aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | | Fix typos, update documentationJames Lovejoy2018-01-111-2/+2
| | | | | | | | | | | | [ci skip]
* | | Merge pull request #31534 from claudiob/kaspth-approachKasper Timm Hansen2018-01-093-0/+35
|\ \ \ | | | | | | | | Don't include Active Storage migrations in new apps
| * | | Help if Active Storage tables are missingClaudio B2017-12-213-0/+35
| |/ / | | | | | | | | | | | | | | | When a user tries to create a new attachment or blog and the matching table is missing from the database (`active_storage_attachments` and `active_storage_blobs` by default), an informative error is displayed that invites users to run the `active_storage:install` task.
* | | Add 'Referrer-Policy' header to default headers setGuillermo Iguaran2018-01-081-1/+2
| | |
* | | Add missing require for `strip_heredoc`Peter Wagenet2018-01-041-0/+1
| | |
* | | Bump license years for 2018Yoshiyuki Hirano2017-12-312-2/+2
| | |
* | | Merge pull request #31449 from PHedkvist/headless_api_docEileen M. Uchitelle2017-12-181-0/+3
|\ \ \ | | | | | | | | Add headless browser support in api docs [ci skip]
| * | | Add headless browser support in api docs [ci skip]Pierre Hedkvist2017-12-181-0/+3
| | | |
* | | | Added reference to default value of `allow_other_host` [ci skip]Prathamesh Sonpatki2017-12-171-1/+1
| |/ / |/| |
* | | [ci skip] update linkDixit Patel2017-12-151-1/+1
|/ /
* | Merge pull request #31289 from witlessbird/fips-compatibilityEileen M. Uchitelle2017-12-141-1/+1
|\ \ | | | | | | Initial support for running Rails on FIPS-certified systems
| * | Introduced `ActiveSupport::Digest` that allows to specify hash function ↵Dmitri Dolguikh2017-12-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | implementation and defaults to `Digest::MD5`. Replaced calls to `::Digest::MD5.hexdigest` with calls to `ActiveSupport::Digest.hexdigest`.
* | | Enable `Layout/LeadingCommentSpace` to not allow cosmetic changes in the futureRyuta Kamizono2017-12-141-10/+10
| | | | | | | | | | | | Follow up of #31432.
* | | Change the system tests to set Puma as default server only when the user ↵Guillermo Iguaran2017-12-091-1/+1
| | | | | | | | | | | | haven't specified manually another server.
* | | Add secure `X-Download-Options` and `X-Permitted-Cross-Domain-Policies` to ↵Guillermo Iguaran2017-12-091-1/+3
| | | | | | | | | | | | default headers set.
* | | Merge pull request #30780 from ↵Sean Griffin2017-12-071-0/+10
|\ \ \ | | | | | | | | | | | | | | | | JackMc/fix-chrome-referrer-invalidauthenticitytoken Fix issue #30658 by checking explicitly for 'null' referrer
| * | | Add a better error message when a "null" Origin header occursJack McCracken2017-11-031-0/+10
| | | |
* | | | Add headless firefox driver to System Testsbogdanvlviv2017-12-072-3/+18
| | | |
* | | | Yield array from AC::Parameters#each for block with one argDominic Cleal2017-12-061-1/+1
| | | | | | | | | | | | | | | | Matches Hash#each behaviour as used in Rails 4.
* | | | Add missing requireyuuji.yaginuma2017-12-051-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Follow up of 3c442b6df91e291ebbf17f37444414bf5f10fbe6 Without this require, it will fail when run CSP test alone. Ref: https://travis-ci.org/rails/rails/jobs/311715758#L2976
* | | | Fix CSP copy boolean directives (#31326)Simon Dawson2017-12-051-5/+1
| |/ / |/| | | | | Use Object#deep_dup to safely duplicate policy values
* | | Make screenshots default to "simple" formateileencodes2017-11-291-10/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | Not everyone uses iTerm2 and whereas Terminal.app on a mac just ignores that and outputs the path, other terminals like those on Ubuntu do not. A friendlier default is one that works by default. Closes #31159 Closes #30957
* | | Fix typo in mime type registeringGuillermo Iguaran2017-11-291-1/+1
| | |
* | | Restore mpeg mime type, delete less common mime typesGuillermo Iguaran2017-11-291-9/+4
| | | | | | | | | | | | See discussion in #31251
* | | Register "audio/mp4" mime type with :m4a symbolGuillermo Iguaran2017-11-291-1/+1
| | |
* | | Register most popular audio/video/font mime types supported by modern browsersGuillermo Iguaran2017-11-281-1/+19
| | |
* | | Preparing for 5.2.0.beta2 releaseRafael Mendonça França2017-11-281-1/+1
| | |
* | | Fix optimized url helpers when using relative url rootAndrew White2017-11-281-0/+10
| | | | | | | | | | | | Fixes #31220.
* | | Preparing for 5.2.0.beta1 releaseRafael Mendonça França2017-11-271-1/+1
| | |
* | | Add DSL for configuring Content-Security-Policy headerAndrew White2017-11-276-0/+263
| | | | | | | | | | | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
* | | Merge pull request #24510 from ↵Rafael Mendonça França2017-11-252-9/+6
|\ \ \ | | | | | | | | | | | | | | | | | | | | vipulnsward/make-variable_size_secure_compare-public Make variable_size_secure_compare public
| * | | Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`,Vipul A M2017-06-072-9/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings.
* | | | Merge pull request #31195 from mltsy/patch-2Vipul A M2017-11-241-1/+1
|\ \ \ \ | | | | | | | | | | Fix tld_length documentation in ActionDispatch::Cookies [ci skip]
| * | | | Fix tld_length documentationJoe Marty2017-11-211-1/+1
| | | | | | | | | | | | | | | Change recommendation for tld_length (for sharing cookies across subdomains of a 2-token TLD), to 2 instead of 1.
* | | | | Fix CustomUrls#direct doc formattingT.J. Schuck2017-11-221-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | Particularly, the bulleted list was getting formatted as a code block because of the extra level of indentation. Pulling it back to the left makes it render properly as a list instead. [ci skip]
* | | | | Update incorrect backtick usage in RDoc to teletypeT.J. Schuck2017-11-223-6/+6
|/ / / / | | | | | | | | [ci skip]
* | | | Bump RuboCop to 0.51.0Koichi ITO2017-11-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ## Summary RuboCop 0.51.0 was released. https://github.com/bbatsov/rubocop/releases/tag/v0.51.0 And rubocop-0-51 channel is available in Code Climate. https://github.com/codeclimate/codeclimate-rubocop/issues/109 This PR will bump RuboCop to 0.51.0 and fixes the following new offenses. ```console % bundle exec rubocop Inspecting 2358 files (snip) Offenses: actionpack/lib/action_controller/metal/http_authentication.rb:251:59: C: Prefer double-quoted strings unless you need single quotes to avoid extra backslashes for escaping. [key.strip, value.to_s.gsub(/^"|"$/, "").delete('\'')] ^^^^ activesupport/test/core_ext/load_error_test.rb:8:39: C: Prefer double-quoted strings unless you need single quotes to avoid extra backslashes for escaping. assert_raise(LoadError) { require 'no_this_file_don\'t_exist' } ^^^^^^^^^^^^^^^^^^^^^^^^^^^ 2358 files inspected, 2 offenses detected ```
* | | | Merge pull request #31078 from aeroastro/feature/fix-typoRafael França2017-11-091-2/+2
|\ \ \ \ | | | | | | | | | | Fix typoes on ActionDispatch::HTTP::FilterParameters
| * | | | Fix typo on ActionDispatc::HTTP::FilterParametersTakumasa Ochi2017-11-071-2/+2
| | | | |
* | | | | Merge pull request #22435 from yui-knk/fix_engine_route_testRafael Mendonça França2017-11-063-6/+15
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | Make `assert_recognizes` to traverse mounted engines
| * | | | | Make `assert_recognizes` to traverse mounted enginesyui-knk2016-04-233-6/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this commit paths of mounted engines are not traversed when `assert_recognizes` is called, causing strange test results. This commit enable to traverse mounted paths.
* | | | | | Explicitly pass window handle to `resize_window_to`yuuji.yaginuma2017-11-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unlike `resize_window`, `resize_window_to` has three arguments. https://github.com/thoughtbot/capybara-webkit/blob/d63c3c8e3ae844f0c59359532a6dcb50f4a64d0a/lib/capybara/webkit/driver.rb#L135-L143 Therefore, if pass only width and height just like `resize_window`, `ArgumentError`will be raised. To prevent this, explicitly pass window handler. Follow up of #31046
* | | | | | Merge pull request #31055 from ↵Ryuta Kamizono2017-11-051-0/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | y-yagi/show_request_forgery_protection_methods_in_api_doc Show `RequestForgeryProtection` methods in api doc [ci skip]
| * | | | | | Show `RequestForgeryProtection` methods in api doc [ci skip]yuuji.yaginuma2017-11-051-0/+1
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several methods of `RequestForgeryProtection` are not showed in the api doc even though `:doc:` is specified. (e.g. `form_authenticity_param`) http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html These methods are listed in the doc of v4.1. http://api.rubyonrails.org/v4.1/classes/ActionController/RequestForgeryProtection.html This is due to the influence of `:nodoc:` added in #18102, methods after `CROSS_ORIGIN_JAVASCRIPT_WARNING` not showed from the doc. Therefore, in order to show the method like originally, added `startdoc` after `CROSS_ORIGIN_JAVASCRIPT_WARNING`.
* | | | | | Merge pull request #31046 from NARKOZ/fix-capybara-webkit-deprecationEileen M. Uchitelle2017-11-041-1/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix Capybara::Webkit::Driver#resize_window deprecation warning
| * | | | | | Fix Capybara::Webkit::Driver#resize_window deprecation warningNihad Abbasov2017-11-041-1/+1
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | >[DEPRECATION] Capybara::Webkit::Driver#resize_window is deprecated. Please use Capybara::Window#resize_to instead.
* / / / / / Improve docs of ActionDispatch::Routing::Mapperbogdanvlviv2017-11-031-4/+14
|/ / / / /
* | | | | Merge pull request #31034 from haneru/edit-commentEileen M. Uchitelle2017-11-021-1/+1
|\ \ \ \ \ | | | | | | | | | | | | [ci skip]Fix typo in comments.
| * | | | | Edited comment from request.rbhaneru2017-11-031-1/+1
| | | | | |
* | | | | | Prevent source line wrapping in rescue layoutDave Gynn2017-10-311-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Long source lines cause line wrapping in the extracted source section of the rescue handler page which can make the line numbers not match up with the source lines.