| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
| |
Session#fetch was mutating the session when given a default argument
and/or a block. Since Session duck-types as a Hash, it should behave
like one in these cases.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a route is mounted inside a resources block, it's automatically
prefixed, so a following code:
resources :users do
mount Blog::Engine => '/blog'
end
will generate a user_blog path helper.
In order to access engine helpers, we also use "mounted_helpers", a list
of helpers associated with each mounted engine, so a path to blog's post
can be generated using user_blog.post_path(user, post).
The problem I'm fixing here is that mount used a raw :as option, without
taking nestings into account. As a result, blog was added to a route set
as a `user_blog`, but helper was generated for just `blog`.
This commit applies the proper logic for defining a helper for a mounted
engine nested in resources or resource block.
(closes #8533)
|
| | |
|
| |
|
|
|
| |
Return Nil is implicit in a method and this syntax is used in the others
classes
|
| |
|
|
|
| |
Avoid one-liner conditionals when they are too big. Avoid concatenating
strings to build error messages. Improve messages a bit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default, variants in the templates will be picked up if a variant is set
and there's a match. The format will be:
app/views/projects/show.html.erb
app/views/projects/show.html+tablet.erb
app/views/projects/show.html+phone.erb
If request.variant = :tablet is set, we'll automatically be rendering the
html+tablet template.
In the controller, we can also tailer to the variants with this syntax:
class ProjectsController < ActionController::Base
def show
respond_to do |format|
format.html do |html|
@stars = @project.stars
html.tablet { @notifications = @project.notifications }
html.phone { @chat_heads = @project.chat_heads }
end
format.js
format.atom
end
end
end
The variant itself is nil by default, but can be set in before filters, like
so:
class ApplicationController < ActionController::Base
before_action do
if request.user_agent =~ /iPad/
request.variant = :tablet
end
end
end
This is modeled loosely on custom mime types, but it's specifically not
intended to be used together. If you're going to make a custom mime type,
you don't need a variant. Variants are for variations on a single mime
types.
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| | |
* master-sec:
Deep Munge the parameters for GET and POST
Stop using i18n's built in HTML error handling.
Ensure simple_format escapes its html attributes
Escape the unit value provided to number_to_currency
Only use valid mime type symbols as cache keys
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The previous implementation of this functionality could be accidentally
subverted by instantiating a raw Rack::Request before the first Rails::Request
was constructed.
Fixes CVE-2013-6417
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A path redirect may contain any and all parts of a url which have different
escaping rules for each part. This commit tries to escape each part correctly
by splitting the string into three chunks - path (which may also include a host),
query and fragment; then it applies the correct escape pattern to each part.
Whilst using `URI.parse` would be better, unfortunately the possible presence
of %{name} parameters in the path redirect string prevents us from using it so
we have to use a regular expression instead.
Fixes #13110.
|
| | |
|
| |
|
|
|
| |
This commit makes it really easy to debug errors due to typos like
"assert_response :succezz".
|
| |\
| |
| |
| |
| |
| | |
Conflicts:
activesupport/lib/active_support/core_ext/hash/deep_merge.rb
activesupport/lib/active_support/core_ext/hash/keys.rb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
According to our guideline, we leave 1 space between `#` and `=>`, so we
want `# =>` instead of `#=>`.
Thanks to @fxn for the suggestion.
[ci skip]
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 5a19346d2855ecb1c791cdef3af92589566d00db, reversing
changes made to d82588ee4756b03025813b3997f4db171ee0fcdc.
This argument is being used in the view
https://github.com/rails/rails/blob/5a19346d2855ecb1c791cdef3af92589566d00db/actionpack/lib/action_dispatch/journey/visualizer/index.html.erb#L4
It is being set using the binding
https://github.com/rails/rails/blob/5a19346d2855ecb1c791cdef3af92589566d00db/actionpack/lib/action_dispatch/journey/gtg/transition_table.rb#L108
|
| | | |
|
| | |
| |
| |
| | |
This commit fixes formatting issue for `rake routes` task, when a section is shorter than a header.
|
| | |
| |
| |
| | |
Only set the value once after it's calculated.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/
|/| |
Improve Errors when Controller Name or Action isn't specfied
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These errors occur when, there routes are wrongly defined.
example, the following line would cause a missing :action error
root "welcomeindex"
Mostly beginners are expected to hit these errors, so lets improve the error message a bit to make their learning experience bit better.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
JSON.{dump,generate} offered by the JSON gem is not compatiable with
Rails at the moment and can cause a lot of subtle bugs when passed
certain data structures. This changed all direct usage of the JSON gem
in internal Rails code to always go through AS::JSON.{decode,encode}.
We also shouldn't be implementing `to_json` most of the time, and
these occurances are replaced with an equivilent `as_json`
implementation to avoid problems down the road.
See [1] for all the juicy details.
[1]: intridea/multi_json#138 (comment)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
sebasoga/change_strong_parameters_require_behaviour"
This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing
changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90.
See: https://github.com/rails/rails/pull/9660#issuecomment-27627493
|
| |\
| |
| |
| |
| | |
sebasoga/change_strong_parameters_require_behaviour
Change ActionController::Parameters#require behavior when value is empty
|
| | |
| |
| |
| |
| | |
When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading.
With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty.
|
| | |
| |
| | |
Same as 4d4ff531b8807ee88a3fc46875c7e76f613956fb
|
| | | |
|
| | |
| |
| | |
This increase the readability within the rescue block.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Example:
# application routes.rb
mount BlogEngine => '/blog'
# engine routes.rb
get '/admin' => redirect('admin/dashboard')
This now redirects to the path `/blog/admin/dashboard`, whereas before it
would've generated an invalid url because there would be no slash between
the host name and the path. It also allows redirects to work where the
application is deployed to a subdirectory of a website.
Fixes #7977
|
| |\ \
| | |
| | |
| | | |
tamird-fix-ip-spoof-errors
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Thread safety fixes
|
| | | | |
| | | |
| | | |
| | | | |
From now on only the `[]=` method is allowed to modify the internal states hashes.
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The documentation is showing the link_to method as just returning
the contents of the url_for method. It should be returning an
"<a>" tag with the correct href set.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
Onf of the sides can be nil and it will raise a Conversion error
|
| |\ \ \ \
| | | | |
| | | | |
| | | | | |
Adding documentation and tests to ``polymorphic_url`` and ``link_to``
|
