| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Use frozen string literal in actionpack/ | Kir Shatrov | 2017-07-29 | 1 | -0/+2 |
| | | |||||
| * | Revert "Merge pull request #29540 from kirs/rubocop-frozen-string" | Matthew Draper | 2017-07-02 | 1 | -1/+0 |
| | | | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa. | ||||
| * | Enforce frozen string in Rubocop | Kir Shatrov | 2017-07-01 | 1 | -0/+1 |
| | | |||||
| * | applies remaining conventions across the project | Xavier Noria | 2016-08-06 | 1 | -1/+0 |
| | | |||||
| * | normalizes indentation and whitespace across the project | Xavier Noria | 2016-08-06 | 1 | -3/+3 |
| | | |||||
| * | modernizes hash syntax in actionpack | Xavier Noria | 2016-08-06 | 1 | -17/+17 |
| | | |||||
| * | applies new string literal convention in actionpack/test | Xavier Noria | 2016-08-06 | 1 | -8/+8 |
| | | | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default. | ||||
| * | Deprecate :controller and :action path parameters | Andrew White | 2016-03-01 | 1 | -1/+1 |
| | | | | | | | | | Allowing :controller and :action values to be specified via the path in config/routes.rb has been an underlying cause of a number of issues in Rails that have resulted in security releases. In light of this it's better that controllers and actions are explicitly whitelisted rather than trying to blacklist or sanitize 'bad' values. | ||||
| * | Fix test messages use directly true, false and nil instead of their symbol | Akshay Vishnoi | 2015-03-19 | 1 | -3/+3 |
| | | |||||
| * | Consistent usage of spaces in hashes across our codebase | Rafael Mendonça França | 2015-01-29 | 1 | -2/+2 |
| | | |||||
| * | Switch to kwargs in ActionController::TestCase and ActionDispatch::Integration | Kir Shatrov | 2015-01-29 | 1 | -2/+2 |
| | | | | | | | | | Non-kwargs requests are deprecated now. Guides are updated as well. `post url, nil, nil, { a: 'b' }` doesn't make sense. `post url, params: { y: x }, session: { a: 'b' }` would be an explicit way to do the same | ||||
| * | Fix actionpack test cases broken by #16888 | Godfrey Chan | 2014-09-26 | 1 | -0/+9 |
| | | |||||
| * | Fix typos like `a html` to `an html` and 'an mail' to 'an email'. [ci skip] | Santosh Wadghule | 2014-07-14 | 1 | -2/+2 |
| | | |||||
| * | Raise RuntimeErrors with inspectable and MRI-independent messages. | Federico Ravasio | 2013-11-24 | 1 | -2/+2 |
| | | | | | | | Previous behaviour was MRI-dependent, now we're making sure the message is correctly shown: something that can be relyied upon across every Ruby implementation. | ||||
| * | Override <%== to always behave as literal text rather than toggling based on ↵ | Jeremy Kemper | 2012-12-03 | 1 | -2/+8 |
| | | | | | whether escaping is enabled. Fixes that existing plaintext email templates using <%== unexpectedly flipped to *escaping* HTML when #8235 was merged. | ||||
| * | html_escape should escape single quotes | Santiago Pastorino | 2012-07-31 | 1 | -1/+1 |
| | | | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215 | ||||
| * | deprecate `describe` without a block. | Aaron Patterson | 2012-07-09 | 1 | -2/+0 |
| | | | | | | minitest/spec provides `describe`, so deprecate the rails version and have people use the superclass version | ||||
| * | Remove default match without specified method | Jose and Yehuda | 2012-04-24 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964 | ||||
| * | Show detailed exceptions no longer returns true if the request is local in ↵ | José Valim | 2011-12-16 | 1 | -0/+6 |
| | | | | | production. | ||||
| * | Get rid of update_details in favor of passing details to find_template. | José Valim | 2011-09-22 | 1 | -3/+3 |
| | | |||||
| * | realigns a series of hash arrows | Xavier Noria | 2010-11-21 | 1 | -10/+10 |
| | | |||||
| * | Added support for Erubis <%== tag | Jan Maurits Faber | 2010-11-08 | 1 | -0/+10 |
| | | | | | | | | <%== x %> is syntactic sugar for <%= raw(x) %> Signed-off-by: Michael Koziarski <michael@koziarski.com> [#5918 status:committed] | ||||
| * | Allow cache to be temporarily disabled through lookup_context. | José Valim | 2010-10-07 | 1 | -1/+12 |
| | | |||||
| * | render :template => 'foo/bar.json' now works as it should. | José Valim | 2010-10-07 | 1 | -1/+14 |
| | | |||||
| * | Fixed routes to use new API in a few more actionpack tests | Piotr Sarnacki | 2010-09-05 | 1 | -3/+7 |
| | | |||||
| * | Add support for compile-time <%= raw %> | Yehuda Katz | 2010-01-31 | 1 | -22/+34 |
| | | |||||
| * | Redraw default routes on all internal integration tests. We don't need ↵ | Joshua Peek | 2009-10-03 | 1 | -3/+3 |
| | | | | | SimpleRouteCase anymore | ||||
| * | File extra test folders into controller, dispatch, or template | Joshua Peek | 2009-10-03 | 1 | -0/+170 |
 |
index : rails.git | |
| Mirror of official rails repo with custom fixes. | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |