aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | | | :scissors: spacing after privateTrevor Turk2013-04-021-3/+0
| | | | | | |
* | | | | | | Be consistent when talking about cookies, key -> nameTrevor Turk2013-04-021-25/+25
| | | | | | |
* | | | | | | Fix permanent cookie jar accessor typoTrevor Turk2013-04-021-1/+1
|/ / / / / /
* | | | | | Prefer find_by over dynamic finders in rdocSam Ruby2013-04-023-4/+4
| | | | | |
* | | | | | Improve documentation around the cookie store auto-upgrade to encryptionTrevor Turk2013-04-011-22/+37
| | | | | |
* | | | | | Merge pull request #9978 from trevorturk/cookie-store-auto-upgradeSantiago Pastorino2013-04-013-76/+78
|\ \ \ \ \ \ | | | | | | | | | | | | | | Cookie-base session store auto-upgrade
| * | | | | | Allow transparent upgrading of legacy signed cookies to encrypted cookies; ↵Trevor Turk2013-03-283-76/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatically configure cookie-based sessions to use the best cookie jar given the app's config
* | | | | | | typo recomend -> recommendogawaso2013-04-011-2/+2
| | | | | | |
* | | | | | | Merge pull request #9680 from bdmac/time-zone-options-revert-grep-to-selectCarlos Antonio da Silva2013-03-311-1/+1
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Revert grep to select since they are not the same
| * | | | | | | Revert grep to select since they are not the sameBrian McManus2013-03-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A previous commit swapped out a call to select for a call to grep in time_zone_options_for_select. This behavior actually causes the regexp priority option to stop working. ActiveSupport::TimeZone overrides the =~ operator which is what the select block was using previously. Enumerable#grep checks pattern === element and in this case that would be /US/ === ActiveSupport::TimeZone which does not work because ActiveSupport::TimeZone does not supply an implicit converting to_str method, only an explicit to_s method. It would be impossible to provide a to_str method that behaves identically to the =~ method provided on ActiveSupport::TimeZone so the only option is to revert back to using select with =~.
* | | | | | | | Merge pull request #10015 from vipulnsward/remove_unused_variable_in_getSteve Klabnik2013-03-311-1/+1
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | remove unused variable and assignment
| * | | | | | | | remove unused variable and assignmentVipul A M2013-03-311-1/+1
| | | | | | | | |
* | | | | | | | | Merge pull request #10014 from vipulnsward/remove_unused_match_varSteve Klabnik2013-03-311-8/+8
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | remove unused match variables in selector
| * | | | | | | | | remove unused match variables in selectorVipul A M2013-03-311-8/+8
| |/ / / / / / / /
* / / / / / / / / fix wrong argument error messageVipul A M2013-03-311-1/+1
|/ / / / / / / /
* | | | | | / / Fix typos in AP: "overriden" => "overridden"Carlos Antonio da Silva2013-03-301-1/+1
| |_|_|_|_|/ / |/| | | | | |
* | | | | | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-03-306-84/+32
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: activerecord/lib/active_record/connection_adapters/abstract/schema_statements.rb activerecord/test/cases/adapter_test.rb guides/source/testing.md [ci skip]
| * | | | | | Fix typoCarson McDonald2013-03-261-1/+1
| | | | | | |
| * | | | | | Remove duplicated accepts_nested_attributes descriptionma2gedev2013-03-221-16/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | there are just the same description about accepts_nested_attributes [ci skip]
| * | | | | | Undo bad change in cf0931166be13dbbe660Steve Klabnik2013-03-191-1/+1
| | | | | | | | | | | | | | | | | | | | | I didn't know that this was about RDoc!
| * | | | | | Fixed small typosPrathamesh Sonpatki2013-03-192-2/+2
| | | | | | |
| * | | | | | The HTTP method helpers are preferred over match and should be explained ↵Trevor Turk2013-03-181-28/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | before named routes
| * | | | | | The default route has been removedTrevor Turk2013-03-181-24/+0
| | | | | | |
| * | | | | | Using match without via is deprecatedTrevor Turk2013-03-181-12/+12
| | | | | | |
| * | | | | | Capitalize the first letter of sentenceTatsuro Baba2013-03-181-1/+1
| | | | | | |
| * | | | | | Remove :all from *args options in AbstractController.helperBryan Ricker2013-03-161-1/+1
| | | | | | |
* | | | | | | Fixed grammarAnupam Choudhury2013-03-281-1/+1
| |/ / / / / |/| | | | |
* | | | | | Merge pull request #8458 from ↵Rafael Mendonça França2013-03-271-5/+9
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | lucisferre/improve-layout-override-fallback-behavior Provides standard layout lookup behavior for method and proc cases Conflicts: actionpack/CHANGELOG.md
| * | | | | Provides standard layout lookup behavior for method and proc casesChris Nicola2013-03-271-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When setting the layout either by referencing a method or supplying a Proc there is no way to fall back to the default lookup behavior if desired. This patch allows fallback to the layout lookup behavior when returning nil from the proc or method.
* | | | | | if cookie is tampered with then nil is returned [ci skip]Neeraj Singh2013-03-251-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if the given key is not found then verifier does raise `ActiveSupport::MessageVerifier::InvalidSignature` exception but this exception is resuced and finally nil is returned.
* | | | | | Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing ↵Trevor Turk2013-03-241-99/+99
| | | | | | | | | | | | | | | | | | | | | | | | signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4
* | | | | | Merge pull request #9704 from trevorturk/warn-about-skipped-routesJeremy Kemper2013-03-241-1/+9
|\ \ \ \ \ \ | | | | | | | | | | | | | | Raise an ArgumentError when a clashing named route is defined
| * | | | | | Tweak exception message to avoid giving potentially misleading suggestionsTrevor Turk2013-03-201-2/+3
| | | | | | |
| * | | | | | Raise an ArgumentError when a clashing named route is definedTrevor Turk2013-03-191-1/+8
| | | | | | |
* | | | | | | Fix some typosVipul A M2013-03-242-2/+2
| | | | | | |
* | | | | | | Merge pull request #8501 from charliesome/version-to-sRafael Mendonça França2013-03-231-6/+7
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add #to_s method to VERSION modules
| * | | | | | | Add version method to top level modulesCharlie Somerville2013-03-211-6/+7
| | |_|_|_|_|/ | |/| | | | |
* | | | | | | Fix documentation markup [ci skip]Rafael Mendonça França2013-03-231-0/+2
| | | | | | |
* | | | | | | StringIO is not required by default in JRubyArun Agrawal2013-03-221-0/+1
|/ / / / / /
* | | | | | Merge pull request #9802 from newsline/fix-broken-action-missingRafael Mendonça França2013-03-201-1/+1
|\ \ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix missing action_missing Conflicts: actionpack/CHANGELOG.md
| * | | | | Fix broken ActionController#action_missingJanko Luin2013-03-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A recent change introduced the assumption that all controller actions are known beforehand, which is not true when using action_missing.
* | | | | | Merge pull request #9794 from schneems/schneems/email-hostAndrew White2013-03-191-1/+12
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix improperly configured host in generated urls
| * | | | | | Fix improperly configured host in generated urlsschneems2013-03-191-1/+12
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the host in `default_url_options` is accidentally set with a protocol such as ``` host: "http://example.com" ``` then the generated url will have the protocol twice `http://http://example.com` which is not what the user intended. Likely they wanted to define a host `host: "example.com"` and a `protocol: "http://"` but did not know the convention. This may not the most common problem, but when it happens it can go undetected for a while. I accidentally added `http://` out of habit recently only to find all the links in my emails were broken after deploying a demo site to production. Rather than allow this accident go undetected, we can fix the problem in line by properly setting the protocol and host. I was able to find this related question on stack overflow: http://stackoverflow.com/questions/5878329/rails-3-devise-how-do-i-make-the-email-confirmation-links-use-secure-https-n where the answer was highly upvoted. This is based off of work in #7415 cc/ @pixeltrix ATP Action Mailer and Action Pack
* / / / / / Remove mentions of "app" from http request docs [ci skip]Carlos Antonio da Silva2013-03-191-12/+10
|/ / / / /
* | | | | drop an unused hash; change slang to SPECIALVipul A M2013-03-191-2/+2
| | | | |
* | | | | Digest auth should not 500 when given a basic header.Brad Dunbar2013-03-181-0/+1
| | | | |
* | | | | Merge branch 'master-sec'Aaron Patterson2013-03-181-5/+5
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master-sec: fix protocol checking in sanitization [CVE-2013-1857] JDOM XXE Protection [CVE-2013-1856] fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855] stop calling to_sym when building arel nodes [CVE-2013-1854]
| * | | | fix protocol checking in sanitization [CVE-2013-1857]Aaron Patterson2013-03-151-2/+2
| | | | |
| * | | | fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855]Charlie Somerville2013-03-151-3/+3
| | | | |
* | | | | Merge pull request #9753 from jbarreneche/bug/render-locale-fallbacksCarlos Antonio da Silva2013-03-181-1/+7
|\ \ \ \ \ | | | | | | | | | | | | i18n locale fallback for localized views
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 12:12:26 +0000