aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
...
| * Add missing av/railtie requireŁukasz Strzałkowski2013-12-221-0/+1
| |
| * optimizes array conversion in AC::ParametersXavier Noria2013-12-211-2/+12
| |
| * refactors AC::Parameters#fetchXavier Noria2013-12-211-10/+3
| | | | | | | | | | | | | | | | AC::Parameters#fetch was refactored in 7171111 to prevent self mutation, but in doing so it hardcodes logic #convert_hashes_to_parameters is supposed to encapsulate. Better leave the delegation, and add a way to avoid mutating self in there.
| * converts hashes in arrays of unfiltered params to unpermitted params [fixes ↵Xavier Noria2013-12-211-3/+10
| | | | | | | | #13382]
| * Merge pull request #13188 from imanel/skip_deep_mungeJeremy Kemper2013-12-192-0/+8
| |\ | | | | | | | | | | | | | | | | | | Add configuration option to optionally disable deep_munge Conflicts: actionpack/CHANGELOG.md
| | * Add configuration option to optionally disable deep_mungeBernard Potocki2013-12-052-0/+8
| | |
| * | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-12-203-3/+3
| |\ \
| | * | Typos. return -> returns. [ci skip]Lauro Caetano2013-12-033-3/+3
| | | |
| * | | Show routes defined under assets prefixRyunosuke SATO2013-12-191-1/+1
| | | | | | | | | | | | | | | | Closes #9625
| * | | Change all `MiniTest` to `Minitest` since, `MiniTest` namespace has been ↵Vipul A M2013-12-182-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | renamed to `Minitest` Ref: https://github.com/seattlerb/minitest/blob/master/History.txt
| * | | Get ready to release 4.1.0.beta1David Heinemeier Hansson2013-12-171-1/+1
| | | |
| * | | Clearly limit new CSRF protection to GET requestsJeremy Kemper2013-12-171-2/+7
| | | |
| * | | Merge pull request #13345 from jeremy/get-csrfJeremy Kemper2013-12-171-13/+61
| |\ \ \ | | | | | | | | | | CSRF protection from cross-origin <script> tags
| | * | | CSRF protection from cross-origin <script> tagsJeremy Kemper2013-12-171-13/+61
| | | | | | | | | | | | | | | | | | | | Thanks to @homakov for sounding the alarm about JSONP-style data leaking
| * | | | Some assorted fixes for the 4.1 release notes:Godfrey Chan2013-12-171-1/+1
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added release notes for secrets.yml and mentioned it in the highlights * Added release notes for Mailer previews and mentioned it in the highlights * Added release notes for Module#concerning * Removed mention for AV extraction from the highlights * Rearranged the major features to put highlighted features first * Various improvements and typo fixes [ci skip]
| * | | Add mailer previews feature based on mail_view gemAndrew White2013-12-171-1/+1
| | | |
| * | | Update secret_key_base Docsrobertomiranda2013-12-152-10/+11
| | | |
| * | | Fix syntax error in redirect_to examplePhilipe Fatio2013-12-141-1/+1
| | | | | | | | | | | | | | | | | | | | Without parenthesis, ruby assumes that curly braces denote the beginning of a block.
| * | | Merge pull request #13293 from akshay-vishnoi/typoCarlos Antonio da Silva2013-12-124-5/+5
| |\ \ \ | | | | | | | | | | Spelling and Grammar checks [ci skip]
| | * | | Spelling and Grammar checksAkshay Vishnoi2013-12-124-5/+5
| | | | |
| * | | | Variants inline syntax documentation [ci skip]Łukasz Strzałkowski2013-12-121-0/+9
| |/ / / | | | | | | | | | | | | | | | | | | | | * Extend method documentation * Mention it in actionpack/CHANGELOG * Update release notes
| * | | Merge pull request #13288 from dvsuresh/fix_typoDamien Mathieu2013-12-121-1/+1
| |\ \ \ | | | | | | | | | | Fix typo in action_controller responder.rb [ci skip]
| | * | | Fix typo in action_controller responder.rbdvsuresh2013-12-121-1/+1
| | | | |
| * | | | Merge pull request #13284 from aayushkhandelwal11/typos_correctedGodfrey Chan2013-12-111-1/+1
| |\ \ \ \ | | |/ / / | |/| | | s/everytime/every time/
| | * | | typos rectified [ci skip]Aayush khandelwal2013-12-121-1/+1
| | | | |
| * | | | Make ActionDispatch::Request::Session#fetch behave like Hash#fetchTrent Ogren2013-12-111-8/+8
| |/ / / | | | | | | | | | | | | | | | | | | | | Session#fetch was mutating the session when given a default argument and/or a block. Since Session duck-types as a Hash, it should behave like one in these cases.
| * | | Fix mounting engines inside a resources blockPiotr Sarnacki2013-12-101-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a route is mounted inside a resources block, it's automatically prefixed, so a following code: resources :users do mount Blog::Engine => '/blog' end will generate a user_blog path helper. In order to access engine helpers, we also use "mounted_helpers", a list of helpers associated with each mounted engine, so a path to blog's post can be generated using user_blog.post_path(user, post). The problem I'm fixing here is that mount used a raw :as option, without taking nestings into account. As a result, blog was added to a route set as a `user_blog`, but helper was generated for just `blog`. This commit applies the proper logic for defining a helper for a mounted engine nested in resources or resource block. (closes #8533)
| * | | Inline variants syntaxŁukasz Strzałkowski2013-12-101-2/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In most cases, when setting variant specific code, you're not sharing any code within format. Inline syntax can vastly simplify defining variants in those situations: respond_to do |format| format.js { render "trash" } format.html do |variant| variant.phone { redirect_to progress_path } variant.none { render "trash" } end end Becomes: respond_to do |format| format.js { render "trash" } format.html.phone { redirect_to progress_path } format.html.none { render "trash" } end
| * | | Simplify @responses hash initializationŁukasz Strzałkowski2013-12-101-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | @responses hash needs to be initialized with mime types that we get from Collector#collect_mimes_from_class_level. Mime::Type class as key and nil as value. This need to happen before content negotiation. Before that, it was looping though mime types and executing mime-type-generated method inside collector (see AbstractController::Collector#generate_method_for_mime). That approach resulted in 2 unnecessary method calls for each mime type collected by Collector#collect_mimes_from_class_level. Now hash is initialized in place, without usage of Collector#custom method.
| * | | Revert "Merge pull request #13235 from strzalek/variants-inline" -- needs a ↵David Heinemeier Hansson2013-12-081-15/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | little more work! This reverts commit 186161148a189839a1e0924043f068a8d155ce69, reversing changes made to cad9eb178ea5eec0e27d74e93518f4ed34e2f997.
| * | | Merge pull request #13235 from strzalek/variants-inlineDavid Heinemeier Hansson2013-12-081-9/+15
| |\ \ \ | | | | | | | | | | Inline syntax for variants
| | * | | Inline variants syntaxŁukasz Strzałkowski2013-12-081-8/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In most cases, when setting variant specific code, you're not sharing any code within format. Inline syntax can vastly simplify defining variants in those sitiations: respond_to do |format| format.js { render "trash" } format.html do |variant| variant.phone { redirect_to progress_path } variant.none { render "trash" } end end ` Becomes: respond_to do |format| format.js { render "trash" } format.html.phone { redirect_to progress_path } format.html.none { render "trash" } end
| | * | | Simplify @responses hash initializationŁukasz Strzałkowski2013-12-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | @responses hash needs to be initialized with mime types that we get from Collector#collect_mimes_from_class_level. Mime::Type class as key and nil as value. This need to happen before content negotiation. Before that, it was looping though mime types and executing mime-type-generated method inside collector (see AbstractController::Collector#generate_method_for_mime). That approach resulted in 2 unnecessary method calls for each mime type collected by Collector#collect_mimes_from_class_level. Now hash is initialized in place, without usage of Collector#custom method.
| * | | | Require action_view explicitly in AC::BaseŁukasz Strzałkowski2013-12-082-0/+2
| |/ / /
| * | | Variants can be declared without a block to signify their presence in the ↵David Heinemeier Hansson2013-12-071-1/+3
| | | | | | | | | | | | | | | | controller
| * | | Allow code execution in case no variant has been set with variant.noneDavid Heinemeier Hansson2013-12-071-4/+5
| | | |
| * | | Add Mime::Type.register "text/vcard", :vcf to the default list of mime typesDavid Heinemeier Hansson2013-12-051-0/+1
| | | |
| * | | Merge pull request #13189 from strzalek/retain-ap-av-depJeremy Kemper2013-12-052-15/+4
| |\ \ \ | | | | | | | | | | Retain ActionPack dependency on ActionView. Fixes #12979.
| | * | | Retain ActionPack dependency on ActionViewŁukasz Strzałkowski2013-12-052-15/+4
| | | | |
| * | | | remove nil in NullType#ref.Angelo capilleri2013-12-041-3/+1
| | |_|/ | |/| | | | | | | | | | | | | | Return Nil is implicit in a method and this syntax is used in the others classes
| * | | Improve a couple exception messages related to variants and mime typesCarlos Antonio da Silva2013-12-033-15/+19
| | | | | | | | | | | | | | | | | | | | Avoid one-liner conditionals when they are too big. Avoid concatenating strings to build error messages. Improve messages a bit.
| * | | Add nodoc to added VariantFilter classCarlos Antonio da Silva2013-12-031-3/+3
| |/ /
| * | Action Pack VariantsŁukasz Strzałkowski2013-12-044-5/+71
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default, variants in the templates will be picked up if a variant is set and there's a match. The format will be: app/views/projects/show.html.erb app/views/projects/show.html+tablet.erb app/views/projects/show.html+phone.erb If request.variant = :tablet is set, we'll automatically be rendering the html+tablet template. In the controller, we can also tailer to the variants with this syntax: class ProjectsController < ActionController::Base def show respond_to do |format| format.html do |html| @stars = @project.stars html.tablet { @notifications = @project.notifications } html.phone { @chat_heads = @project.chat_heads } end format.js format.atom end end end The variant itself is nil by default, but can be set in before filters, like so: class ApplicationController < ActionController::Base before_action do if request.user_agent =~ /iPad/ request.variant = :tablet end end end This is modeled loosely on custom mime types, but it's specifically not intended to be used together. If you're going to make a custom mime type, you don't need a variant. Variants are for variations on a single mime types.
| * | Change deep_munge call to avoid deprecation warningCarlos Antonio da Silva2013-12-031-2/+2
| | |
| * | Merge branch 'master-sec'Aaron Patterson2013-12-031-2/+2
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master-sec: Deep Munge the parameters for GET and POST Stop using i18n's built in HTML error handling. Ensure simple_format escapes its html attributes Escape the unit value provided to number_to_currency Only use valid mime type symbols as cache keys
| | * | Deep Munge the parameters for GET and POSTMichael Koziarski2013-12-021-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous implementation of this functionality could be accidentally subverted by instantiating a raw Rack::Request before the first Rails::Request was constructed. Fixes CVE-2013-6417
| * | | Convert Mime::NullType in a singletonGuillermo Iguaran2013-12-031-1/+4
| | | |
| * | | Cleanups in comment about conditionalGuillermo Iguaran2013-12-031-1/+2
| | | |
| * | | Merge branch 'format_localized_template' of https://github.com/acapilleri/railsGuillermo Iguaran2013-12-031-1/+1
| |\ \ \ | | |/ / | |/| | | | | | | | | | Conflicts: actionpack/CHANGELOG.md
| | * | Fix header Content-Type: #<Mime::NullType:...> in localized templateAngelo capilleri2013-12-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR fixes #13064 regression bug introduced by the #8085 Now in _process_format when the format is a Mime::NullType nothing is written in self.content_type. In this way the method Response#assign_default_content_type_and_charset can write the the default mime_type.