Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | content_tag should escape its input | Bruno Michel | 2010-02-14 | 7 | -15/+14 | |
| | | | | Signed-off-by: Yehuda Katz <yehudakatz@YK.local> | |||||
* | simple_format returns a safe buffer escaping unsafe input [Santiago Pastorino] | David Heinemeier Hansson | 2010-02-12 | 1 | -1/+1 | |
| | ||||||
* | Safely concat the ending tag to simple_format or it will be escaped | David Heinemeier Hansson | 2010-02-12 | 1 | -1/+1 | |
| | ||||||
* | Fix pluralization for numbers formatted like '1.00' | Gabriel Mansour | 2010-02-07 | 1 | -1/+1 | |
| | | | | Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> | |||||
* | Fix nested attributes with specified collection. | José Valim | 2010-02-07 | 1 | -7/+11 | |
| | ||||||
* | More html_safe strings now use the safe_concat method | Santiago Pastorino and José Ignacio Costa | 2010-02-05 | 4 | -6/+6 | |
| | | | | | | [#3856 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> | |||||
* | HTML-escape csrf meta contents | Jeremy Kemper | 2010-02-04 | 1 | -1/+1 | |
| | ||||||
* | Expose CSRF param name also | Jeremy Kemper | 2010-02-04 | 1 | -1/+1 | |
| | ||||||
* | Expose CSRF tag for UJS adapters | Jeremy Kemper | 2010-02-04 | 1 | -0/+12 | |
| | ||||||
* | Configuration values should be on AV::Base. | José Valim | 2010-02-02 | 1 | -17/+4 | |
| | ||||||
* | Modify the behavior of `radio_button_tag` to use `sanitize_to_id` for ↵ | Prem Sichanugrist | 2010-02-02 | 1 | -3/+1 | |
| | | | | | | consistency [#1792 status:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | Deleted all references to ActionView::SafeBuffer in favor of ↵ | Santiago Pastorino | 2010-01-31 | 1 | -1/+1 | |
| | | | | | | ActiveSupport::SafeBuffer Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local> | |||||
* | action_view is requiring the deleted action_view/erb/util.rb file | Santiago Pastorino | 2010-01-31 | 1 | -1/+0 | |
| | | | | Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local> | |||||
* | For performance reasons, you can no longer call html_safe! on Strings. ↵ | Yehuda Katz | 2010-01-31 | 15 | -51/+42 | |
| | | | | | | | | | | | | Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self). * Additionally, instead of doing concat("</form>".html_safe), you can do safe_concat("</form>"), which will skip both the flag set, and the flag check. * For the first pass, I converted virtually all #html_safe!s to #html_safe, and the tests pass. A further optimization would be to try to use #safe_concat as much as possible, reducing the performance impact if we know up front that a String is safe. | |||||
* | UJS documentation. | Stefan Penner | 2010-01-31 | 3 | -33/+78 | |
| | ||||||
* | data-remote needs to be on the form and not the submit when using button_to ↵ | Erik St. Martin | 2010-01-31 | 1 | -1/+3 | |
| | | | | :remote=>true | |||||
* | add :remote option to form_tag | Stephen St. Martin | 2010-01-31 | 1 | -0/+1 | |
| | ||||||
* | form_for should pass :remote to form_tag through html_options | Stephen St. Martin | 2010-01-31 | 1 | -0/+2 | |
| | ||||||
* | Add rel=nofollow on non get remote links | Joshua Peek | 2010-01-30 | 1 | -1/+1 | |
| | ||||||
* | Generate UJS code for :disable_with | Joshua Peek | 2010-01-30 | 2 | -14/+1 | |
| | ||||||
* | updating link_to and button_to to support :remote => true and other options ↵ | Erik St. Martin | 2010-01-30 | 2 | -38/+51 | |
| | | | | | | such as :confirm in a unobtrusive manor Signed-off-by: Joshua Peek <josh@joshpeek.com> | |||||
* | Include prototype ujs adapter with new apps | Joshua Peek | 2010-01-30 | 1 | -1/+1 | |
| | ||||||
* | Reorg options_for_javascript and array_or_string_for_javascript | Joshua Peek | 2010-01-30 | 3 | -17/+17 | |
| | ||||||
* | Move button_to_function to prototype helper | Joshua Peek | 2010-01-30 | 2 | -33/+33 | |
| | ||||||
* | Unused JAVASCRIPT_PATH const | Joshua Peek | 2010-01-30 | 1 | -4/+0 | |
| | ||||||
* | Move scripty JSG helpers into scriptaculous_helper.rb | Joshua Peek | 2010-01-30 | 2 | -26/+32 | |
| | ||||||
* | Move form_remote_tag and remote_form_for into prototype_legacy_helper | Joshua Peek | 2010-01-30 | 1 | -109/+0 | |
| | ||||||
* | Move button_to_remote and submit_to_remote into prototype_legacy_helper | Joshua Peek | 2010-01-30 | 1 | -38/+0 | |
| | | | | plugin | |||||
* | Move link_to_function and link_to_remote into prototype_legacy_helper | Joshua Peek | 2010-01-30 | 3 | -248/+48 | |
| | | | | plugin | |||||
* | Drop AjaxHelper | Joshua Peek | 2010-01-30 | 1 | -68/+0 | |
| | ||||||
* | Move periodically_call_remote into prototype_legacy_helper plugin | Joshua Peek | 2010-01-30 | 1 | -35/+0 | |
| | ||||||
* | Move observe_field and observe_form to prototype_legacy_helper plugin | Joshua Peek | 2010-01-30 | 1 | -154/+35 | |
| | ||||||
* | Revert "Merge branch 'rails/master' into ujs" | Joshua Peek | 2010-01-30 | 6 | -767/+581 | |
| | | | | | | | | | | | This reverts commit 3aa1ea1ae4baa4a03d03644e798eeb98a4745785, reversing changes made to 2c12a71378d2146c822acb389b00b866f6420ff5. Conflicts: actionpack/lib/action_view/helpers/javascript_helper.rb actionpack/lib/action_view/helpers/url_helper.rb actionpack/test/template/url_helper_test.rb | |||||
* | Revert "Add rails.js driver to default source list" | Joshua Peek | 2010-01-30 | 1 | -1/+1 | |
| | | | | This reverts commit 8a46e1182e3fce36aee5e6cb65737c4e755bbced. | |||||
* | Deprecate link_to :popup | Joshua Peek | 2010-01-29 | 2 | -29/+8 | |
| | ||||||
* | Add rails.js driver to default source list | Joshua Peek | 2010-01-29 | 1 | -1/+1 | |
| | ||||||
* | updated tests + docs, plus minor inconsistency fixes | Stefan Penner | 2010-01-27 | 1 | -52/+90 | |
| | ||||||
* | tests + docs | Stefan Penner | 2010-01-27 | 1 | -62/+90 | |
| | ||||||
* | observe_form now supports :with option as it should | Erik St. Martin | 2010-01-27 | 1 | -0/+10 | |
| | ||||||
* | :href should be comming in through html_options and not options | Erik St. Martin | 2010-01-27 | 1 | -1/+1 | |
| | ||||||
* | removing container inline js function of observed elements :function callback | Erik St. Martin | 2010-01-27 | 1 | -5/+1 | |
| | ||||||
* | moving html_safe call into helpers directly as they only work from that level | Erik St. Martin | 2010-01-27 | 1 | -4/+4 | |
| | ||||||
* | periodically_call_remote does not need data-observe=true | Erik St. Martin | 2010-01-27 | 1 | -0/+3 | |
| | ||||||
* | need to tell erb that our <script> tag is html_safe | Erik St. Martin | 2010-01-27 | 1 | -1/+1 | |
| | ||||||
* | adding :href override to link_to_remote | Erik St. Martin | 2010-01-27 | 1 | -1/+3 | |
| | ||||||
* | adding support for :disable_with to button_to_remote | Erik St. Martin | 2010-01-27 | 1 | -0/+4 | |
| | ||||||
* | fix duplidate data-submit attribute, submit_to_remote should test url | Stephen St. Martin | 2010-01-27 | 1 | -1/+1 | |
| | ||||||
* | remote_form_for now supports :confirm | Erik St. Martin | 2010-01-27 | 1 | -0/+5 | |
| | ||||||
* | account for the fact a few options may be passed as symbols and need to be ↵ | Erik St. Martin | 2010-01-27 | 1 | -4/+12 | |
| | | | | converted to string | |||||
* | add missing call to set_with_and_condition_attributes for form_remote_tag | Stephen St. Martin | 2010-01-27 | 1 | -0/+1 | |
| |