aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | use a strategy object for generating urls in named helpersAaron Patterson2014-07-172-21/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since we know that the route should be a path or fully qualified, we can pass a strategy object that handles generation. This allows us to eliminate an "if only_path" branch when generating urls.
* | | | | extract path building to a methodAaron Patterson2014-07-161-9/+11
| | | | |
* | | | | break out path building logic to methodsAaron Patterson2014-07-161-14/+22
| | | | |
* | | | | only extract :params from the options hash onceAaron Patterson2014-07-161-3/+2
| | | | |
* | | | | we do not need to dup the options hash, it is private and a new object each callAaron Patterson2014-07-161-2/+2
| | | | |
* | | | | push rails app testing upAaron Patterson2014-07-161-9/+13
| | | | | | | | | | | | | | | | | | | | this way we only have to test for whether it is a rails app once.
* | | | | Rails-ish apps should descend from Rails::RailtieAaron Patterson2014-07-161-8/+3
| | | | | | | | | | | | | | | | | | | | | | | | | Use an is_a check to ensure it's a Railsish app so we can avoid respond_to calls everywhere.
* | | | | app should always be a class (I suppose)Aaron Patterson2014-07-161-1/+1
| | | | |
* | | | | we should be checking if the app is a classAaron Patterson2014-07-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Hopefully `object.class` always returns something that is_a?(Class), so the previous logic didn't really make sense.
* | | | | extract inner options before delegating to the helperAaron Patterson2014-07-161-7/+13
| | | | | | | | | | | | | | | | | | | | | | | | | If we extract the options from the user facing method call ASAP, then we can simplify internal logic.
* | | | | always transcode the file to utf-8Aaron Patterson2014-07-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | people may be passing filenames to the constructor that are not utf-8, but they will assome that calling `original_filename` returns utf-8 (because that's what it used to do).
* | | | | Don't accept parameters as argument for redirect to [via @homakov]Santiago Pastorino2014-07-161-0/+1
| | | | | | | | | | | | | | | | | | | | Closes #16170
* | | | | routed applications will respond to these methodsAaron Patterson2014-07-152-2/+2
| | | | |
* | | | | rack 1.6 encodes the filenames in posts correctly nowAaron Patterson2014-07-151-8/+1
| | | | |
* | | | | RouteSet should be in charge of constructing the dispatherAaron Patterson2014-07-152-8/+13
| | | | | | | | | | | | | | | | | | | | Now we can override how requests are dispatched in the routeset object
* | | | | Stash original path in `ShowExceptions` middlewareGrey Baker2014-07-141-0/+1
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `ActionDispatch::ShowExceptions` overwrites `PATH_INFO` with the status code for the exception defined in `ExceptionWrapper`, so the path the user was visiting when an exception occurred was not previously available to any custom exceptions_app. The original `PATH_INFO` is now stashed in `env["action_dispatch.original_path"]`.
* | | | Use `#bytesize` instead of `#size` when checking for cookie overflowAgis-2014-07-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Although the cookie values happens to be ASCII strings because they are Base64 encoded, it is semantically incorrect to check for the number of the characters in the cookie, when we actually want to check for the number of the bytes it consists of. Furthermore it is unecessary coupling with the current implementation that uses Base64 for encoding the values.
* | | | Removed single space padding from empty response body.Godfrey Chan2014-07-101-6/+2
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `render nothing: true` or rendering a `nil` body no longer add a single space to the response body. The old behavior was added as a workaround for a bug in an early version of Safari, where the HTTP headers are not returned correctly if the response body has a 0-length. This is been fixed since and the workaround is no longer necessary. Use `render body: ' '` if the old behavior is desired.
* | | Merge branch 'rosetta_flash' of https://github.com/gcampbell/rails into ↵Aaron Patterson2014-07-101-1/+1
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gcampbell-rosetta_flash * 'rosetta_flash' of https://github.com/gcampbell/rails: Address CVE-2014-4671 (JSONP Flash exploit) Conflicts: actionpack/CHANGELOG.md
| * | | Address CVE-2014-4671 (JSONP Flash exploit)Greg Campbell2014-07-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Adds a comment before JSONP callbacks. See http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/ for more details on the exploit in question.
* | | | Force encoding of US-ASCII to UTF-8 in unescape_uri.Karl Entwistle2014-07-101-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because URI paths may contain non US-ASCII characters we need to force the encoding of any unescaped URIs to UTF-8 if they are US-ASCII. This essentially replicates the functionality of the monkey patch to URI.parser.unescape in active_support/core_ext/uri.rb. Fixes #16104.
* | | | Merge pull request #16091 from tgxworld/reduce_creation_of_subscribersSantiago Pastorino2014-07-091-17/+13
|\ \ \ \ | |/ / / |/| | | Reduce number of subscriptions created.
| * | | Reduce number of subscriptions created.Guo Xiang Tan2014-07-081-17/+13
| | | |
* | | | Fix weird comment. [CI SKIP]Guo Xiang Tan2014-07-091-2/+2
| | | |
* | | | Merge pull request #13999 from jamox/update_rackAaron Patterson2014-07-082-12/+11
|\ \ \ \ | |/ / / |/| | | This updates rails to use edge rack
| * | | Since upgrading rack we can remove unnecessary string encodingsJarmo Isotalo2014-05-191-9/+2
| | | | | | | | | | | | | | | | https://github.com/rack/rack/commit/5a5aee36
| * | | Upgraded rackJarmo Isotalo2014-05-191-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As Rack has some non backwards compatible changes added required modifications to keep behaviour in rails close to same as before. Also modified generators to include rack/rack for not yet released version of rack
* | | | remove the mounted_helpers respond_to checkAaron Patterson2014-07-071-1/+1
| | | | | | | | | | | | | | | | It always responds to mounted_helpers now
* | | | always test against a routed rack app so there are always url_helpersAaron Patterson2014-07-071-1/+1
| | | |
* | | | Generate shallow paths for all children of shallow resources.Seb Jacobs2014-07-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to this commit shallow resources would only generate paths for non-direct children (with a nested depth greater than 1). Take the following routes file. resources :blogs do resources :posts, shallow: true do resources :comments do resources :tags end end end This would generate shallow paths for `tags` nested under `posts`, e.g `/posts/:id/tags/`, however it would not generate shallow paths for `comments` nested under `posts`, e.g `/posts/:id/comments/new`. This commit changes the behaviour of the route mapper so that it generate paths for direct children of shallow resources, for example if you take the previous routes file, this will now generate shallow paths for `comments` nested under `posts`, .e.g `posts/:id/comments/new`. This was the behaviour in Rails `4.0.4` however this was broken in @jcoglan's fix for another routes related issue[1]. This also fixes an issue[2] reported by @smdern. [1] https://github.com/rails/rails/commit/d0e5963 [2] https://github.com/rails/rails/issues/15783
* | | | Merge pull request #16013 from tgxworld/remove_symbolized_path_parametersRafael Mendonça França2014-07-043-5/+5
|\ \ \ \ | | | | | | | | | | Remove symbolized_path_parameters.
| * | | | Remove symbolized_path_parameters.Guo Xiang Tan2014-07-023-5/+5
| | | | | | | | | | | | | | | | | | | | This pull request is a continuation of https://github.com/rails/rails/commit/925bd975 and https://github.com/rails/rails/commit/8d8ebe3d.
* | | | | Merge pull request #16011 from xjlu/token_and_optionsRafael Mendonça França2014-07-041-1/+1
|\ \ \ \ \ | | | | | | | | | | | | Improve token_and_options regex and test
| * | | | | Improve token_and_options regex and testXinjiang Lu2014-07-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | add a test case to test the regex for the helper method raw_params
* | | | | | [ci skip] /javascript/ -> JavaScript - cover whole appAkshay Vishnoi2014-07-041-1/+1
| | | | | |
* | | | | | Change the JSON renderer to enforce the 'JS' Content TypeLucas Mazza2014-07-021-1/+4
| |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The controller can set the response format as 'JSON' before the renderer code be evaluated, so we must replace it when necessary. Fixes #15081
* | | | | flash doesn't pass objects #15522 [ci skip]Nishant Modak2014-07-011-3/+6
|/ / / /
* | | | makes it sound less misleadingShunsukeAida2014-07-021-2/+2
| | | |
* | | | Fix doc unwanted dl Admin:: [ci skip]Ciro Santilli2014-07-011-1/+1
| | | |
* | | | push host / port / protocol extraction upAaron Patterson2014-06-301-6/+6
| | | | | | | | | | | | | | | | Then we only need to extract host once.
* | | | Merge pull request #15933 from rafael/masterRafael Mendonça França2014-06-272-5/+24
|\ \ \ \ | |_|_|/ |/| | | | | | | | | | | | | | | Add always permitted parameters as a configurable option. [Rafael Mendonça França + Gary S. Weaver]
| * | | Improvements per code review.Rafael Chacón2014-06-271-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | * General style fixes. * Add changes to configuration guide. * Add missing tests.
| * | | Add always_permitted_parameters as an option.Rafael Chacón2014-06-262-5/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * This commit adds back the always_permitted_parameters configuration option to strong paramaters. * The initial pull requests where this feature was added are the following: - https://github.com/rails/rails/pull/12682 - https://github.com/rails/strong_parameters/pull/174
* | | | Merge pull request #15836 from DNNX/router-swap-select-sortRafael Mendonça França2014-06-241-1/+2
|\ \ \ \ | | | | | | | | | | Replace x.sort_by!.select! with x.select!.sort_by!
| * | | | Replace x.sort_by!.select! with x.select!.sort_by!Viktar Basharymau2014-06-201-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The latter has the same speed as the former in the worst case and faster in general, because it is always better to sort less items. Unfortunately, `routes.select!{...}.sort_by!{...}` is not possible here because `select!` returns `nil`, so select! and sort! must be done in two steps.
* | | | | `:nodoc: all` does not remove the constants from the API. [ci skip]Yves Senn2014-06-241-1/+1
|/ / / / | | | | | | | | | | | | | | | | Need to add individual `:nodoc:` for nested classes / modules to completely remove the constants from the API.
* | | | Merge pull request #15537 from tgxworld/fix_state_leakMatthew Draper2014-06-201-1/+0
|\ \ \ \ | | | | | | | | | | Fix state leak.
| * | | | Prevent state leak.Guo Xiang Tan2014-06-051-1/+0
| | | | |
* | | | | add both branches to the only_path conditionalAaron Patterson2014-06-191-6/+6
| | | | |
* | | | | Relpace `=~ Regexp.new str` with `.include? str` in AC::Base#_valid_action_name?Viktar Basharymau2014-06-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because it is more natural way to test substring inclusion. Also, in this particular case it is much faster. In general, using `Regexp.new str` for such kind of things is dangerous. The string must be escaped, unless you know what you're doing. Example: Regexp.new "\\" # HELLO WINDOWS # RegexpError: too short escape sequence: /\/ The right way to do this is escape the string Regexp.new Regexp.escape "\\" # => /\\/ Here is the benchmark showing how faster `include?` call is. ``` require 'benchmark/ips' Benchmark.ips do |x| x.report('include?') { !"index".to_s.include? File::SEPARATOR } x.report(' !~ ') { "index" !~ Regexp.new(File::SEPARATOR) } end __END__ Calculating ------------------------------------- include? 75754 i/100ms !~ 21089 i/100ms ------------------------------------------------- include? 3172882.3 (±4.5%) i/s - 15832586 in 5.000659s !~ 322918.8 (±8.6%) i/s - 1602764 in 4.999509s ``` Extra `.to_s` call is needed to handle the case when `action_name` is `nil`. If it is omitted, some tests fail.
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 14:49:33 +0000