aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware
Commit message (Collapse)AuthorAgeFilesLines
* Change useless tr to gsubrobertomiranda2013-03-061-2/+2
|
* change useless gsub to trrobertomiranda2013-03-052-3/+3
|
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-02-262-2/+2
|\
| * Typo fix.Carson McDonald2013-02-211-1/+1
| |
| * improve grammar describing ActionDispatch::Cookies::CookieJar#deleteWeston Platter2013-02-191-1/+1
| |
| * improve grammar describing ActionDispatch::Cookies::CookieJar#deleteWeston Platter2013-02-191-1/+1
| |
* | Remove XML Parser from ActionDispatchPrem Sichanugrist2013-02-201-23/+3
| | | | | | | | | | If you want an ability to parse XML parameters, please install `actionpack-xml_parser` gem.
* | InvalidMessage is in ActiveSupport::MessageEncryptor namespaceSantiago Pastorino2013-02-191-1/+1
| | | | | | | | Closes #9302
* | Gist URLs are now namespacedAkira Matsuda2013-02-181-1/+1
| | | | | | | | see: https://github.com/blog/1406-namespaced-gists
* | Return false on toggle on error pagesBartlomiej Kozal2013-02-172-6/+7
|/
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-02-151-1/+1
|\ | | | | | | | | Conflicts: guides/source/upgrading_ruby_on_rails.md
| * Fix typo.Carson McDonald2013-02-111-1/+1
| | | | | | | | [ci skip]
* | Add missing require to APCarlos Antonio da Silva2013-02-081-0/+1
| |
* | Fix #9168 Initialize NullCookieJar with all options needed for KeyGeneratorAndrey Chernih2013-02-081-4/+8
|/
* Remove BestStandardsSupport middlewareGuillermo Iguaran2013-01-291-30/+0
|
* Use Encoding::UTF_8 constant :do_not_litter:Akira Matsuda2013-01-281-1/+1
|
* add fetch to CookieJarAaron Patterson2013-01-271-0/+4
|
* In Browser Path Matching with Javascriptschneems2013-01-202-11/+99
| | | | | | | | | | | When debugging routes ,it can sometimes be difficult to understand exactly how the paths are matched. This PR adds a JS based path matching widget to the `/rails/info/routes` output. You can enter in a path, and it will tell you which of the routes that path matches, while preserving order (top match wins). The matching widget in action: ![](http://f.cl.ly/items/3A2F0v2m3m1Z1p3P3O3k/path-match.gif) Prior to this PR the only way to check matching paths is via mental math, or typing in a path in the url bar and seeing where it goes. This feature will be an invaluable debugging tool by dramatically decreasing the time needed to check a path match. ATP actionpack
* Merge pull request #8958 from balexand/strong_parameters_exception_handlingRafael Mendonça França2013-01-151-1/+2
|\ | | | | Strong parameters exception handling
| * strong parameters exception handlingBrian Alexander2013-01-151-1/+2
| |
* | Remove header bloat introduced by BestStandardsSupport middlewareEdward Anderson2013-01-151-1/+3
|/ | | | The same headers were being duplicated on every request.
* Fix regression introduced in pull request 8812Sam Ruby2013-01-111-1/+2
| | | | See https://github.com/rails/rails/pull/8812#commitcomment-2416514
* Fix json params parsing regression for non-object JSON content.Dylan Smith2013-01-111-2/+2
| | | | Fixes #8845.
* Merge pull request #8824 from mjtko/fix/cookie-store-inheritanceSantiago Pastorino2013-01-082-5/+26
|\ | | | | Modify CookieStore middleware inheritance to avoid subclassing Rack::Session::Cookie [Fix for #7372]
| * Revert cb3181e - no longer required.Mark J. Titorenko2013-01-081-2/+0
| |
| * Fix CookieStore middleware inheritance hierarchy s.t. it inherits from ↵Mark J. Titorenko2013-01-081-3/+26
| | | | | | | | Rack::Session::Abstract::ID rather than Rack::Session::Cookie.
* | remove yaml as a param parser :burn:Aaron Patterson2013-01-081-2/+0
| | | | | | | | | | If you revert this commit, I will hunt you down, I will make you regret ever terrible thing you've ever done, I will make you suffer.
* | * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-081-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* | Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-081-2/+2
| | | | | | | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* | Merge branch 'master-sec'Aaron Patterson2013-01-081-2/+2
|\ \ | | | | | | | | | | | | | | | * master-sec: CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
| * | * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-01-092-9/+17
|\ \ \ | | | | | | | | | | | | | | | | Conflicts: guides/source/getting_started.md
| * | | extract alert= and notice= examples to FlashHash#now [ci skip]Francesco Rodriguez2013-01-031-17/+15
| | | |
| * | | Add examples `alert=` and `notice=`, using memeslambda_2013-01-031-0/+10
| | | |
| * | | Change `Example for` to `Example of`lambda_2013-01-031-2/+2
| | | |
* | | | Eliminate Rack::File headers deprecation warningSam Ruby2013-01-081-1/+1
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | See http://intertwingly.net/projects/AWDwR4/checkdepot/section-6.1.html rake test produces: "Rack::File headers parameter replaces cache_control after Rack 1.5." Despite what the message says, it appears that the hearders parameter change will be effective as of Rack 1.5: https://github.com/rack/rack/blob/rack-1.4/lib/rack/file.rb#L24 https://github.com/rack/rack/blob/master/lib/rack/file.rb#L24
* | | Avoid Rack security warning no secret providedSantiago Pastorino2013-01-081-0/+2
| |/ |/| | | | | This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
* | refactor ShowExceptions' #call to use def-rescue instead of begin-rescueGosha Arinich2013-01-071-7/+4
| |
* | remove begin-rescue in favor of def-rescueGosha Arinich2013-01-071-10/+9
| |
* | Fix operators precedence issueRafael Mendonça França2013-01-061-1/+1
| |
* | Merge pull request #8787 from tank-bohr/masterRafael Mendonça França2013-01-061-2/+2
|\ \ | | | | | | masgn and response variable
| * | return multiple assingment and response variabletank-bohr2013-01-071-2/+2
| | |
* | | Merge pull request #8785 from goshakkk/refactor-debug-exceptionsRafael Mendonça França2013-01-061-2/+1
|\ \ \ | |/ / |/| | Refactor DebugExceptions
| * | refactor DebugExceptions by combining two conditionals into oneGosha Arinich2013-01-071-2/+1
| | |
* | | Reduce number of Strings a bitAkira Matsuda2013-01-071-3/+3
|/ /
* | fix for rbxtank-bohr2013-01-071-2/+2
| | | | | | | | | | | | | | | | | | Rubinius returns a boolean after such assingment response = (_, headers, body = @app.call(env)) see https://github.com/rubinius/rubinius/issues/2117 get rid of a local variable
* | Rename route_wrapper partial layout to tableCarlos Antonio da Silva2013-01-061-0/+0
| | | | | | | | | | | | It is used by the table formatter only, and it's already inside a routes directory that namespaces it properly, so calling it just "table" seems simpler.
* | Move table routes formatter class to the inspector and rename itCarlos Antonio da Silva2013-01-062-19/+1
| | | | | | | | | | | | | | It feels more consistent to have this class called "HtmlTableFormatter", and to have it here with the routes inspector and console formatter, since it's used for both routing error exceptions and the rails info page.
* | Remove suggestion that Procs can be used as session secrets.James Coglan2013-01-051-7/+4
| |
* | Close container div tag in routing error pageCarlos Antonio da Silva2013-01-051-9/+11
| |