| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
|
|
| |
Although no recognized formats use non-ASCII characters, sometimes they
can be included in the :format parameter because of invalid URLS. To
prevent encoding incompatibility errors we need to escape them before
passing the path to URI.unescape.
Closes #4379
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the current router DSL, using the +match+ DSL
method will match all verbs for the path to the
specified endpoint.
In the vast majority of cases, people are
currently using +match+ when they actually mean
+get+. This introduces security implications.
This commit disallows calling +match+ without
an HTTP verb constraint by default. To explicitly
match all verbs, this commit also adds a
:via => :all option to +match+.
Closes #5964
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PATCH is the correct HTML verb to map to the #update action. The
semantics for PATCH allows for partial updates, whereas PUT requires a
complete replacement.
Changes:
* adds config.default_method_for_update you can set to :patch
* optionally use PATCH instead of PUT in resource routes and forms
* adds the #patch verb to routes to detect PATCH requests
* adds #patch? to Request
* changes documentation and comments to indicate support for PATCH
This change maintains complete backwards compatibility by keeping :put
as the default for config.default_method_for_update.
|
| |
|
|
|
|
|
| |
This fixes undef `to_str' for Rack::Chunked::Body when using
caches_action + streaming on an action
Closes #5027
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| | |
|
| |
|
|
| |
impossible to target with expire_action.
|
| |
|
|
| |
Fix fragment caching (squashed commits)
|
| |
|
|
|
|
| |
For example, calling hello.erb is now deprecated. Since Rails 3.0
passing the handler had no effect whatsover. This commit simply
deprecates such cases so we can clean up the code in later releases.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
test_should_cache_with_trailing_slash_on_url
A trailing slash is removed when a page is cached.
What the test meant to say was : a url with trailing slash
should be cached and the cached page should not have any
trailing slash.
This patch clarifies the name a bit.
|
| |
|
|
| |
variable warning
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
always renders a nil response body. It now correctly renders the response body.
Note that only GET and HTTP 200 responses can be cached.
[#6480 state:committed]
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
|
| |
|
|
|
|
| |
For example, page_cache_directory = Rails.root.join("public/cache")
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
|
| | |
|
| |
|
|
|
|
|
|
| |
account the resolved mime type for the request
[#6110 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
all the tests check for valid response. [#4468 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| | |
|
| | |
|
| |
|
|
| |
response was a String.
|
| | |
|
| |
|
|
| |
* The cache helper is now semantically "mark this region for caching"
* As a result, <% x = cache do %> no longer works
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* The approach is to compile <% %> into a method call that checks whether
the value returned from a block is a String. If it is, it concats to the buffer and
prints a deprecation warning.
* <%= %> uses exactly the same logic to compile the template, which first checks
to see whether it's compiling a block.
* This should have no impact on other uses of block in templates. For instance, in
<% [1,2,3].each do |i| %><%= i %><% end %>, the call to each returns an Array,
not a String, so the result is not concatenated
* In two cases (#capture and #cache), a String can be returned that should *never*
be concatenated. We have temporarily created a String subclass called NonConcattingString
which behaves (and is serialized) identically to String, but is not concatenated
by the code that handles deprecated <% %> block helpers. Once we remove support
for <% %> block helpers, we can remove NonConcattingString.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
let's deprecate it.
|
| | |
|
| |
|
|
| |
#routes, automatically extend the URL helpers from the RouteSet onto it
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self).
* Additionally, instead of doing concat("</form>".html_safe), you can do
safe_concat("</form>"), which will skip both the flag set, and the flag
check.
* For the first pass, I converted virtually all #html_safe!s to #html_safe,
and the tests pass. A further optimization would be to try to use
#safe_concat as much as possible, reducing the performance impact if
we know up front that a String is safe.
|
| | |
|
| |
|
|
| |
tests.
|
