aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
* if cookie is tampered with then nil is returned [ci skip]Neeraj Singh2013-03-251-4/+2
| | | | | | if the given key is not found then verifier does raise `ActiveSupport::MessageVerifier::InvalidSignature` exception but this exception is resuced and finally nil is returned.
* Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing ↵Trevor Turk2013-03-241-99/+99
| | | | signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4
* Merge pull request #9704 from trevorturk/warn-about-skipped-routesJeremy Kemper2013-03-241-1/+9
|\ | | | | Raise an ArgumentError when a clashing named route is defined
| * Tweak exception message to avoid giving potentially misleading suggestionsTrevor Turk2013-03-201-2/+3
| |
| * Raise an ArgumentError when a clashing named route is definedTrevor Turk2013-03-191-1/+8
| |
* | Fix some typosVipul A M2013-03-242-2/+2
| |
* | Merge pull request #8501 from charliesome/version-to-sRafael Mendonça França2013-03-231-6/+7
|\ \ | | | | | | Add #to_s method to VERSION modules
| * | Add version method to top level modulesCharlie Somerville2013-03-211-6/+7
| | |
* | | Fix documentation markup [ci skip]Rafael Mendonça França2013-03-231-0/+2
| | |
* | | StringIO is not required by default in JRubyArun Agrawal2013-03-221-0/+1
|/ /
* | Merge pull request #9802 from newsline/fix-broken-action-missingRafael Mendonça França2013-03-201-1/+1
|\ \ | |/ |/| | | | | | | | | Fix missing action_missing Conflicts: actionpack/CHANGELOG.md
| * Fix broken ActionController#action_missingJanko Luin2013-03-201-1/+1
| | | | | | | | | | A recent change introduced the assumption that all controller actions are known beforehand, which is not true when using action_missing.
* | Merge pull request #9794 from schneems/schneems/email-hostAndrew White2013-03-191-1/+12
|\ \ | | | | | | Fix improperly configured host in generated urls
| * | Fix improperly configured host in generated urlsschneems2013-03-191-1/+12
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the host in `default_url_options` is accidentally set with a protocol such as ``` host: "http://example.com" ``` then the generated url will have the protocol twice `http://http://example.com` which is not what the user intended. Likely they wanted to define a host `host: "example.com"` and a `protocol: "http://"` but did not know the convention. This may not the most common problem, but when it happens it can go undetected for a while. I accidentally added `http://` out of habit recently only to find all the links in my emails were broken after deploying a demo site to production. Rather than allow this accident go undetected, we can fix the problem in line by properly setting the protocol and host. I was able to find this related question on stack overflow: http://stackoverflow.com/questions/5878329/rails-3-devise-how-do-i-make-the-email-confirmation-links-use-secure-https-n where the answer was highly upvoted. This is based off of work in #7415 cc/ @pixeltrix ATP Action Mailer and Action Pack
* / Remove mentions of "app" from http request docs [ci skip]Carlos Antonio da Silva2013-03-191-12/+10
|/
* drop an unused hash; change slang to SPECIALVipul A M2013-03-191-2/+2
|
* Digest auth should not 500 when given a basic header.Brad Dunbar2013-03-181-0/+1
|
* Merge branch 'master-sec'Aaron Patterson2013-03-181-5/+5
|\ | | | | | | | | | | | | | | * master-sec: fix protocol checking in sanitization [CVE-2013-1857] JDOM XXE Protection [CVE-2013-1856] fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855] stop calling to_sym when building arel nodes [CVE-2013-1854]
| * fix protocol checking in sanitization [CVE-2013-1857]Aaron Patterson2013-03-151-2/+2
| |
| * fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855]Charlie Somerville2013-03-151-3/+3
| |
* | Merge pull request #9753 from jbarreneche/bug/render-locale-fallbacksCarlos Antonio da Silva2013-03-181-1/+7
|\ \ | | | | | | i18n locale fallback for localized views
| * | Include I18n fallbacks in :locale lookup contextJuan Barreneche2013-03-161-1/+7
| | |
* | | Merge pull request #9754 from macksmind/fix_actionpack_warningsRafael Mendonça França2013-03-171-1/+2
|\ \ \ | | | | | | | | Fix rake test warnings in actionpack
| * | | Fix rake test warnings in actionpackMack Earnhardt2013-03-171-1/+2
| |/ /
* / / Allow pass multipart option to form_forGrzegorz Derebecki2013-03-171-1/+1
|/ /
* | Merge pull request #5606 from teohm/multipart_unicode_param_nameSteve Klabnik2013-03-153-31/+24
|\ \ | | | | | | multipart POST - utf8 param name not encoded
| * | UTF-8 encode all keys and values in nested params hash.Teo Hui Ming2013-03-153-31/+24
| | |
* | | Fix typos and improve docs a bit [ci skip]Carlos Antonio da Silva2013-03-151-7/+5
| | |
* | | document request simulation methods in functional tests.Yves Senn2013-03-151-7/+27
| | |
* | | `Http::Headers` directly modifies the passed environment.Yves Senn2013-03-152-4/+4
|/ / | | | | | | | | | | | | | | | | The env hash passed to `Http::Headers#new` must be in env format. Also be aware that the passed hash is modified directly. docs and test-cases for setting headers/env in functional tests. Follow up to #9700.
* | Handle conditional get in live requests - this will prevent error when using ↵Bernard Potocki2013-03-141-0/+4
| | | | | | | | stale on live streams(issue #9636)
* | Add extra clarifying line in docs. [ci skip]Steve Klabnik2013-03-131-0/+1
| |
* | Fix docs: response -> request.Steve Klabnik2013-03-131-2/+2
| | | | | | | | Even though I read it carefully, my brain tricked me. :cry:
* | Merge pull request #9698 from garethrees/request_documentationSteve Klabnik2013-03-131-0/+16
|\ \ | | | | | | Add documentation to ActionDispatch::Request
| * | Add documentation to ActionDispatch::RequestGareth Rees2013-03-131-0/+16
| | |
* | | `Http::Headers` respects dotted env vars, symbols, headers with numbers.Yves Senn2013-03-131-11/+6
| | |
* | | allow headers and env to be passed in `IntegrationTest`.Yves Senn2013-03-132-35/+49
| | | | | | | | | | | | Closes #6513.
* | | refactor, `Http::Headers` stores headers in env notationYves Senn2013-03-131-17/+21
| | | | | | | | | | | | | | | Also: cleanup, use consistent syntax for `Http::Header` and test.
* | | Http::Headers respects headers that are not prefixed with HTTP_Yves Senn2013-03-131-1/+13
| | |
* | | Change from each to each_value in http/parameters since we don't use keyVipul A M2013-03-131-1/+1
|/ /
* | Skip fetching path if the iteration is going to be skippedCarlos Antonio da Silva2013-03-111-2/+2
| |
* | Merge pull request #9626 from dasch/dasch/instrument-strong-paramsJosé Valim2013-03-092-1/+7
|\ \ | | | | | | Use AS::Notifications to instrument Strong Params
| * | Use the instrumentation framework to instrument Strong ParamsDaniel Schierbeck2013-03-072-1/+7
| | |
* | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-03-101-1/+1
|\ \ \
| * | | Update capture_helper.rbJess Brown2013-03-061-1/+1
| | |/ | |/| | | | if there's content for the right column, then we need the two-column class, if not the one-column
* | | ensure response.stream is closedSam Ruby2013-03-091-0/+1
| | |
* | | Fix incorrectly appended square brackets to a multiple select boxOlek Janiszewski2013-03-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If an explicit name has been given and it already ends with "[]" Before: select(:category, [], {}, multiple: true, name: "post[category][]") # => <select name="post[category][][]" ...> After: select(:category, [], {}, multiple: true, name: "post[category][]") # => <select name="post[category][]" ...>
* | | Fix hash spaces and use 1.9 style hash [ci skip]Carlos Antonio da Silva2013-03-071-1/+1
| | |
* | | Merge pull request #9464 from jcoyne/assert_template_fileRafael Mendonça França2013-03-073-2/+18
|\ \ \ | | | | | | | | Allow use of assert_template with the :file option.
| * | | Allow use of assert_template with the :file option.Justin Coyne2013-03-013-2/+18
| | | | | | | | | | | | | | | | This worked in Rails 3.2, but was a regression in 4.0.0.beta1