)
* | Revert "unpermitted params" exception -- it's just not going to work. See ↵David Heinemeier Hansson2013-01-082-59/+11
| | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75.
* | Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-081-6/+15
| |
* | improve StrongParameters documentation [ci skip]Francesco Rodriguez2013-01-071-8/+7
| |
* | Reduce number of Strings a bitAkira Matsuda2013-01-071-1/+1
| |
* | Namespace HashWithIndifferentAccessAkira Matsuda2013-01-071-1/+1
| |
* | These are already required through AS/railsAkira Matsuda2013-01-063-4/+0
| | | | | | | | | | | | | | * core_ext/object/blank * concern * core_ext/class/attribute * deprecation
* | Wrong copy and paste :bomb:Rafael Mendonça França2013-01-051-1/+1
| | | | | | | | [ci skip]
* | Add documentation to raise_on_unpermitted_parameters optionRafael Mendonça França2013-01-051-2/+17
| | | | | | | | [ci skip]
* | Rename the configuration to raise_on_unpermitted_parametersRafael Mendonça França2013-01-052-11/+13
| | | | | | | | Also changed the exception to UnpermittedParameters
* | Ensure that raise_on_unexpected_params configuration will workRafael Mendonça França2013-01-051-9/+7
| |
* | Allow developers to enable raising of exception when unexpected params are ↵Thomas Drake-Brockman2013-01-052-6/+31
| | | | | | | | provided.
* | Change docs to use update instead of update_attributesAmparo Luna + Guillermo Iguaran2013-01-031-2/+2
|/
* Inherit from MiniTest::Unit::TestCase instead of MiniTest::SpecRafael Mendonça França2012-12-311-7/+0
|
* charset should not be appended for `head` responsesYves Senn2012-12-311-0/+1
| | | | | | | 1) Failure: test_head_created_with_image_png_content_type(RenderTest) [test/controller/render_test.rb:1238]: Expected: "image/png" Actual: "image/png; charset=utf-8"