Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Use capture instead of yield in link_to_unless. | José Valim | 2010-07-21 | 1 | -1/+1 | |
| | | | | [#5162 state:resolved] | |||||
* | No need to delegate. Simply include the whole RecordIdentifier module. | José Valim | 2010-07-21 | 2 | -23/+4 | |
| | ||||||
* | Moved a few methods from RecordIdentifier to ActiveModel::Naming | Piotr Sarnacki | 2010-07-21 | 1 | -5/+5 | |
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | Moved PolymorphicRoutes to ActionDispatch::Routing | Piotr Sarnacki | 2010-07-20 | 1 | -1/+1 | |
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | select :include_blank or :prompt should return escaped string [#5099 ↵ | Ivan Torres | 2010-07-18 | 1 | -3/+3 | |
| | | | | | | state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | fixing the ternary operation where the logic is very confusing. | Neeraj Singh | 2010-07-18 | 1 | -1/+2 | |
| | | | | | | [#5136 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | Merge remote branch 'docrails/master' | Xavier Noria | 2010-07-13 | 2 | -15/+15 | |
|\ | ||||||
| * | Fixed many references to the old config/environment.rb and Rails::Initializer | Benjamin Quorning | 2010-07-13 | 1 | -14/+14 | |
| | | ||||||
| * | Removed deprecated |map| block argument from routing docs since it is no ↵ | Steven Hancock | 2010-07-11 | 1 | -1/+1 | |
| | | | | | | | | | | | | longer generated in edge Rails config/routes.rb Didn't touch plugins guide since I'm not too clear on how routes work in plugins. | |||||
* | | remove size attribute from tag generated by file_field helper [#5084 ↵ | Miles Egan | 2010-07-13 | 1 | -1/+1 | |
|/ | | | | | | state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | Merge remote branch 'docrails/master' | Xavier Noria | 2010-07-07 | 1 | -1/+11 | |
|\ | ||||||
| * | Added documentation for usage of associative resources with form_for | Rizwan Reza | 2010-07-01 | 1 | -1/+11 | |
| | | ||||||
* | | Unify routes naming by renaming router to routes | Piotr Sarnacki | 2010-07-02 | 1 | -1/+1 | |
|/ | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | s/escape_once/html_escape/, since html safety is the contract that now says ↵ | Xavier Noria | 2010-06-30 | 3 | -16/+19 | |
| | | | | whether something has to be escaped | |||||
* | url_for no longer escapes HTML, the :escape option is also gone | Xavier Noria | 2010-06-30 | 3 | -17/+8 | |
| | | | | Rationale: url_for is just a path/URL generator, it is the responsability of the caller to escape conveniently HTML needs it, JavaScript needs different escaping, a text mail needs no escaping at all, etc. | |||||
* | Rename _snowman_ to _snowman to be in sync with _method and _csrf_token. | José Valim | 2010-06-29 | 1 | -1/+1 | |
| | ||||||
* | Slice new buffer from beginning of old buffer to skip encoding special case | Jeremy Kemper | 2010-06-28 | 1 | -3/+1 | |
| | ||||||
* | returning -> tap | Jeremy Kemper | 2010-06-28 | 1 | -5/+4 | |
| | ||||||
* | Restores the escaping of urls generated from hashes. [#4765 state:resolved] | Andrew White | 2010-06-28 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | HTML specifications recommend the escaping of urls in web pages, which url_for does by default for string urls and consquently urls generated by path helpers as these return strings. Hashes passed to url_for are not escaped by default and this commit reverses this default so that they are escaped. Undoes the changes of this commit: http://github.com/rails/rails/commit/1b3195b63ca44f0a70b61b75fcf4991cb2fbb944 Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | Small typo | wycats | 2010-06-27 | 1 | -1/+1 | |
| | ||||||
* | Fix several known web encoding issues: | wycats | 2010-06-27 | 1 | -3/+12 | |
| | | | | | | | | | | | | | | | | | | | | | | | * Specify accept-charset on all forms. All recent browsers, as well as IE5+, will use the encoding specified for form parameters * Unfortunately, IE5+ will not look at accept-charset unless at least one character in the form's values is not in the page's charset. Since the user can override the default charset (which Rails sets to UTF-8), we provide a hidden input containing a unicode character, forcing IE to look at the accept-charset. * Now that the vast majority of web input is UTF-8, we set the inbound parameters to UTF-8. This will eliminate many cases of incompatible encodings between ASCII-8BIT and UTF-8. * You can safely ignore params[:_snowman_] TODO: * Validate inbound text to confirm it is UTF-8 * Combine the whole_form implementations in form_helper_test and form_tag_helper_test | |||||
* | Do not wrap hidden fields with error proc [#4962 state:resolved] | Carlos Antonio da Silva | 2010-06-25 | 2 | -3/+16 | |
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | make text_field and hidden_field omit the value attribute if the developer ↵ | Jeff Dean | 2010-06-23 | 1 | -4/+4 | |
| | | | | | | explicitly passes in :value => nil [#4839 state:resolved] Signed-off-by: Michael Koziarski <michael@koziarski.com> | |||||
* | Tidy up asset tag a bit and make railties tests green again. | José Valim | 2010-06-23 | 1 | -24/+14 | |
| | ||||||
* | refactored the javascript asset tag helpers and moved the default scripts ↵ | Josh Kalderimis | 2010-06-23 | 1 | -14/+5 | |
| | | | | | | setup within the railtie Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | adds minus to value part of id [#4862 state:resolved] | RainerBlessing | 2010-06-22 | 1 | -1/+1 | |
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | removed 'unless const_defined?' code smell | Josh Kalderimis | 2010-06-21 | 5 | -24/+20 | |
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | Merge remote branch 'rails/master' | Xavier Noria | 2010-06-20 | 4 | -18/+24 | |
|\ | | | | | | | | | Conflicts: actionpack/lib/abstract_controller/base.rb | |||||
| * | Fixed date_select date_separator when discard_month and/or discard_day are ↵ | Thibaud Guillaume-Gentil | 2010-06-20 | 1 | -2/+4 | |
| | | | | | | | | | | | | true [#4856 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
| * | option_groups_from_collection_for_select should return HTML-safe string ↵ | Wincent Colaiuta | 2010-06-19 | 1 | -1/+1 | |
| | | | | | | | | | | | | [#4879 state:resolved] Signed-off-by: Xavier Noria <fxn@hashref.com> | |||||
| * | form_for without :html and with :remote should not error | David Genord II | 2010-06-18 | 1 | -1/+1 | |
| | | | | | | | | | | | | [#4902 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> | |||||
| * | Make text_helpers methods which return valid html to return it as safe and ↵ | Santiago Pastorino | 2010-06-17 | 1 | -6/+14 | |
| | | | | | | | | | | | | | | | | sanitize the input always unless :sanitize => false is set [#4825 state:committed] Signed-off-by: David Heinemeier Hansson <david@loudthinking.com> | |||||
| * | truncate() should not try to produce HTML-safe output | Wincent Colaiuta | 2010-06-17 | 1 | -8/+4 | |
| | | | | | | | | | | | | | | | | | | | | As discussed in Lighthouse ticket #4825 and ticket #4878, the truncate() method cannot guarantee safe output for all possible inputs/offsets, so it is best to leave the output unsafe so that it gets escaped when used in a view. Signed-off-by: Santiago Pastorino <santiago@wyeworks.com> Signed-off-by: David Heinemeier Hansson <david@loudthinking.com> | |||||
* | | Action View is now titled. | Rizwan Reza | 2010-06-21 | 1 | -1/+1 | |
| | | ||||||
* | | Action View is now titled. | Rizwan Reza | 2010-06-21 | 3 | -0/+5 | |
| | | ||||||
* | | Added titles and description. | Rizwan Reza | 2010-06-16 | 7 | -17/+37 | |
| | | ||||||
* | | Adds title and description where needed. | Rizwan Reza | 2010-06-16 | 13 | -6/+33 | |
| | | ||||||
* | | Fix a bunch of minor spelling mistakes | Evgeniy Dolzhenko | 2010-06-15 | 6 | -10/+10 | |
|\ \ | |/ |/| | ||||||
| * | Fix a bunch of minor spelling mistakes | Evgeniy Dolzhenko | 2010-06-11 | 6 | -10/+10 | |
| | | ||||||
* | | edit pass: the names of Rails components have a space, ie, "Active Record", ↵ | Xavier Noria | 2010-06-14 | 2 | -2/+2 | |
| | | | | | | | | not "ActiveRecord" | |||||
* | | truncate safe method description changes | Neeraj Singh | 2010-06-14 | 1 | -1/+1 | |
| | | ||||||
* | | truncate documentation an examples added for :safe option | Santiago Pastorino | 2010-06-13 | 1 | -0/+10 | |
| | | ||||||
* | | Merge remote branch 'docrails/master' | Xavier Noria | 2010-06-12 | 1 | -1/+9 | |
|\ \ | ||||||
| * | | Updated all number helpers with :locale option. | Slobodan Kovacevic | 2010-06-11 | 1 | -1/+9 | |
| |/ | ||||||
* / | text_helper now escape the unsafe input instead of sanitizing | Santiago Pastorino | 2010-06-11 | 1 | -4/+4 | |
|/ | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | Merge remote branch 'rails/master' | Xavier Noria | 2010-06-10 | 1 | -83/+0 | |
|\ | ||||||
| * | Removed textilize, textilize_without_paragraph and markdown helpers | Santiago Pastorino | 2010-06-09 | 1 | -83/+0 | |
| | | | | | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | |||||
* | | Added :locale option explanation for number_to_currency | Slobodan Kovacevic | 2010-06-10 | 1 | -0/+2 | |
|/ | ||||||
* | Fixed double output from cache in no caching mode | David Heinemeier Hansson | 2010-06-08 | 1 | -14/+14 | |
| | ||||||
* | Made markdown honor :safe option and handle safe input. Also added tests for ↵ | rohit | 2010-06-08 | 1 | -2/+2 | |
| | | | | | | | | markdown. [#4794 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> |