aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
* Add a role option to wrap_parameters.Nick Ragaz2012-05-041-2/+3
| | | | The role option identifies which parameters are accessible and should be wrapped. The default role is :default.
* Reset the request parameters after a constraints checkAndrew White2012-05-032-0/+6
| | | | | | | | | | | | | | A callable object passed as a constraint for a route may access the request parameters as part of its check. This causes the combined parameters hash to be cached in the environment hash. If the constraint fails then any subsequent access of the request parameters will be against that stale hash. To fix this we delete the cache after every call to `matches?`. This may have a negative performance impact if the contraint wraps a large number of routes as the parameters hash is built by merging GET, POST and path parameters. Fixes #2510. (cherry picked from commit 56030506563352944fed12a6bb4793bb2462094b)
* Fix #3993 assets:precompile task does not detect index filesDmitry Vorotilin2012-05-011-0/+3
|
* fix the Flash middleware loading the session on every request (very ↵Will Bryant2012-04-302-7/+3
| | | | dangerous especially with Rack::Cache), it should only be loaded when the flash method is called
* Add note about using 303 See Other for XHR requests other than GET/POSTAndrew White2012-04-301-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IE since version 6 and recently Chrome and Firefox have started following 302 redirects from XHR requests other than GET/POST using the original request method. This can lead to DELETE requests being redirected amongst other things. Although it doesn't directly affect the Rails framework since it doesn't return a 302 redirect to any non-GET/POST request a note has been added to raise awareness of the issue. Some references: Original article from @technoweenie: http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/ Hacker News discussion of the article: http://news.ycombinator.com/item?id=2903493 WebKit bug report: https://bugs.webkit.org/show_bug.cgi?id=46183 Firefox bug report and changeset: https://bugzilla.mozilla.org/show_bug.cgi?id=598304 https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d Chrome bug report: http://code.google.com/p/chromium/issues/detail?id=56373 HTTPbis bug report and changeset: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160 http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428 Roy T. Fielding's history of the issue: http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html Automated browser tests for the issue: http://www.mnot.net/javascript/xmlhttprequest/ Fixes #4144 (cherry picked from commit 24f143789a8989f3bccde14ff28067de25cafd87)
* Deprecate link_to_function and button_to_function helpersRafael Mendonça França2012-04-301-0/+4
|
* Add missing require when helpers are used in isolationRafael Mendonça França2012-04-301-0/+1
|
* Restore interpolation of path option in redirect routesAndrew White2012-04-291-0/+10
|
* Add missing require from b608cdd64c95d0d16eb98d86562e22f3b01be9e3Andrew White2012-04-291-0/+1
|
* Escape interpolated params when redirecting - fixes #5688Andrew White2012-04-291-1/+6
|
* Don't convert params if the request isn't HTML - fixes #5341Andrew White2012-04-291-6/+18
| | | | | | | | (cherry picked from commit 7a80b69e00f68e673c6ceb5cc684aa9196ed3d9f) Conflicts: actionpack/test/controller/test_test.rb
* Lazy load `default_form_builder` if it's passed as a stringPiotr Sarnacki2012-04-281-1/+7
| | | | closes #3341
* Do not mutate options hashCarlos Antonio da Silva2012-04-271-2/+2
|
* fix number_to_human docs [ci skip]Vijay Dev2012-04-261-2/+2
|
* converting some tests to assert_raises, and DRY'ing retrieve_variable changesTieg Zaharia2012-04-161-1/+1
| | | | | | Conflicts: actionpack/test/template/render_test.rb
* catch nil.to_sym errors in partial_renderer, and raise ArgumentError insteadTieg Zaharia2012-04-161-1/+1
|
* Fix the redirect when it receive blocks with arity of 1.Rafael Mendonça França2012-03-311-1/+2
| | | | Closes #5677
* Merge branch '3-2-3' into 3-2-stableSantiago Pastorino2012-03-301-1/+1
|\
| * Bump up to 3.2.3Santiago Pastorino2012-03-301-1/+1
| |
| * Remove the leading \n added by textarea on assert_selectSantiago Pastorino2012-03-301-0/+1
| |
| * Bumping to 3.2.3.rc2Santiago Pastorino2012-03-291-1/+1
| |
| * Set proper rendered_format when doing render :inlineSantiago Pastorino2012-03-281-2/+2
| | | | | | | | Closes #5632
| * Cover one more case in auth_token and remote formsPiotr Sarnacki2012-03-281-1/+1
| | | | | | | | | | If embedding auth_token in remote forms is off and we pass a value for auth_token it should respect it.
| * Merge pull request #5633 from drogus/embed-auth-token-in-remote-formsSantiago Pastorino2012-03-282-8/+24
| | | | | | | | Embed auth token in remote forms
| * Merge pull request #5619 from jcoleman/textarea-newline-fix-breaks-hamlSantiago Pastorino2012-03-272-2/+6
| | | | | | | | Textarea newline fix breaks haml (3-2-stable)
* | Remove the leading \n added by textarea on assert_selectSantiago Pastorino2012-03-301-0/+1
| |
* | Set proper rendered_format when doing render :inlineSantiago Pastorino2012-03-281-2/+2
| | | | | | | | Closes #5632
* | Cover one more case in auth_token and remote formsPiotr Sarnacki2012-03-281-1/+1
| | | | | | | | | | If embedding auth_token in remote forms is off and we pass a value for auth_token it should respect it.
* | Added config.action_view.embed_authenticity_token_in_remote_formsPiotr Sarnacki2012-03-282-8/+24
| | | | | | | | | | | | | | | | There is a regression introduced in 16ee611fa, which breaks remote forms that should also work without javascript. This commit introduces config option that allows to configure this behavior defaulting to the old behavior (ie. include authenticity token in remote forms by default)
* | Merge pull request #5622 from rafaelfranca/fix-2492-3-2Jeremy Kemper2012-03-271-2/+3
|\ \ | | | | | | [3-2-stable] Fix label_tag to merge the options hash with the object hash
| * | Check if the options hash already exists and merge it with the anotherRafael Mendonça França2012-03-271-10/+5
| | | | | | | | | | | | | | | | | | hash. Closes #2492 and #5614
| * | Fixing issue #2492. ActionView::Base.field_error_proc doesn't call for label.Andrey Samsonov2012-03-271-2/+8
| | | | | | | | | | | | | | | | | | objectify_options method should be applied to the proper options arg. See explanation and example of the bug - https://github.com/kryzhovnik/rails_field_error_proc_bug_example
* | | Merge pull request #5619 from jcoleman/textarea-newline-fix-breaks-hamlSantiago Pastorino2012-03-272-2/+6
|\ \ \ | |_|/ |/| | Textarea newline fix breaks haml (3-2-stable)
| * | Don't break Haml with textarea newline fix.James Coleman2012-03-272-2/+6
| | | | | | | | | | | | | | | | | | See issue #393, issue #4000, issue #5190, and issue #5191. Adds a newline after the textarea opening tag based on @codykrieger's original patch so that we don't cause regressions in Haml-using apps. The regression caused textarea tags to add newlines to the field unintentionally (each update/save added an extra newline.) Also fix 6 more tests that didn't yet have the newline expectation.
* | | Bumping to 3.2.3.rc1Santiago Pastorino2012-03-271-2/+2
| |/ |/|
* | If partial is rendered in controller, grab format from templatePiotr Sarnacki2012-03-271-2/+8
| | | | | | | | | | | | | | | | | | Previously `rendered_format` was set only based on mime types passed in Accept header, which was wrong if first type from Accept was different than rendered partial. The fix is to simply move setting rendered_format to the place where template is available and grab format from the template. If it fails we can fallback to formats passed by Accept header.
* | Merge pull request #5597 from carlosantoniodasilva/fix-build-3-2José Valim2012-03-261-1/+1
|\ \ | |/ |/| Fix build for branch 3-2-stable - return the same session hash object
| * Return the same session data object when setting session idCarlos Antonio da Silva2012-03-241-1/+1
| | | | | | | | | | | | | | | | Make sure to return the same hash object instead of returning a new one. Returning a new one causes failures on cookie store tests, where it tests for the 'Set-Cookie' header with the session signature. This is due to the hash ordering changes on Ruby 1.8.7-p358.
* | apply form_for namespace option to date_selectSergey Nartimov2012-03-261-1/+4
|/
* Fix GH #5411. When precompiling, params method is undefined.kennyj2012-03-221-1/+1
|
* We dont need to merge in the parameters as thats all being reset by the rack ↵David Heinemeier Hansson2012-03-201-1/+0
| | | | headers (and its causing problems for Strong Parameters attempt of wrapping request.parameters because it will change in testing)
* Fix #5440 - multiple render_to_string breaks partials formatsPiotr Sarnacki2012-03-171-0/+1
| | | | | | | | | This fixes situation where rendering template to string sets `rendered_format` to the format rendered there. This is ok to have consistent formats rendered in partials, but it breaks on next renders if format is explicitly set or on last render where default format does not necessarily need to be the format of first rendered template.
* Merge pull request #5456 from brianmario/redirect-sanitizationAaron Patterson2012-03-152-2/+2
| | | | Strip null bytes from Location header
* Merge pull request #5338 from mreinsch/3-2-static_invalid_byte_sequenceAaron Patterson2012-03-151-0/+1
|\ | | | | 3 2 static invalid byte sequence
| * fix ArgumentError being raised in case of invalid byte sequencesMichael Reinsch2012-03-081-0/+1
| |
* | Remove ActionController::TestCase#rescue_action_in_public!Piotr Sarnacki2012-03-151-5/+0
| | | | | | | | | | | | This method has no effect since exception handling was moved to middlewares and ActionController tests do not use any middlewares.
* | Allow you to force the authenticity_token to be rendered even on remote ↵David Heinemeier Hansson2012-03-141-5/+9
| | | | | | | | forms if you pass true
* | Do not include the authenticity token in forms where remote: true as ajax ↵David Heinemeier Hansson2012-03-141-2/+9
| | | | | | | | forms use the meta-tag value
* | Fix layout method doc formattingAlexey Vakhov2012-03-131-2/+1
|/
* Remove usage of deprecated module.José Valim2012-03-071-1/+0
|