aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/new_base
Commit message (Collapse)AuthorAgeFilesLines
* Fix actionpack test cases broken by #16888Godfrey Chan2014-09-262-29/+9
|
* Fix typos like `a html` to `an html` and 'an mail' to 'an email'. [ci skip]Santosh Wadghule2014-07-141-2/+2
|
* Removed single space padding from empty response body.Godfrey Chan2014-07-104-16/+16
| | | | | | | | | | | | `render nothing: true` or rendering a `nil` body no longer add a single space to the response body. The old behavior was added as a workaround for a bug in an early version of Safari, where the HTTP headers are not returned correctly if the response body has a 0-length. This is been fixed since and the workaround is no longer necessary. Use `render body: ' '` if the old behavior is desired.
* Prevent state leak.Guo Xiang Tan2014-06-051-0/+2
|
* The correct status to test should be :switching_protocols.Zuhao Wan2014-05-251-2/+2
|
* Only accept actions without File::SEPARATOR in the name.Rafael Mendonça França2014-05-061-1/+16
| | | | | | | | | This will avoid directory traversal in implicit render. Fixes: CVE-2014-0130 Conflicts: actionpack/lib/abstract_controller/base.rb
* Do note remove `Content-Type` when `render :body`Prem Sichanugrist2014-03-051-17/+12
| | | | | | | | | | | | | `render :body` should just not set the `Content-Type` header. By removing the header, it breaks the compatibility with other parts. After this commit, `render :body` will returns `text/html` content type, sets by default from `ActionDispatch::Response`, and it will preserve the overridden content type if you override it. Fixes #14197, #14238 This partially reverts commit 3047376870d4a7adc7ff15c3cb4852e073c8f1da.
* Introduce `render :html` for render HTML stringPrem Sichanugrist2014-02-181-0/+190
| | | | | | | | | This is an option for to HTML content with a content type of `text/html`. This rendering option calls `ERB::Util.html_escape` internally to escape unsafe HTML string, so you will have to mark your string as html safe if you have any HTML tag in it. Please see #12374 for more detail.
* Introduce `render :plain` for render plain textPrem Sichanugrist2014-02-181-0/+168
| | | | | | | | This is as an option to render content with a content type of `text/plain`. This is the preferred option if you are planning to render a plain text content. Please see #12374 for more detail.
* Update hash format for render_text_testPrem Sichanugrist2014-02-181-18/+18
|
* Introduce `render :body` for render raw contentPrem Sichanugrist2014-02-181-0/+175
| | | | | | | | | | | | This is an option for sending a raw content back to browser. Note that this rendering option will unset the default content type and does not include "Content-Type" header back in the response. You should only use this option if you are expecting the "Content-Type" header to not be set. More information on "Content-Type" header can be found on RFC 2616, section 7.2.1. Please see #12374 for more detail.
* Raise RuntimeErrors with inspectable and MRI-independent messages.Federico Ravasio2013-11-242-4/+4
| | | | | | Previous behaviour was MRI-dependent, now we're making sure the message is correctly shown: something that can be relyied upon across every Ruby implementation.
* Reset ActionView::Base.logger instead of AC::Base.loggerAkira Matsuda2013-09-101-1/+1
| | | | see: 9b0ac0bc74569db460f87ea6888b3847be0ff5be
* Make AC standalone rendering workSantiago Pastorino2013-09-101-0/+15
|
* Revert "Merge branch 'master' of github.com:rails/docrails"Vijay Dev2013-08-171-1/+1
| | | | | | | This reverts commit 70d6e16fbad75b89dd1798ed697e7732b8606fa3, reversing changes made to ea4db3bc078fb3093ecdddffdf4f2f4ff3e1e8f9. Seems to be a code merge done by mistake.
* Reset ActionView::Base.logger instead of AC::Base.loggerAkira Matsuda2013-07-261-1/+1
| | | | see: 9b0ac0bc74569db460f87ea6888b3847be0ff5be
* Fix typos in AP: "overriden" => "overridden"Carlos Antonio da Silva2013-03-302-23/+23
|
* update documentation and code to use _action callbacksFrancesco Rodriguez2012-12-072-2/+2
|
* Override <%== to always behave as literal text rather than toggling based on ↵Jeremy Kemper2012-12-031-2/+8
| | | | whether escaping is enabled. Fixes that existing plaintext email templates using <%== unexpectedly flipped to *escaping* HTML when #8235 was merged.
* cleanup, remove trailing whitespace within actionpackYves Senn2012-10-272-3/+3
|
* Use ActionView::Base.logger instead of AC::Base.loggerPiotr Sarnacki2012-08-281-1/+1
|
* Collapsed dual checks (one for content headers and one for content) into a ↵Armand du Plessis2012-08-021-0/+30
| | | | | | | | | | | | single check. Rails includes a single character body to a head(:no_content) response to work around an old Safari bug where headers were ignored if no body sent. This patch brings the behavior slightly closer to spec if :no_content/204 is explicity requested via a head only response. Status comparison done on symbolic and numeric values Not returning any content when responding with head and limited to a status code that explicitly states no content will be returned - 100..199, 204, 205, 304.
* html_escape should escape single quotesSantiago Pastorino2012-07-311-1/+1
| | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215
* deprecate `describe` without a block.Aaron Patterson2012-07-093-12/+0
| | | | | minitest/spec provides `describe`, so deprecate the rails version and have people use the superclass version
* mispelling errors in render_text_test.rb and sqlite_specific_schemaangelo giovanni capilleri2012-05-121-2/+2
|
* Remove content-length as welltwinturbo2012-05-031-0/+6
|
* Make ActionController#head pass rack-linktwinturbo2012-05-031-0/+60
|
* Remove default match without specified methodJose and Yehuda2012-04-244-6/+6
| | | | | | | | | | | | | | | | In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964
* Remove unnecessary in HTML 5 type attribute with default valueAndrey A.I. Sitnik2012-04-051-2/+2
|
* Moved all the logger methods to active support loggerKarunakar (Ruby)2012-01-061-1/+1
| | | | minor
* remove more conditions for Fiber available in ruby19Vishnu Atrai2011-12-311-1/+1
|
* Show detailed exceptions no longer returns true if the request is local in ↵José Valim2011-12-161-0/+6
| | | | production.
* Fix another regression related to the layout optimization.José Valim2011-12-081-1/+25
|
* Fix a regression and also fix broken test.José Valim2011-12-081-5/+5
|
* A test case to ensure that AC::Metal#response_body= always wraps the given ↵Akira Matsuda2011-11-101-0/+6
| | | | value in an Array in both Ruby 1.8 and 1.9 (refs #3581)
* Deprecate passing the template handler in the template name.José Valim2011-09-221-5/+5
| | | | | | For example, calling hello.erb is now deprecated. Since Rails 3.0 passing the handler had no effect whatsover. This commit simply deprecates such cases so we can clean up the code in later releases.
* Get rid of update_details in favor of passing details to find_template.José Valim2011-09-222-8/+8
|
* Remove stream at the class level.José Valim2011-07-061-1/+1
| | | | | | This is because only template rendering works with streaming. Setting it at the class level was also changing the behavior of JSON and XML responses, closes #1337.
* Corrected some typos and American vs. Queen's English issuesLee Reilly2011-05-291-2/+2
|
* Revert to old semantics, use available_action? instead of action_method?.José Valim2011-05-061-4/+4
|
* Tidy up pending TODOs after discussion with Mr. Gatoz (@wycats).José Valim2011-05-011-7/+7
|
* log errors when an exception happens when streaming.José Valim2011-05-011-0/+13
|
* Add a test for rendering from the controller context.José Valim2011-05-011-0/+54
|
* Do not stream on HTTP/1.0.José Valim2011-04-191-0/+8
|
* Output a redirect to the 500 page if something happens when streaming.José Valim2011-04-191-1/+23
| | | | | | Currently, we output: "><script type="text/javascript">window.location = "/500.html"</script></html>
* Test explicit skip.José Valim2011-04-181-1/+10
|
* Just define the controller if fibers are defined.José Valim2011-04-181-2/+2
|
* Body... wanna *stream* my body? Body... such a thrill my body!José Valim2011-04-181-0/+62
| | | | | Added stream as class level method to make it explicit when to stream. Render also accepts :stream as option.
* switch to using comments to comment thingsAaron Patterson2011-04-151-2/+1
|
* render :once, YAGNI.José Valim2011-04-151-86/+0
|