aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_view/helpers
Commit message (Collapse)AuthorAgeFilesLines
* Rename _snowman_ to _snowman to be in sync with _method and _csrf_token.José Valim2010-06-291-1/+1
|
* Slice new buffer from beginning of old buffer to skip encoding special caseJeremy Kemper2010-06-281-3/+1
|
* returning -> tapJeremy Kemper2010-06-281-5/+4
|
* Restores the escaping of urls generated from hashes. [#4765 state:resolved]Andrew White2010-06-281-1/+1
| | | | | | | | | | | | | | HTML specifications recommend the escaping of urls in web pages, which url_for does by default for string urls and consquently urls generated by path helpers as these return strings. Hashes passed to url_for are not escaped by default and this commit reverses this default so that they are escaped. Undoes the changes of this commit: http://github.com/rails/rails/commit/1b3195b63ca44f0a70b61b75fcf4991cb2fbb944 Signed-off-by: José Valim <jose.valim@gmail.com>
* Small typowycats2010-06-271-1/+1
|
* Fix several known web encoding issues:wycats2010-06-271-3/+12
| | | | | | | | | | | | | | | | | | | | | | | * Specify accept-charset on all forms. All recent browsers, as well as IE5+, will use the encoding specified for form parameters * Unfortunately, IE5+ will not look at accept-charset unless at least one character in the form's values is not in the page's charset. Since the user can override the default charset (which Rails sets to UTF-8), we provide a hidden input containing a unicode character, forcing IE to look at the accept-charset. * Now that the vast majority of web input is UTF-8, we set the inbound parameters to UTF-8. This will eliminate many cases of incompatible encodings between ASCII-8BIT and UTF-8. * You can safely ignore params[:_snowman_] TODO: * Validate inbound text to confirm it is UTF-8 * Combine the whole_form implementations in form_helper_test and form_tag_helper_test
* Do not wrap hidden fields with error proc [#4962 state:resolved]Carlos Antonio da Silva2010-06-252-3/+16
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* make text_field and hidden_field omit the value attribute if the developer ↵Jeff Dean2010-06-231-4/+4
| | | | | | explicitly passes in :value => nil [#4839 state:resolved] Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Tidy up asset tag a bit and make railties tests green again.José Valim2010-06-231-24/+14
|
* refactored the javascript asset tag helpers and moved the default scripts ↵Josh Kalderimis2010-06-231-14/+5
| | | | | | setup within the railtie Signed-off-by: José Valim <jose.valim@gmail.com>
* adds minus to value part of id [#4862 state:resolved]RainerBlessing2010-06-221-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* removed 'unless const_defined?' code smellJosh Kalderimis2010-06-215-24/+20
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Merge remote branch 'rails/master'Xavier Noria2010-06-204-18/+24
|\ | | | | | | | | Conflicts: actionpack/lib/abstract_controller/base.rb
| * Fixed date_select date_separator when discard_month and/or discard_day are ↵Thibaud Guillaume-Gentil2010-06-201-2/+4
| | | | | | | | | | | | true [#4856 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
| * option_groups_from_collection_for_select should return HTML-safe string ↵Wincent Colaiuta2010-06-191-1/+1
| | | | | | | | | | | | [#4879 state:resolved] Signed-off-by: Xavier Noria <fxn@hashref.com>
| * form_for without :html and with :remote should not errorDavid Genord II2010-06-181-1/+1
| | | | | | | | | | | | [#4902 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
| * Make text_helpers methods which return valid html to return it as safe and ↵Santiago Pastorino2010-06-171-6/+14
| | | | | | | | | | | | | | | | sanitize the input always unless :sanitize => false is set [#4825 state:committed] Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
| * truncate() should not try to produce HTML-safe outputWincent Colaiuta2010-06-171-8/+4
| | | | | | | | | | | | | | | | | | | | As discussed in Lighthouse ticket #4825 and ticket #4878, the truncate() method cannot guarantee safe output for all possible inputs/offsets, so it is best to leave the output unsafe so that it gets escaped when used in a view. Signed-off-by: Santiago Pastorino <santiago@wyeworks.com> Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
* | Action View is now titled.Rizwan Reza2010-06-211-1/+1
| |
* | Action View is now titled.Rizwan Reza2010-06-213-0/+5
| |
* | Added titles and description.Rizwan Reza2010-06-167-17/+37
| |
* | Adds title and description where needed.Rizwan Reza2010-06-1613-6/+33
| |
* | Fix a bunch of minor spelling mistakesEvgeniy Dolzhenko2010-06-156-10/+10
|\ \ | |/ |/|
| * Fix a bunch of minor spelling mistakesEvgeniy Dolzhenko2010-06-116-10/+10
| |
* | edit pass: the names of Rails components have a space, ie, "Active Record", ↵Xavier Noria2010-06-142-2/+2
| | | | | | | | not "ActiveRecord"
* | truncate safe method description changesNeeraj Singh2010-06-141-1/+1
| |
* | truncate documentation an examples added for :safe optionSantiago Pastorino2010-06-131-0/+10
| |
* | Merge remote branch 'docrails/master'Xavier Noria2010-06-121-1/+9
|\ \
| * | Updated all number helpers with :locale option.Slobodan Kovacevic2010-06-111-1/+9
| |/
* / text_helper now escape the unsafe input instead of sanitizingSantiago Pastorino2010-06-111-4/+4
|/ | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Merge remote branch 'rails/master'Xavier Noria2010-06-101-83/+0
|\
| * Removed textilize, textilize_without_paragraph and markdown helpersSantiago Pastorino2010-06-091-83/+0
| | | | | | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* | Added :locale option explanation for number_to_currencySlobodan Kovacevic2010-06-101-0/+2
|/
* Fixed double output from cache in no caching modeDavid Heinemeier Hansson2010-06-081-14/+14
|
* Made markdown honor :safe option and handle safe input. Also added tests for ↵rohit2010-06-081-2/+2
| | | | | | | | markdown. [#4794 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
* Fixed textilize_without_paragraph and added tests for it. [#4792 state:resolved]rohit2010-06-081-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Updating image_tag to support cid:content_id "URLs"Mikel Lindsaar2010-06-071-2/+5
|
* Makes text_helper methods sanitize the input if the input is not safe or ↵Santiago Pastorino2010-06-071-16/+22
| | | | :safe => true option is not provided
* content_tag_string shouldn't escape_html if escape param is falseSantiago Pastorino2010-06-071-1/+1
|
* revises the documentation of String#truncate and the truncate helperXavier Noria2010-06-021-9/+9
|
* Extracted String#truncate from TextHelper#truncate [DHH]David Heinemeier Hansson2010-06-011-11/+5
|
* Base options cant live in lazy loaded helpers as they then wont be available ↵David Heinemeier Hansson2010-05-311-7/+0
| | | | to set for config
* Merge commit 'mislav/auto_link'Michael Koziarski2010-05-291-12/+21
|\
| * avoid auto_linking already linked emails; more robust detection of linked URLsMislav Marohnić2010-05-241-9/+18
| | | | | | | | | | | | | | | | | | | | References #1523 [#1862 state:resolved] [#3591 state:resolved] Add test that shows how link text can contain HTML if needed: the trick is using block form in combination with `raw`. Let link text be automatically HTML-escaped [#2017 state:resolved]
| * auto_link: support arbitrary URI schemes like "ftp:" and "file:"Mislav Marohnić2010-05-241-3/+3
| | | | | | | | | | | | recognizes all URI scheme allowed characters, such as colon and period. [#3494 state:resolved]
* | i18n: t() handles single keys returning an Array, alsoJeremy Kemper2010-05-241-2/+5
| |
* | HTML safety: fix textarea with nil contentJeremy Kemper2010-05-241-1/+1
| |
* | translate method doesn't support arrays anymore and is optimized to be used ↵Santiago Pastorino2010-05-241-18/+10
| | | | | | | | | | | | with strings or symbols Signed-off-by: José Valim <jose.valim@gmail.com>
* | Revert "translation method for arrays on TranslationHelper module returns an ↵Santiago Pastorino2010-05-241-25/+25
| | | | | | | | | | | | | | | | array where values for keys of the form (.|_)html keys are html_safe" This reverts commit 05c95b5c5815c0b3ae55fda7a897922b7f3ec2c7. Signed-off-by: José Valim <jose.valim@gmail.com>
* | translation method for arrays on TranslationHelper module returns an array ↵Santiago Pastorino2010-05-241-25/+25
|/ | | | | | | | where values for keys of the form (.|_)html keys are html_safe [#4675] Signed-off-by: José Valim <jose.valim@gmail.com>