| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
html_safe
https://github.com/rails/rails/issues/447
https://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/6759-api-document-incorrect
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per the HTML 4.01 spec:
Buttons created with the BUTTON element function just like buttons
created with the INPUT element, but they offer richer rendering
possibilities: the BUTTON element may have content. For example, a
BUTTON element that contains an image functions like and may resemble
an INPUT element whose type is set to "image", but the BUTTON element
type allows content.
Since rich content is the main purpose of the <button> element, it makes
sense for the button_tag helper to accept a block.
http://www.w3.org/TR/html401/interact/forms.html#edef-BUTTON
http://dev.w3.org/html5/spec/the-button-element.html#the-button-element
Signed-off-by: Santiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
"submit" is the default value of the <button> element's type attribute
according to the HTML 4.01 and the HTML5 draft specs, so if button_tag
is going to have a default, type="submit" is a more sensible choice than
type="button".
http://www.w3.org/TR/html401/interact/forms.html#adef-type-BUTTON
http://dev.w3.org/html5/spec/the-button-element.html#attr-button-type
Signed-off-by: Santiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This tag is similar in nature to submit_tag, but allows more control.
It also doesn't submit if submit type isn't used, allowing JavaScript to
control the flow where required.
For more information: http://www.whatwg.org/specs/web-apps/current-work/multipage/the-button-element.html#the-button-element
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
This reverts commit e4283007d607454acf97301821ba1e1c417bdead.
|
|
|
|
| |
's/[ \t]*$//' -i {} \;)
|
| |
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
whether something has to be escaped
|
|
|
|
| |
Rationale: url_for is just a path/URL generator, it is the responsability of the caller to escape conveniently HTML needs it, JavaScript needs different escaping, a text mail needs no escaping at all, etc.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Specify accept-charset on all forms. All recent browsers,
as well as IE5+, will use the encoding specified for form
parameters
* Unfortunately, IE5+ will not look at accept-charset unless
at least one character in the form's values is not in the
page's charset. Since the user can override the default
charset (which Rails sets to UTF-8), we provide a hidden
input containing a unicode character, forcing IE to look
at the accept-charset.
* Now that the vast majority of web input is UTF-8, we set
the inbound parameters to UTF-8. This will eliminate many
cases of incompatible encodings between ASCII-8BIT and
UTF-8.
* You can safely ignore params[:_snowman_]
TODO:
* Validate inbound text to confirm it is UTF-8
* Combine the whole_form implementations in form_helper_test
and form_tag_helper_test
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
path_to_image in rdoc
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| | |
url, number, etc) (Closes #3646) [Stephen Celis]
|
|/ |
|
|
|
|
| |
to select tag. Be sure to join the tag yourself and mark them .html_safe
|
| |
|
|\
| |
| |
| |
| |
| |
| | |
Conflicts:
activerecord/lib/active_record/base.rb
railties/lib/rails/configuration.rb
railties/lib/rails/log_subscriber.rb
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: Yehuda Katz <yehudakatz@YK.local>
|
|/ |
|
|
|
|
|
|
| |
[#3856 state:committed]
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
|
|
|
|
|
|
| |
consistency [#1792 status:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self).
* Additionally, instead of doing concat("</form>".html_safe), you can do
safe_concat("</form>"), which will skip both the flag set, and the flag
check.
* For the first pass, I converted virtually all #html_safe!s to #html_safe,
and the tests pass. A further optimization would be to try to use
#safe_concat as much as possible, reducing the performance impact if
we know up front that a String is safe.
|