aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch
Commit message (Collapse)AuthorAgeFilesLines
...
* | | Fix mounting engines inside a resources blockPiotr Sarnacki2013-12-101-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a route is mounted inside a resources block, it's automatically prefixed, so a following code: resources :users do mount Blog::Engine => '/blog' end will generate a user_blog path helper. In order to access engine helpers, we also use "mounted_helpers", a list of helpers associated with each mounted engine, so a path to blog's post can be generated using user_blog.post_path(user, post). The problem I'm fixing here is that mount used a raw :as option, without taking nestings into account. As a result, blog was added to a route set as a `user_blog`, but helper was generated for just `blog`. This commit applies the proper logic for defining a helper for a mounted engine nested in resources or resource block. (closes #8533)
* | | Add Mime::Type.register "text/vcard", :vcf to the default list of mime typesDavid Heinemeier Hansson2013-12-051-0/+1
| | |
* | | remove nil in NullType#ref.Angelo capilleri2013-12-041-3/+1
| |/ |/| | | | | | | Return Nil is implicit in a method and this syntax is used in the others classes
* | Improve a couple exception messages related to variants and mime typesCarlos Antonio da Silva2013-12-031-5/+5
| | | | | | | | | | Avoid one-liner conditionals when they are too big. Avoid concatenating strings to build error messages. Improve messages a bit.
* | Action Pack VariantsŁukasz Strzałkowski2013-12-041-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default, variants in the templates will be picked up if a variant is set and there's a match. The format will be: app/views/projects/show.html.erb app/views/projects/show.html+tablet.erb app/views/projects/show.html+phone.erb If request.variant = :tablet is set, we'll automatically be rendering the html+tablet template. In the controller, we can also tailer to the variants with this syntax: class ProjectsController < ActionController::Base def show respond_to do |format| format.html do |html| @stars = @project.stars html.tablet { @notifications = @project.notifications } html.phone { @chat_heads = @project.chat_heads } end format.js format.atom end end end The variant itself is nil by default, but can be set in before filters, like so: class ApplicationController < ActionController::Base before_action do if request.user_agent =~ /iPad/ request.variant = :tablet end end end This is modeled loosely on custom mime types, but it's specifically not intended to be used together. If you're going to make a custom mime type, you don't need a variant. Variants are for variations on a single mime types.
* | Change deep_munge call to avoid deprecation warningCarlos Antonio da Silva2013-12-031-2/+2
| |
* | Merge branch 'master-sec'Aaron Patterson2013-12-031-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | * master-sec: Deep Munge the parameters for GET and POST Stop using i18n's built in HTML error handling. Ensure simple_format escapes its html attributes Escape the unit value provided to number_to_currency Only use valid mime type symbols as cache keys
| * | Deep Munge the parameters for GET and POSTMichael Koziarski2013-12-021-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | The previous implementation of this functionality could be accidentally subverted by instantiating a raw Rack::Request before the first Rails::Request was constructed. Fixes CVE-2013-6417
* | | Convert Mime::NullType in a singletonGuillermo Iguaran2013-12-031-1/+4
|/ /
* | Remove deprecated cattr_* requiresGenadi Samokovarov2013-12-033-3/+3
| |
* | Try to escape each part of a path redirect route correctlyAndrew White2013-12-021-8/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | A path redirect may contain any and all parts of a url which have different escaping rules for each part. This commit tries to escape each part correctly by splitting the string into three chunks - path (which may also include a host), query and fragment; then it applies the correct escape pattern to each part. Whilst using `URI.parse` would be better, unfortunately the possible presence of %{name} parameters in the path redirect string prevents us from using it so we have to use a regular expression instead. Fixes #13110.
* | [ci skip] Removing some gender sensitive object pronounsTejas Dinkar2013-12-021-2/+2
| |
* | Better error message for typos in assert_response argument.Victor Costan2013-11-251-0/+3
|/ | | | | This commit makes it really easy to debug errors due to typos like "assert_response :succezz".
* Merge remote-tracking branch 'docrails/master'Xavier Noria2013-11-241-1/+1
|\ | | | | | | | | | | Conflicts: activesupport/lib/active_support/core_ext/hash/deep_merge.rb activesupport/lib/active_support/core_ext/hash/keys.rb
| * Change syntax format for example returned valuesPrem Sichanugrist2013-11-111-1/+1
| | | | | | | | | | | | | | | | | | According to our guideline, we leave 1 space between `#` and `=>`, so we want `# =>` instead of `#=>`. Thanks to @fxn for the suggestion. [ci skip]
* | Revert "Merge pull request #12990 from vipulnsward/remove_visualizer_param"Rafael Mendonça França2013-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | This reverts commit 5a19346d2855ecb1c791cdef3af92589566d00db, reversing changes made to d82588ee4756b03025813b3997f4db171ee0fcdc. This argument is being used in the view https://github.com/rails/rails/blob/5a19346d2855ecb1c791cdef3af92589566d00db/actionpack/lib/action_dispatch/journey/visualizer/index.html.erb#L4 It is being set using the binding https://github.com/rails/rails/blob/5a19346d2855ecb1c791cdef3af92589566d00db/actionpack/lib/action_dispatch/journey/gtg/transition_table.rb#L108
* | Remove unused param `title`to `TransitionTable#visualizer`Vipul A M2013-11-221-1/+1
| |
* | Fix for routes taskSıtkı Bağdat2013-11-211-1/+2
| | | | | | | | This commit fixes formatting issue for `rake routes` task, when a section is shorter than a header.
* | Avoid hash lookups for building an array of required defaultsCarlos Antonio da Silva2013-11-151-2/+3
| | | | | | | | Only set the value once after it's calculated.
* | Get rid of useless temp variableCarlos Antonio da Silva2013-11-151-2/+1
| |
* | Set values instead of building hashes with single values for mergingCarlos Antonio da Silva2013-11-151-2/+2
| |
* | Take Hash with options inside Array in #url_forAndrey Ognevsky2013-11-151-0/+2
| |
* | avoiding next statementsAkshay Vishnoi2013-11-151-9/+12
| |
* | class methods moved to already defined class<<self blockAkshay Vishnoi2013-11-151-6/+6
| |
* | Merge pull request #12740 from gaurish/patch-1Rafael Mendonça França2013-11-101-2/+4
|\ \ | |/ |/| Improve Errors when Controller Name or Action isn't specfied
| * Improve Errors when Controller Name or Action isn't specfiedGaurish Sharma2013-11-051-2/+4
| | | | | | | | | | | | | | | | | | | | These errors occur when, there routes are wrongly defined. example, the following line would cause a missing :action error root "welcomeindex" Mostly beginners are expected to hit these errors, so lets improve the error message a bit to make their learning experience bit better.
* | Eliminate `JSON.{parse,load,generate,dump}` and `def to_json`Godfrey Chan2013-11-051-5/+3
|/ | | | | | | | | | | | | | | JSON.{dump,generate} offered by the JSON gem is not compatiable with Rails at the moment and can cause a lot of subtle bugs when passed certain data structures. This changed all direct usage of the JSON gem in internal Rails code to always go through AS::JSON.{decode,encode}. We also shouldn't be implementing `to_json` most of the time, and these occurances are replaced with an equivilent `as_json` implementation to avoid problems down the road. See [1] for all the juicy details. [1]: intridea/multi_json#138 (comment)
* :scissors: [ci skip]Carlos Antonio da Silva2013-11-041-3/+0
|
* Code style for privacy indentionDavid Heinemeier Hansson2013-11-031-8/+8
|
* Ensure backwards compability after the #deep_munge extractionDavid Heinemeier Hansson2013-11-031-0/+10
|
* Revert "Merge pull request #9660 from ↵Guillermo Iguaran2013-11-021-2/+1
| | | | | | | | | sebasoga/change_strong_parameters_require_behaviour" This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90. See: https://github.com/rails/rails/pull/9660#issuecomment-27627493
* Merge pull request #9660 from ↵Guillermo Iguaran2013-11-011-1/+2
|\ | | | | | | | | sebasoga/change_strong_parameters_require_behaviour Change ActionController::Parameters#require behavior when value is empty
| * Change ActionController::Parameters#require behavior when value is emptySebastian Sogamoso2013-03-111-1/+2
| | | | | | | | | | When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading. With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty.
* | Warnings removed for ruby trunkArun Agrawal2013-11-011-1/+1
| | | | | | Same as 4d4ff531b8807ee88a3fc46875c7e76f613956fb
* | add the fetch method to sessionsDamien Mathieu2013-10-291-0/+12
| |
* | Remove surprise if from show_exception middlewarePrem Sichanugrist2013-10-271-2/+5
| | | | | | This increase the readability within the rescue block.
* | Correct error in Utils.normalize_path that changed paths improperlyJosh Symonds2013-10-231-1/+1
| |
* | Respect `SCRIPT_NAME` when using `redirect` with a relative pathAndrew White2013-10-101-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Example: # application routes.rb mount BlogEngine => '/blog' # engine routes.rb get '/admin' => redirect('admin/dashboard') This now redirects to the path `/blog/admin/dashboard`, whereas before it would've generated an invalid url because there would be no slash between the host name and the path. It also allows redirects to work where the application is deployed to a subdirectory of a website. Fixes #7977
* | Merge branch 'fix-ip-spoof-errors' of https://github.com/tamird/rails into ↵Andrew White2013-09-301-1/+1
|\ \ | | | | | | | | | tamird-fix-ip-spoof-errors
| * | make sure both headers are set before checking for ip spoofingTamir Duberstein2013-06-041-1/+1
| | |
* | | Merge pull request #12398 from thedarkone/thread-safety-stuffRafael Mendonça França2013-09-282-13/+27
|\ \ \ | | | | | | | | Thread safety fixes
| * | | Make GTG::TransTable thread safe.thedarkone2013-09-281-12/+23
| | | | | | | | | | | | | | | | From now on only the `[]=` method is allowed to modify the internal states hashes.
| * | | Replace global Hash with TS::Cache.thedarkone2013-09-281-1/+4
| | | |
* | | | Merge branch 'master' of github.com:rails/docrailsVijay Dev2013-09-281-1/+1
|\ \ \ \ | |/ / / |/| | |
| * | | Fix link_to return valueEarl J St Sauver2013-09-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | The documentation is showing the link_to method as just returning the contents of the url_for method. It should be returning an "<a>" tag with the correct href set.
* | | | No need the else clauseRafael Mendonça França2013-09-241-2/+0
| | | |
* | | | Use join to concat the both side of the ASTRafael Mendonça França2013-09-241-1/+2
| | | | | | | | | | | | | | | | Onf of the sides can be nil and it will raise a Conversion error
* | | | Merge pull request #10773 from wangjohn/link_and_routing_optionsRafael Mendonça França2013-09-231-0/+13
|\ \ \ \ | | | | | | | | | | | | | | | Adding documentation and tests to ``polymorphic_url`` and ``link_to``
| * | | | Adding documentation to +polymorphic_url+wangjohn2013-06-131-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | concerning the options that it inherits from +url_for+. The way that +polymorhpic_url+ is built allows it to have options like +:anchor+, +:script_name+, etc. but this is currently not documented.
* | | | | Merge pull request #9155 from bogdan/route-formatterAndrew White2013-09-221-23/+23
|\ \ \ \ \ | | | | | | | | | | | | Rewrite Journey::Visitors::Formatter for performance