aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_view/helpers
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixed that PrototypeHelper#update_page should return html_safe [DHH]David Heinemeier Hansson2010-01-081-1/+1
|
* Fixed that much of DateHelper wouldn't return html_safe? strings [DHH]David Heinemeier Hansson2010-01-081-5/+5
|
* From now on, parameters defined in default_url_options can be absent from ↵José Valim2010-01-071-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | named routes. This allows the following setup to work: # app/controllers/application_controller.rb class ApplicationController def default_url_options(options=nil) { :locale => I18n.locale } end end # From your views and controllers: I18n.locale #=> :en users_url #=> "/en/users" users_url(:pl) #=> "/pl/users" user_url(1) #=> "/en/users/1" user_url(:pl, 1) #=> "/pl/users/1" user_url(1, :locale => :pl) #=> "/pl/users/1" If you provide all expected parameters, it still works as previously. But if any parameter is missing, it tries to assign all possible ones with the hash returned in default_url_options or the one passed straight to the named route method. Beware that default_url_options in ApplicationController is not shared with ActionMailer, so you are required to always give the locale in your email views.
* Updated the documentation for helpers.label.José Valim2010-01-071-3/+3
|
* Use helpers.label instead of views.labels.José Valim2010-01-072-2/+2
|
* errors in ActionView should not be namespaced as well.José Valim2010-01-071-1/+1
|
* Remove CGI.escape in function of Rack::Mount.escapeJosé Valim2010-01-061-4/+4
|
* NumberHelper#number_to_currency should output html_safe strings so the units ↵David Heinemeier Hansson2010-01-051-1/+1
| | | | are not escaped
* adding fix for auto linking to master tooZach Brock2010-01-051-1/+1
| | | | Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Do not enforce human_attribute_name as required API.José Valim2010-01-021-3/+6
|
* I18n label helper [#745 status:resolved]Carsten Gehling2010-01-021-3/+36
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Translated strings in the view are assumed html_safe (Closes #3401)David Heinemeier Hansson2009-12-241-1/+1
|
* All AD modules are "deferrable"Joshua Peek2009-12-221-0/+1
|
* Allow explicit placement of hidden id element for nested models.Will Read2009-11-151-2/+11
| | | | | | [#3259 state:resolved] Signed-off-by: Eloy Duran <eloy.de.enige@gmail.com>
* Fix some Ruby warnings: `*' interpreted as argument prefixBryan Helmkamp2009-11-091-1/+1
|
* Fix error_messages_for when instance variable names are given.José Valim2009-10-211-6/+6
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Bring agnosticism to error_messages_for.José Valim2009-10-171-6/+10
|
* Unify benchmark APIs.José Valim2009-10-151-54/+0
|
* Make sure non-escaped urls aren't considered safeMichael Koziarski2009-10-151-1/+1
|
* ActionView.url_for doesn't escape by defaultPhil Darnowsky2009-10-151-1/+1
| | | | | | | | | | | | | | | | | ActionView::Helpers::UrlHelper#url_for used to escape the URLs it generated by default. This was most commonly seen when generating a path with multiple query parameters, e.g. url_for(:controller => :foo, :action => :bar, :this => 123, :that => 456) would return http://example.com/foo/bar?that=456&amp;this=123 escaping an ampersand that shouldn't be escaped. This is both wrong and inconsistent with the behavior of ActionController#url_for, and is changed. Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Start adding configuration to ActionView instead of using constants.Yehuda Katz2009-10-141-12/+16
| | | | | | | By using config rather than hardcoded constants, we can evolve the configuration system over time (we'd just need to update the config method with more robust capabilities and all consumers would get the capabilities with no code changes)
* API change: content_tag_for outputs prefixed class nameJoshua Peek2009-10-081-3/+3
|
* error procs have to be safe tooMichael Koziarski2009-10-081-1/+1
|
* Switch to on-by-default XSS escaping for rails.Michael Koziarski2009-10-0812-25/+43
| | | | | | | | | | | | This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration.
* NumberHelper depends on big decimal extensionsJoshua Peek2009-10-031-0/+1
|
* Introduce :almost keyword for distance_of_time_in_words. Make 1.75 days - 2 ↵John Trupiano2009-09-281-10/+19
| | | | | | | days return '2 days'. Signed-off-by: Michael Koziarski <michael@koziarski.com> [#3266 state:committed]
* Enhancing distance_of_time_in_words to prefix year output with over and ↵Jay Pignata2009-09-281-4/+7
| | | | | | | about depending upon how many months have elapsed Signed-off-by: Michael Koziarski <michael@koziarski.com> [#3106 state:committed]
* AV::UrlHelper depends on Array#secondJoshua Peek2009-09-131-0/+1
|
* Don't force test suite to use bundlerJoshua Peek2009-09-131-0/+1
|
* Allow fields_for on a nested_attributes association to accept an explicit ↵Andrew France2009-09-121-7/+19
| | | | | | collection to be used. [#2648 state:resolved] Signed-off-by: Eloy Duran <eloy.de.enige@gmail.com>
* Clean tag attributes before passing through the escape_once logic.Michael Koziarski2009-09-041-1/+1
| | | | Addresses CVE-2009-3009
* Don't raise exceptions for missing javascript_include_tag or ↵Sam Pohlenz2009-09-031-2/+6
| | | | | | stylesheet_link_tag sources unless the :cache or :concat options are given. [#2738 state:resolved] Signed-off-by: Joshua Peek <josh@joshpeek.com>
* I18n: use I18n for select helpers' prompt textAkira Matsuda2009-08-261-1/+2
| | | | | | [#2252 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Revert "I18n: use I18n for select helpers' prompt text"Jeremy Kemper2009-08-261-2/+1
| | | | | | | | Broke CI. [#2252 state:open] This reverts commit adedf72821a5623227ce91e6b298838e692477e4.
* I18n: use I18n for select helpers' prompt textAkira Matsuda2009-08-261-1/+2
| | | | | | [#2252 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Got tests to pass with some more changes.Yehuda Katz2009-08-151-2/+3
| | | | | | | | | | | | | | | | * request.formats is much simpler now * For XHRs or Accept headers with a single item, we use the Accept header * For other requests, we use params[:format] or fallback to HTML * This is primarily to work around the fact that browsers provide completely broken Accept headers, so we have to whitelist the few cases we can specifically isolate and treat other requests as coming from the browser * For APIs, we can support single-item Accept headers, which disambiguates from the browsers * Requests to an action that only has an XML template from the browser will no longer find the template. This worked previously because most browsers provide a catch-all */*, but this was mostly accidental behavior. If you want to serve XML, either use the :xml format in links, or explicitly specify the XML template: render "template.xml".
* Introduce grouped_collection_select helper.codeape2009-08-091-0/+67
| | | | | | [#1249 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Make sure link_to generates the form with the specified :href if any [#2254 ↵Max Lapshin2009-08-101-1/+1
| | | | | | state:resolved] Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Fixed to_label_tag to accept id attribute without changing for attribute ↵Matt Duncan2009-08-091-0/+1
| | | | | | [#2660 status:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
* Support passing Redcloth options via textilize helper [#2973 state:resolved]rizwanreza2009-08-091-3/+11
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Clean up initializer and some of the internals of PartialRendererYehuda Katz2009-08-091-0/+4
|
* Don't call additional methods on builders passed to the atom_feed helper.Michael Koziarski2009-08-091-1/+1
| | | | | | Additionally, actually test that the atom_feed helper works with :xml as an option. [#1836 state:committed]
* Update truncate documentation / examples to more clearly demonstrate its ↵Steve St. Martin2009-08-081-8/+10
| | | | | | | | actual behavior [#3016 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Allow content_tag options to take an array [#1741 state:resolved] ↵rizwanreza2009-08-081-9/+7
| | | | | | | | | | [rizwanreza, Nick Quaranto] Example: content_tag('p', "limelight", :class => ["song", "play"]) # => <p class="song play">limelight</p> Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Allow radio buttons to work with booleans.José Valim2009-08-081-2/+2
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Add :include_blank option for select_tag [#1987 status:resolved]rizwanreza2009-08-081-0/+7
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* remove duplicate call to stringify_keys [#2587 status:resolved]Steve St. Martin2009-08-081-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Fix number_to_precision rounding error [#2071 state:resolved]wmoxam2009-08-081-1/+1
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Ruby 1.9.2: implicit argument passing of super from method defined by ↵Jeremy Kemper2009-08-071-3/+1
| | | | define_method() is not supported
* Improve a path in _render_partialYehuda Katz2009-08-061-0/+4
|