aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_view/helpers/form_tag_helper.rb
Commit message (Collapse)AuthorAgeFilesLines
* Switch to on-by-default XSS escaping for rails.Michael Koziarski2009-10-081-3/+3
| | | | | | | | | | | | This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration.
* Add :include_blank option for select_tag [#1987 status:resolved]rizwanreza2009-08-081-0/+7
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* remove duplicate call to stringify_keys [#2587 status:resolved]Steve St. Martin2009-08-081-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Patch FormTagHelper so that when a form tag is created, the div which holds ↵Elliot Winkler2009-07-011-2/+2
| | | | | | the form authenticity token is set to display:inline [#2846 state:resolved] Signed-off-by: Yehuda Katz + Carl Lerche <ykatz+clerche@engineyard.com>
* Make text_area_tag escape contents by default.Chris Mear2009-06-271-0/+5
| | | | | Signed-off-by: Michael Koziarski <michael@koziarski.com> [#2015 state:committed]
* Sanitized the id generated by text_area_tag helper method. ↵Stephen Anderson2009-06-091-1/+1
| | | | | | text_area_tag('item[description]') should return: <textarea id="item_description" name="item[description]"></textarea> instead of: <textarea id="item[description]" name="item[description]"></textarea> The old id was causing HTML validation failures. Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Add explicit requirement in a few cases it was missing.Yehuda Katz2009-06-021-0/+1
| | | TODO: Come up with the minimal core and remove all of these
* fix for IE incompatibility of :disable_with in submit_tagHan Kessels2009-06-011-1/+2
| | | | Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Merge docrailslifo2009-04-171-1/+1
|
* submit_tag with confirmation and disable_with [#660 state:resolved]Lawrence Pit2009-03-071-2/+2
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Fixed that FormTagHelper generates illegal html if name contains e.g. square ↵Vladimir Dobriakov2008-11-041-4/+10
| | | | | | brackets [#1238 state:committed] Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
* Ensure select_tag#name attribute uses [] when :multiple is true. [#1146 ↵Andrew Kaspick2008-10-071-3/+4
| | | | | | state:resolved] Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Add options to field_set_tagAndrew Kaspick2008-09-291-2/+8
| | | | | Signed-off-by: Michael Koziarski <michael@koziarski.com> [#1116 state:committed]
* Added image_submit_tag confirm option [status:committed #784]Alastair Brunton2008-09-101-0/+10
| | | | Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
* The FormTagHelper#submit_tag helper will now pass along the original value ↵Jose Fernandez2008-09-101-10/+7
| | | | | | of the submit button to the params if the :disable_with option is used [status:committed #633] Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
* Merge docrailsPratik Naik2008-09-031-2/+2
|
* Fix that label_tag doesn't take a symbol for a name. [#719 state:resolved]Jan De Poorter2008-07-291-1/+1
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Ensure proper output when submit_tag is used with :disabled_with. [#388 ↵Scott Stewart2008-07-021-2/+4
| | | | | | state:resolved] Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Check whether blocks are called from erb using a special __in_erb_template ↵Jeremy Kemper2008-06-191-22/+22
| | | | variable visible in block binding.
* Don't pass block binding to concatJeremy Kemper2008-06-021-7/+7
|
* Merge docrails.Pratik Naik2008-05-251-4/+4
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Merge docrails:Pratik Naik2008-05-091-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit e6afd8b2736364322b673bbdcca3e9b38b6d3da0 Author: Xavier Noria <fxn@hashref.com> Date: Thu May 8 23:49:36 2008 +0200 Overall documentation improvement and markup corrections. Zillion changes. commit 2fead68b3192332eee27945ed95a94a64ca73f70 Author: Austin Putman <austin@emmanuel.local> Date: Wed May 7 19:35:46 2008 -0700 Documented class methods on ActionController::Routing. These are dangerous, and mostly used for testing. commit f5b84182dbc39bea79c8ee319c688d00fa99f9d1 Author: Teflon Ted <github@rudiment.net> Date: Wed May 7 16:08:49 2008 -0400 Added explanation about errant inflections not being patched in the future in order to avoid breaking legacy applications. commit 370f4f51722cec49ace17093d29e9ce9e8f15cfb Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 14:00:59 2008 +0200 Applied list conventions in AR::Base commit 5bd18429f09d44e75191bec42a6db04bd33f3030 Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 13:53:35 2008 +0200 Renamed Options list to Attributes list whenever they weren't option hashes in AR::Base commit d912bd5672316454457ae83f6e9dda5197beeb6f Author: Yaroslav Markin <yaroslav@markin.net> Date: Wed May 7 13:50:28 2008 +0400 Add a filter_parameter_logging usage hint to generated ApplicationController. This may help to remind the developer to filter sensitive information from application logs. Closes #11578 commit b243de0db3c2605121e055079854af5090d06374 Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:39:47 2008 -0700 doc: disambiguating an example ActiveRecord class commit f81d771f0657ae8375b84a77a059812cce5d6fd9 Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:35:05 2008 -0700 doc: ActiveRecord::Reflection::AssociationReflection#through_reflection Added documentation demonstrating the use of #through_reflection for finding intervening reflection objects for HasManyThrough and HasOneThrough. commit ae6b46f00b5b8b2939c6b37ce3329c83de7e71db Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:47:41 2008 +0800 Document AttributeAssignmentError and MultiparameterAssignmentErrors. commit 8f463550b597db2156b67733f31aed13487fbc3a Author: John Barnette <jbarnette@gmail.com> Date: Tue May 6 22:46:44 2008 -0700 Killing/fixing a bunch of outdated language in the AR README. commit aca44bcd92ef783abdf484b58abdde6786db0f89 Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:34:52 2008 +0800 Make a note about ActiveResource::Timeouterror being raised when ARes calls timeout. commit 284a930a93fbee16e25d06392779dbf2f03e9e12 Author: Jonathan Dance <jd@wuputah.com> Date: Tue May 6 14:58:26 2008 -0400 improvements to the page caching docs commit 9482da621390c874da7c921c8bd6230caae7035a Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 18:13:40 2008 +0200 validates_numericality_of() "integer" option really is "only_integer" commit e9afd6790a8f530528f6597a7f59bb283be754f6 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:11:59 2008 +0200 Harmonized hash notation in AR::Base commit 67ebf14a91ffd970b582be4ff2991d691a9cf3e1 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:06:19 2008 +0200 Turned options into rdoc-lists in AR::Base commit 0ec7c0a41d889d4e5382b9dff72f1aaba89bf297 Author: Marshall Huss <mwhuss@Macbook.local> Date: Sun May 4 23:21:33 2008 -0400 Added information of how to set element_name in the case the user has a name confliction with an existing model Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Improve documentation coverage and markupXavier Noria2008-05-021-2/+3
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Added :confirm option to submit_tag (closes #11415) [miloops]David Heinemeier Hansson2008-03-241-2/+10
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9087 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix syntax errors in the documentation for image submit tag. Closes #11073 ↵Michael Koziarski2008-03-021-3/+3
| | | | | | [wharris] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8970 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Add label_tag helper for generating elements. Closes #10802 [DefV]Michael Koziarski2008-01-211-0/+18
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8685 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Docfix (closes #10256)David Heinemeier Hansson2007-11-251-2/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8203 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Disambiguate :size option for text area tag. Closes #8955 [redbeard]Marcel Molina2007-11-061-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8099 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Rename image_path path_to_image to avoid conflicting with named routes. ↵Michael Koziarski2007-10-191-1/+1
| | | | | | Closes #9924 [gbuesing] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7970 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Allow ability to disable request forgery protection, disable it in test mode ↵Rick Olson2007-09-281-2/+2
| | | | | | by default. Closes #9693 [lifofifo] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7668 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Rename some RequestForgeryProtection methods. The class method is now ↵Rick Olson2007-09-231-1/+1
| | | | | | #protect_from_forgery, and the default parameter is now 'authenticity_token'. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7596 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model ↵Rick Olson2007-09-231-2/+10
| | | | | | that verifies session-specific _tokens for non-GET requests. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7592 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Rename fieldset_tag to field_set_tag to follow the conventions from ↵David Heinemeier Hansson2007-09-091-3/+3
| | | | | | text_area and text_field [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7423 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Add fieldset_tag for generating fieldsets, closes #9477. [djanowski]Michael Koziarski2007-09-061-0/+22
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7413 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Allow symbols as nameDavid Heinemeier Hansson2007-06-281-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7151 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Massive documentation update for all helpers (closes #8223, #8177, #8175, ↵David Heinemeier Hansson2007-06-231-48/+251
| | | | | | #8108, #7977, #7972, #7971, #7969) [jeremymcanally] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7106 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Docfix (closes #8353)David Heinemeier Hansson2007-06-231-1/+7
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7105 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that radio_button_tag should generate unique ids (closes #3353) ↵David Heinemeier Hansson2007-06-231-1/+2
| | | | | | [BobSilva/rebecca/josh] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7093 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added that FormTagHelper#submit_tag will return to its original state if the ↵David Heinemeier Hansson2007-03-271-1/+3
| | | | | | submit fails and you're using :disable_with [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6480 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Deprecation: remove deprecated update_element_function, start_form_tag, and ↵Jeremy Kemper2007-03-131-8/+0
| | | | | | end_form_tag. Use RJS and form_tag instead. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6409 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that FormTagHelper#text_area_tag should disregard :size option if it's ↵David Heinemeier Hansson2007-03-031-1/+1
| | | | | | not a string [Brendon Davidson] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6300 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Set the original button value in an attribute of the button when using the ↵Jamis Buck2007-02-281-0/+1
| | | | | | :disable_with key with submit_tag git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6270 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* More Safari appeasementDavid Heinemeier Hansson2007-02-061-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6137 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Safari requires an explicit submitDavid Heinemeier Hansson2007-02-061-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6136 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix that FormTagHelper#submit_tag using :disable_with should trigger the ↵David Heinemeier Hansson2007-02-061-1/+6
| | | | | | onsubmit handler of its form if available [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6134 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Use a consistent load path to avoid double requires. Fix some scattered Ruby ↵Jeremy Kemper2007-01-281-1/+1
| | | | | | warnings. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6057 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Refactor #form_tag to allow easy extending. [Rick]Rick Olson2007-01-171-21/+37
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5972 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Premature commitDavid Heinemeier Hansson2006-11-301-5/+0
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5653 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that script/server running against Mongrel should tail the proper log ↵David Heinemeier Hansson2006-11-301-0/+5
| | | | | | regardless of the environment [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5652 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Use new deprecate syntax so that alternatives are given with the warningJamis Buck2006-10-241-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5358 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 09:59:41 +0000