aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_view/helpers/url_helper.rb
Commit message (Collapse)AuthorAgeFilesLines
...
| * content_tag should escape its inputBruno Michel2010-02-141-1/+1
| | | | | | | | Signed-off-by: Yehuda Katz <yehudakatz@YK.local>
* | Updated documentation for block helpers in url_helper.rbJeroen van Dijk2010-03-121-1/+1
|/
* For performance reasons, you can no longer call html_safe! on Strings. ↵Yehuda Katz2010-01-311-4/+4
| | | | | | | | | | | | Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self). * Additionally, instead of doing concat("</form>".html_safe), you can do safe_concat("</form>"), which will skip both the flag set, and the flag check. * For the first pass, I converted virtually all #html_safe!s to #html_safe, and the tests pass. A further optimization would be to try to use #safe_concat as much as possible, reducing the performance impact if we know up front that a String is safe.
* UJS documentation.Stefan Penner2010-01-311-25/+30
|
* data-remote needs to be on the form and not the submit when using button_to ↵Erik St. Martin2010-01-311-1/+3
| | | | :remote=>true
* Add rel=nofollow on non get remote linksJoshua Peek2010-01-301-1/+1
|
* Generate UJS code for :disable_withJoshua Peek2010-01-301-4/+0
|
* updating link_to and button_to to support :remote => true and other options ↵Erik St. Martin2010-01-301-31/+46
| | | | | | such as :confirm in a unobtrusive manor Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Revert "Merge branch 'rails/master' into ujs"Joshua Peek2010-01-301-0/+45
| | | | | | | | | | | This reverts commit 3aa1ea1ae4baa4a03d03644e798eeb98a4745785, reversing changes made to 2c12a71378d2146c822acb389b00b866f6420ff5. Conflicts: actionpack/lib/action_view/helpers/javascript_helper.rb actionpack/lib/action_view/helpers/url_helper.rb actionpack/test/template/url_helper_test.rb
* Deprecate link_to :popupJoshua Peek2010-01-291-16/+2
|
* making non remote versions of link_to, button_to, submit_tag and ↵Erik St. Martin2010-01-271-52/+2
| | | | image_submit_tag output data attributes for things like :confirm, :method, :popup, and :disable_with
* Make @controller an internal ivar in the viewJoshua Peek2010-01-221-6/+6
|
* From now on, parameters defined in default_url_options can be absent from ↵José Valim2010-01-071-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | named routes. This allows the following setup to work: # app/controllers/application_controller.rb class ApplicationController def default_url_options(options=nil) { :locale => I18n.locale } end end # From your views and controllers: I18n.locale #=> :en users_url #=> "/en/users" users_url(:pl) #=> "/pl/users" user_url(1) #=> "/en/users/1" user_url(:pl, 1) #=> "/pl/users/1" user_url(1, :locale => :pl) #=> "/pl/users/1" If you provide all expected parameters, it still works as previously. But if any parameter is missing, it tries to assign all possible ones with the hash returned in default_url_options or the one passed straight to the named route method. Beware that default_url_options in ApplicationController is not shared with ActionMailer, so you are required to always give the locale in your email views.
* Remove CGI.escape in function of Rack::Mount.escapeJosé Valim2010-01-061-4/+4
|
* Make sure non-escaped urls aren't considered safeMichael Koziarski2009-10-151-1/+1
|
* ActionView.url_for doesn't escape by defaultPhil Darnowsky2009-10-151-1/+1
| | | | | | | | | | | | | | | | | ActionView::Helpers::UrlHelper#url_for used to escape the URLs it generated by default. This was most commonly seen when generating a path with multiple query parameters, e.g. url_for(:controller => :foo, :action => :bar, :this => 123, :that => 456) would return http://example.com/foo/bar?that=456&amp;this=123 escaping an ampersand that shouldn't be escaped. This is both wrong and inconsistent with the behavior of ActionController#url_for, and is changed. Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Switch to on-by-default XSS escaping for rails.Michael Koziarski2009-10-081-5/+5
| | | | | | | | | | | | This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration.
* AV::UrlHelper depends on Array#secondJoshua Peek2009-09-131-0/+1
|
* Make sure link_to generates the form with the specified :href if any [#2254 ↵Max Lapshin2009-08-101-1/+1
| | | | | | state:resolved] Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Merge docrailsPratik Naik2009-07-251-49/+48
|
* Uses Hash#symbolize_keysJeremy Kemper2009-06-081-0/+1
|
* ActionPack components should no longer have undeclared dependencies.Yehuda Katz + Carl Lerche2009-06-081-3/+3
| | | | | | | * Tests can be run in isolation * Dependencies added * A few tests modified to avoid depending on AS deps not depended on my files they were testing
* Fix a syntax error in current_page?() that was prevent matches against URL's ↵chris finne2009-02-051-2/+25
| | | | | | with multiple query parameters [#1868 state:committed] Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
* modified current_page? to ignore extra parameters unless specified in optionsErik Andrejko2008-10-261-3/+14
| | | | | Signed-off-by: Michael Koziarski <michael@koziarski.com> [#805 state:committed]
* mail_to should use decodeURIcomponent instead of unescape to be utf friendly.miloops2008-08-081-2/+2
| | | | Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Removed handling of string parameter in link_to to have all URL generation ↵Clemens Kofler2008-07-191-43/+50
| | | | | | done by url_for Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Merge with docrails.Pratik Naik2008-07-161-1/+1
|
* Ensure mail_to label is obfuscated for javascript encoding. [#294 ↵Johan Sørensen2008-07-121-1/+1
| | | | | | state:resolved] Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Ensure url_for(nil) falls back to url_for({}). [#472 state:resolved]Cheah Chu Yeow2008-07-091-4/+2
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Performance: javascript helper tweaks to speed up escaping and reduce object ↵Jeremy Kemper2008-06-211-1/+1
| | | | allocations when building options strings
* Added block-call style to link_to [Sam Stephenson/DHH]David Heinemeier Hansson2008-06-171-18/+42
|
* Merge docrails.Pratik Naik2008-05-251-1/+1
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Merge documentation changes from docrails.Pratik Naik2008-05-161-4/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit 0fc3381aa5359f31b36057d7bfba2e0eb6a3c064 Author: Xavier Noria <fxn@hashref.com> Date: Fri May 16 23:44:51 2008 +0200 Conventions. Formatting. Revising docs all over the rails. This revision encourages the modern resource-oriented form_for usage. In addition corrects some markup and other details. commit 70e4bcf5cb039bea073851faed2df9f465e6f2f8 Author: Chris Kampmeier <chris@kampers.net> Date: Fri May 16 12:09:46 2008 -0700 Fix a couple spelling errors in docs commit 6ea5e4208f724b50e774e6a1af027336c3ee3de1 Author: Chris O'Sullivan <thechrisoshow@gmail.com> Date: Fri May 16 16:09:11 2008 +0100 Added docs about source_type for has_one association commit a01a0178be297b0eb62909819a15a01c6b69a841 Author: miloops <miloops@gmail.com> Date: Wed May 14 09:22:39 2008 +0000 Change migration generator USAGE to explain the timestamped migrations behaviour commit 4e2bc02163aa646ab1304b1b5bec98a7af8927f5 Author: Xavier Noria <fxn@hashref.com> Date: Fri May 16 00:43:03 2008 +0200 minor revision in url_for docs Made explicit that RESTful and controller/action styles are not interchangeable, and revised some markup. commit d6ecce66f4e125531875006eea8022b73fe135b5 Author: Michael Hartl <michael@michaelhartl.com> Date: Thu May 15 10:46:40 2008 -0700 Expanded and updated the link_to documentation commit b8c46c86f0b785f6afc3c58eeb1b347543f5901e Author: Cody Fauser <cody@jadedpixel.com> Date: Wed May 14 09:10:02 2008 -0400 Improve and cleanup ActionMailer documentation commit 9546ee299952c86329c4854f9b3776382c0575ff Author: Yehuda Katz <wycats@gmail.com> Date: Mon May 12 23:41:43 2008 -0700 Add documentation for Inflector.inflections commit cbd5db8f5165f013069b02414f9bf762d88f619f Author: Manik Juneja <mjuneja@manik-junejas-computer.local> Date: Mon May 12 23:43:31 2008 +0530 minor changes in railties/README. Added dbconsole introduction commit 130a280ddee1f96ccf378b52c17ee742b5e54f4a Author: Gaurav Sharma <gaurav@norbauer.com> Date: Mon May 12 18:00:19 2008 +0530 adding documentation for cached_attributes commit 164c9586480f0a02522ea15ec7fb42c6a783a74d Author: TomK32 <tomk32@tomk32.de> Date: Mon May 12 10:59:33 2008 +0200 proper heading for "Example:" commit 35634feb474cc55fbc95edeffe98cec241d45f23 Author: Matt Boehlig <thetamind@gmail.com> Date: Sun May 11 16:46:07 2008 -0500 Cleanup whitespace and change_table documentation commit 80bba28a1a56a0cafeb0fc94659905e88129bc31 Author: Xavier Noria <fxn@hashref.com> Date: Sun May 11 02:54:02 2008 +0200 documented the source annotation extractor commit e6823bb1650d9b0fea58bd2d355f388961a408b3 Author: Mike Mondragon <mikemondragon@gmail.com> Date: Fri May 9 13:49:56 2008 -0700 Added additional information about processing email with ActionMailer and the strategy one might want to employ to do so. commit e6afd8b2736364322b673bbdcca3e9b38b6d3da0 Author: Xavier Noria <fxn@hashref.com> Date: Thu May 8 23:49:36 2008 +0200 corrected and completed docs of increment/decrement/toggle in AR::Base commit 2fead68b3192332eee27945ed95a94a64ca73f70 Author: Austin Putman <austin@emmanuel.local> Date: Wed May 7 19:35:46 2008 -0700 Documented class methods on ActionController::Routing. These are dangerous, and mostly used for testing. commit f5b84182dbc39bea79c8ee319c688d00fa99f9d1 Author: Teflon Ted <github@rudiment.net> Date: Wed May 7 16:08:49 2008 -0400 Added explanation about errant inflections not being patched in the future in order to avoid breaking legacy applications. commit 370f4f51722cec49ace17093d29e9ce9e8f15cfb Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 14:00:59 2008 +0200 Applied list conventions in AR::Base commit 5bd18429f09d44e75191bec42a6db04bd33f3030 Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 13:53:35 2008 +0200 Renamed Options list to Attributes list whenever they weren't option hashes in AR::Base commit 2fa628e34b25166afb49e3afeea87e770ab84256 Author: Xavier Noria <fxn@hashref.com> Date: Wed May 7 11:52:33 2008 +0200 revised details in Exceptions section of AR::Base docs commit d912bd5672316454457ae83f6e9dda5197beeb6f Author: Yaroslav Markin <yaroslav@markin.net> Date: Wed May 7 13:50:28 2008 +0400 Add a filter_parameter_logging usage hint to generated ApplicationController. This may help to remind the developer to filter sensitive information from application logs. Closes #11578 commit f81d771f0657ae8375b84a77a059812cce5d6fd9 Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:35:05 2008 -0700 doc: ActiveRecord::Reflection::AssociationReflection#through_reflection Added documentation demonstrating the use of #through_reflection for finding intervening reflection objects for HasManyThrough and HasOneThrough. commit ae6b46f00b5b8b2939c6b37ce3329c83de7e71db Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:47:41 2008 +0800 Document AttributeAssignmentError and MultiparameterAssignmentErrors. commit 8f463550b597db2156b67733f31aed13487fbc3a Author: John Barnette <jbarnette@gmail.com> Date: Tue May 6 22:46:44 2008 -0700 Killing/fixing a bunch of outdated language in the AR README. commit 284a930a93fbee16e25d06392779dbf2f03e9e12 Author: Jonathan Dance <jd@wuputah.com> Date: Tue May 6 14:58:26 2008 -0400 improvements to the page caching docs commit 9482da621390c874da7c921c8bd6230caae7035a Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 18:13:40 2008 +0200 validates_numericality_of() "integer" option really is "only_integer" commit e9afd6790a8f530528f6597a7f59bb283be754f6 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:11:59 2008 +0200 Harmonized hash notation in AR::Base commit 67ebf14a91ffd970b582be4ff2991d691a9cf3e1 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:06:19 2008 +0200 Turned options into rdoc-lists in AR::Base commit 0ec7c0a41d889d4e5382b9dff72f1aaba89bf297 Author: Marshall Huss <mwhuss@Macbook.local> Date: Sun May 4 23:21:33 2008 -0400 Added information of how to set element_name in the case the user has a name confliction with an existing model Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Merge docrails:Pratik Naik2008-05-091-14/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit e6afd8b2736364322b673bbdcca3e9b38b6d3da0 Author: Xavier Noria <fxn@hashref.com> Date: Thu May 8 23:49:36 2008 +0200 Overall documentation improvement and markup corrections. Zillion changes. commit 2fead68b3192332eee27945ed95a94a64ca73f70 Author: Austin Putman <austin@emmanuel.local> Date: Wed May 7 19:35:46 2008 -0700 Documented class methods on ActionController::Routing. These are dangerous, and mostly used for testing. commit f5b84182dbc39bea79c8ee319c688d00fa99f9d1 Author: Teflon Ted <github@rudiment.net> Date: Wed May 7 16:08:49 2008 -0400 Added explanation about errant inflections not being patched in the future in order to avoid breaking legacy applications. commit 370f4f51722cec49ace17093d29e9ce9e8f15cfb Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 14:00:59 2008 +0200 Applied list conventions in AR::Base commit 5bd18429f09d44e75191bec42a6db04bd33f3030 Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 13:53:35 2008 +0200 Renamed Options list to Attributes list whenever they weren't option hashes in AR::Base commit d912bd5672316454457ae83f6e9dda5197beeb6f Author: Yaroslav Markin <yaroslav@markin.net> Date: Wed May 7 13:50:28 2008 +0400 Add a filter_parameter_logging usage hint to generated ApplicationController. This may help to remind the developer to filter sensitive information from application logs. Closes #11578 commit b243de0db3c2605121e055079854af5090d06374 Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:39:47 2008 -0700 doc: disambiguating an example ActiveRecord class commit f81d771f0657ae8375b84a77a059812cce5d6fd9 Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:35:05 2008 -0700 doc: ActiveRecord::Reflection::AssociationReflection#through_reflection Added documentation demonstrating the use of #through_reflection for finding intervening reflection objects for HasManyThrough and HasOneThrough. commit ae6b46f00b5b8b2939c6b37ce3329c83de7e71db Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:47:41 2008 +0800 Document AttributeAssignmentError and MultiparameterAssignmentErrors. commit 8f463550b597db2156b67733f31aed13487fbc3a Author: John Barnette <jbarnette@gmail.com> Date: Tue May 6 22:46:44 2008 -0700 Killing/fixing a bunch of outdated language in the AR README. commit aca44bcd92ef783abdf484b58abdde6786db0f89 Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:34:52 2008 +0800 Make a note about ActiveResource::Timeouterror being raised when ARes calls timeout. commit 284a930a93fbee16e25d06392779dbf2f03e9e12 Author: Jonathan Dance <jd@wuputah.com> Date: Tue May 6 14:58:26 2008 -0400 improvements to the page caching docs commit 9482da621390c874da7c921c8bd6230caae7035a Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 18:13:40 2008 +0200 validates_numericality_of() "integer" option really is "only_integer" commit e9afd6790a8f530528f6597a7f59bb283be754f6 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:11:59 2008 +0200 Harmonized hash notation in AR::Base commit 67ebf14a91ffd970b582be4ff2991d691a9cf3e1 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:06:19 2008 +0200 Turned options into rdoc-lists in AR::Base commit 0ec7c0a41d889d4e5382b9dff72f1aaba89bf297 Author: Marshall Huss <mwhuss@Macbook.local> Date: Sun May 4 23:21:33 2008 -0400 Added information of how to set element_name in the case the user has a name confliction with an existing model Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Improve documentation coverage and markupXavier Noria2008-05-021-8/+8
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Improve documentation.Pratik Naik2008-04-051-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9226 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Docfix (closes #11226) [mikong]David Heinemeier Hansson2008-03-151-2/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9034 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Ruby 1.9 compat: url helper encodingJeremy Kemper2007-12-211-9/+5
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8463 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix typos (closes #10378)David Heinemeier Hansson2007-12-051-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8301 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix typo left over from previous typo fix in url helper. Closes #9414 [Henrik N]Marcel Molina2007-11-061-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8091 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Add link_to :back which uses your referrer with a fallback to a javascript ↵Michael Koziarski2007-10-081-3/+11
| | | | | | link. #7366 [eventualbuddha, tarmo] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7791 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Allow ability to disable request forgery protection, disable it in test mode ↵Rick Olson2007-09-281-2/+2
| | | | | | by default. Closes #9693 [lifofifo] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7668 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Protect button_to behind protect_from_forgery (closes #9675) [lifo]David Heinemeier Hansson2007-09-251-2/+7
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7636 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Rename some RequestForgeryProtection methods. The class method is now ↵Rick Olson2007-09-231-1/+1
| | | | | | #protect_from_forgery, and the default parameter is now 'authenticity_token'. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7596 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model ↵Rick Olson2007-09-231-0/+4
| | | | | | that verifies session-specific _tokens for non-GET requests. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7592 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Doc fix (closes #9414) [Henrik N]David Heinemeier Hansson2007-09-221-3/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7548 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that setting the :host option in url_for would automatically turn off ↵David Heinemeier Hansson2007-09-221-2/+3
| | | | | | :only_path (since :host would otherwise not be shown) (closes #9586) [Bounga] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7542 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that link_to with an href of # when using :method will not allow for ↵David Heinemeier Hansson2007-06-231-9/+19
| | | | | | click-through without JavaScript (closes #7037) [stevenbristol/josh] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7096 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Don't double-escape url_for in views. Closes #8144.Jeremy Kemper2007-06-051-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6942 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Clean up the simply_helpful merge.Jeremy Kemper2007-05-181-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6751 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 23:49:50 +0000