aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Collapse)AuthorAgeFilesLines
* Consistent behavior for session and cookies with to_h and to_hash methodIgor Kasyanchuk2018-01-312-0/+4
|
* Start Rails 6.0 development!!!Rafael Mendonça França2018-01-301-3/+3
| | | | :tada::tada::tada:
* Merge pull request #31815 from composerinteralia/make-request-idGeorge Claghorn2018-01-291-1/+1
|\ | | | | Allow @ in X-Request-Id header
| * Allow @ in X-Request-Id headerDaniel Colson2018-01-291-1/+1
| | | | | | | | | | | | | | It makes sense to be as strict as possible with headers from the outside world, but allowing @ to support Apache's mod_unique_id (see #31644) seems OK to me
* | ActionController::TestCase: fix #post documentation [ci skip]Misty De Meo2018-01-291-1/+1
|/ | | | Fixes #31823.
* Remove code duplication for `ActionController::Metal.action`fatkodima2018-01-221-10/+8
|
* Fix typos. Improve text_helper documentation.James Lovejoy2018-01-191-3/+3
| | | | [ci skip]
* Merge pull request #31732 from ↵Matthew Draper2018-01-191-1/+1
|\ | | | | | | | | koic/enable_autocorrect_for_lint_end_alignment_cop Enable autocorrect for `Lint/EndAlignment` cop
| * Enable autocorrect for `Lint/EndAlignment` copKoichi ITO2018-01-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ### Summary This PR changes .rubocop.yml. Regarding the code using `if ... else ... end`, I think the coding style that Rails expects is as follows. ```ruby var = if cond a else b end ``` However, the current .rubocop.yml setting does not offense for the following code. ```ruby var = if cond a else b end ``` I think that the above code expects offense to be warned. Moreover, the layout by autocorrect is unnatural. ```ruby var = if cond a else b end ``` This PR adds a setting to .rubocop.yml to make an offense warning and autocorrect as expected by the coding style. And this change also fixes `case ... when ... end` together. Also this PR itself is an example that arranges the layout using `rubocop -a`. ### Other Information Autocorrect of `Lint/EndAlignment` cop is `false` by default. https://github.com/bbatsov/rubocop/blob/v0.51.0/config/default.yml#L1443 This PR changes this value to `true`. Also this PR has changed it together as it is necessary to enable `Layout/ElseAlignment` cop to make this behavior.
* | Merge pull request #31713 from aellispierce/refactor-browser-optionsEileen M. Uchitelle2018-01-173-26/+53
|\ \ | |/ |/| Move browser config to its own class
| * Move browser checking to its own classAshley Ellis Pierce2018-01-153-26/+53
| |
* | Fix typos, update documentationJames Lovejoy2018-01-111-2/+2
| | | | | | | | [ci skip]
* | Merge pull request #31534 from claudiob/kaspth-approachKasper Timm Hansen2018-01-093-0/+35
|\ \ | | | | | | Don't include Active Storage migrations in new apps
| * | Help if Active Storage tables are missingClaudio B2017-12-213-0/+35
| |/ | | | | | | | | | | When a user tries to create a new attachment or blog and the matching table is missing from the database (`active_storage_attachments` and `active_storage_blobs` by default), an informative error is displayed that invites users to run the `active_storage:install` task.
* | Add 'Referrer-Policy' header to default headers setGuillermo Iguaran2018-01-081-1/+2
| |
* | Add missing require for `strip_heredoc`Peter Wagenet2018-01-041-0/+1
| |
* | Bump license years for 2018Yoshiyuki Hirano2017-12-312-2/+2
| |
* | Merge pull request #31449 from PHedkvist/headless_api_docEileen M. Uchitelle2017-12-181-0/+3
|\ \ | | | | | | Add headless browser support in api docs [ci skip]
| * | Add headless browser support in api docs [ci skip]Pierre Hedkvist2017-12-181-0/+3
| | |
* | | Added reference to default value of `allow_other_host` [ci skip]Prathamesh Sonpatki2017-12-171-1/+1
| |/ |/|
* | [ci skip] update linkDixit Patel2017-12-151-1/+1
|/
* Merge pull request #31289 from witlessbird/fips-compatibilityEileen M. Uchitelle2017-12-141-1/+1
|\ | | | | Initial support for running Rails on FIPS-certified systems
| * Introduced `ActiveSupport::Digest` that allows to specify hash function ↵Dmitri Dolguikh2017-12-121-1/+1
| | | | | | | | | | | | | | | | implementation and defaults to `Digest::MD5`. Replaced calls to `::Digest::MD5.hexdigest` with calls to `ActiveSupport::Digest.hexdigest`.
* | Enable `Layout/LeadingCommentSpace` to not allow cosmetic changes in the futureRyuta Kamizono2017-12-141-10/+10
| | | | | | | | Follow up of #31432.
* | Change the system tests to set Puma as default server only when the user ↵Guillermo Iguaran2017-12-091-1/+1
| | | | | | | | haven't specified manually another server.
* | Add secure `X-Download-Options` and `X-Permitted-Cross-Domain-Policies` to ↵Guillermo Iguaran2017-12-091-1/+3
| | | | | | | | default headers set.
* | Merge pull request #30780 from ↵Sean Griffin2017-12-071-0/+10
|\ \ | | | | | | | | | | | | JackMc/fix-chrome-referrer-invalidauthenticitytoken Fix issue #30658 by checking explicitly for 'null' referrer
| * | Add a better error message when a "null" Origin header occursJack McCracken2017-11-031-0/+10
| | |
* | | Add headless firefox driver to System Testsbogdanvlviv2017-12-072-3/+18
| | |
* | | Yield array from AC::Parameters#each for block with one argDominic Cleal2017-12-061-1/+1
| | | | | | | | | | | | Matches Hash#each behaviour as used in Rails 4.
* | | Add missing requireyuuji.yaginuma2017-12-051-0/+2
| | | | | | | | | | | | | | | | | | | | | Follow up of 3c442b6df91e291ebbf17f37444414bf5f10fbe6 Without this require, it will fail when run CSP test alone. Ref: https://travis-ci.org/rails/rails/jobs/311715758#L2976
* | | Fix CSP copy boolean directives (#31326)Simon Dawson2017-12-051-5/+1
| |/ |/| | | Use Object#deep_dup to safely duplicate policy values
* | Make screenshots default to "simple" formateileencodes2017-11-291-10/+6
| | | | | | | | | | | | | | | | | | Not everyone uses iTerm2 and whereas Terminal.app on a mac just ignores that and outputs the path, other terminals like those on Ubuntu do not. A friendlier default is one that works by default. Closes #31159 Closes #30957
* | Fix typo in mime type registeringGuillermo Iguaran2017-11-291-1/+1
| |
* | Restore mpeg mime type, delete less common mime typesGuillermo Iguaran2017-11-291-9/+4
| | | | | | | | See discussion in #31251
* | Register "audio/mp4" mime type with :m4a symbolGuillermo Iguaran2017-11-291-1/+1
| |
* | Register most popular audio/video/font mime types supported by modern browsersGuillermo Iguaran2017-11-281-1/+19
| |
* | Preparing for 5.2.0.beta2 releaseRafael Mendonça França2017-11-281-1/+1
| |
* | Fix optimized url helpers when using relative url rootAndrew White2017-11-281-0/+10
| | | | | | | | Fixes #31220.
* | Preparing for 5.2.0.beta1 releaseRafael Mendonça França2017-11-271-1/+1
| |
* | Add DSL for configuring Content-Security-Policy headerAndrew White2017-11-276-0/+263
| | | | | | | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
* | Merge pull request #24510 from ↵Rafael Mendonça França2017-11-252-9/+6
|\ \ | | | | | | | | | | | | | | | vipulnsward/make-variable_size_secure_compare-public Make variable_size_secure_compare public
| * | Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`,Vipul A M2017-06-072-9/+6
| | | | | | | | | | | | | | | | | | | | | to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings.
* | | Merge pull request #31195 from mltsy/patch-2Vipul A M2017-11-241-1/+1
|\ \ \ | | | | | | | | Fix tld_length documentation in ActionDispatch::Cookies [ci skip]
| * | | Fix tld_length documentationJoe Marty2017-11-211-1/+1
| | | | | | | | | | | | Change recommendation for tld_length (for sharing cookies across subdomains of a 2-token TLD), to 2 instead of 1.
* | | | Fix CustomUrls#direct doc formattingT.J. Schuck2017-11-221-6/+6
| | | | | | | | | | | | | | | | | | | | Particularly, the bulleted list was getting formatted as a code block because of the extra level of indentation. Pulling it back to the left makes it render properly as a list instead. [ci skip]
* | | | Update incorrect backtick usage in RDoc to teletypeT.J. Schuck2017-11-223-6/+6
|/ / / | | | | | | [ci skip]
* | | Bump RuboCop to 0.51.0Koichi ITO2017-11-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ## Summary RuboCop 0.51.0 was released. https://github.com/bbatsov/rubocop/releases/tag/v0.51.0 And rubocop-0-51 channel is available in Code Climate. https://github.com/codeclimate/codeclimate-rubocop/issues/109 This PR will bump RuboCop to 0.51.0 and fixes the following new offenses. ```console % bundle exec rubocop Inspecting 2358 files (snip) Offenses: actionpack/lib/action_controller/metal/http_authentication.rb:251:59: C: Prefer double-quoted strings unless you need single quotes to avoid extra backslashes for escaping. [key.strip, value.to_s.gsub(/^"|"$/, "").delete('\'')] ^^^^ activesupport/test/core_ext/load_error_test.rb:8:39: C: Prefer double-quoted strings unless you need single quotes to avoid extra backslashes for escaping. assert_raise(LoadError) { require 'no_this_file_don\'t_exist' } ^^^^^^^^^^^^^^^^^^^^^^^^^^^ 2358 files inspected, 2 offenses detected ```
* | | Merge pull request #31078 from aeroastro/feature/fix-typoRafael França2017-11-091-2/+2
|\ \ \ | | | | | | | | Fix typoes on ActionDispatch::HTTP::FilterParameters
| * | | Fix typo on ActionDispatc::HTTP::FilterParametersTakumasa Ochi2017-11-071-2/+2
| | | |