aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/render_test.rb
Commit message (Collapse)AuthorAgeFilesLines
...
* html_escape should escape single quotesSantiago Pastorino2012-07-311-2/+2
| | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215
* Removed warnings.Arun Agrawal2012-06-211-3/+3
| | | | | 1. Change in test name as already defined. 2. ambiguous first argument; put parentheses or even spaces
* Merge pull request #6777 from route/logger_in_metal_testsCarlos Antonio da Silva2012-06-191-0/+17
|\ | | | | | | Added test for case when view doesn't have logger method when using ActionController::Metal controller.
| * Added test for case when view doesn't have logger method when using ↵Dmitry Vorotilin2012-06-191-0/+17
| | | | | | | | ActionController::Metal controller.
* | Ensure that cache-control headers are mergedJames Tucker2012-06-181-0/+12
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | There are several aspects to this commit, that don't well fit into broken down commits, so they are detailed here: * When a user uses response.headers['Cache-Control'] = some_value, then the documented convention in ConditionalGet is not adhered to, in this case, response.cache_control is ignored due to `return if self[CACHE_CONTROL].present?` * When a middleware sets cache-control headers that would clobber, they're converted to symbols directly, without underscores. This would lead to bugs. * Items that would live in :extras if set through expires_in, are placed directly in the @cache_control hash, and not respected in many cases (somewhat adhering to the aforementioned documentation). * Although quite useless, any directive named 'extras' would be ignored. The general convention applied is that expires_* take precedence, but no longer overwrite everything and expires_* are ALWAYS applied, even if the header is set. I am still unhappy about the contents of this commit, and the code in general. Ideally it should be refactored to no longer use :extras. I'd likely recommend expanding @cache_control into a class, and giving it the power to handle the merge in a more efficient fashion. Such a commit would be a larger change that could have additional semantic changes for other libraries unless they utilize expires_in in very standard ways.
* Add failing test re #3436 which demonstrates content_type is not respected ↵Kunal Shah2012-05-081-0/+21
| | | | when using the :head method/shortcut
* Merge pull request #5368 from andhapp/remove-max-staleJosé Valim2012-05-071-4/+4
|\ | | | | Minor test improvement
| * Removed max-stale from the tests since it's a request cache-control ↵Anuj Dutta2012-03-101-4/+4
| | | | | | | | directive, just for clarity sake.
* | Remove default match without specified methodJose and Yehuda2012-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964
* | Set proper rendered_format when doing render :inlineSantiago Pastorino2012-03-281-0/+1
| | | | | | | | Closes #5632
* | If partial is rendered in controller, grab format from templatePiotr Sarnacki2012-03-271-0/+13
| | | | | | | | | | | | | | | | | | Previously `rendered_format` was set only based on mime types passed in Accept header, which was wrong if first type from Accept was different than rendered partial. The fix is to simply move setting rendered_format to the place where template is available and grab format from the template. If it fails we can fallback to formats passed by Accept header.
* | Merge pull request #5480 from drogus/rendering-issuesJosé Valim2012-03-171-0/+39
| | | | | | | | Fix for #5440
* | Fix #5238, rendered_format is not set when template is not renderedPiotr Sarnacki2012-03-021-2/+6
|/
* Merge pull request #3479 from arvida/ensure-date-header-on-expires-inJosé Valim2012-02-181-0/+7
|\ | | | | Ensure Date header on expires_in
| * Added test for setting of HTTP Date header when calling #expires_inarvida2011-10-311-0/+7
| |
* | let expires_in accept a must_revalidate flagXavier Noria2012-02-171-0/+20
| |
* | ActionView now has its own loggerRafael Mendonça França2012-01-181-1/+2
| |
* | Refactor FormBuilder arguments and default configCarlos Antonio da Silva2012-01-181-3/+3
| | | | | | | | | | | | | | | | | | | | * Do not reopen AV::Base to define default form builder Inside the load hook we are already in AV::Base context. * Do not pass the given block to the form builder The block is evaluated in fields_for context using capture, with the builder as argument. This means we do not need to give the block to the FormBuilder itself.
* | Remove rescue_action from compatibility module and testsCarlos Antonio da Silva2012-01-171-4/+0
| |
* | Remove other old compatibility constantsCarlos Antonio da Silva2012-01-171-6/+6
| |
* | Moved all the logger methods to active support loggerKarunakar (Ruby)2012-01-061-2/+2
| | | | | | | | minor
* | Remove deprecation warnings from Action Pack.José Valim2011-12-201-4/+2
| |
* | remove warnings about @variable_for_layoutlest2011-12-201-5/+6
| |
* | Revert "Added ActiveRecord::Base#last_modified to work with the new ↵David Heinemeier Hansson2011-12-011-2/+2
| | | | | | | | | | | | | | | | fresh_when/stale? conditional get methods from Action Pack" Needless indirection with no added value. This reverts commit 535853e83b9092078035a5abb2aa242fba815c05.
* | Added ActiveRecord::Base#last_modified to work with the new ↵David Heinemeier Hansson2011-12-011-2/+2
| | | | | | | | fresh_when/stale? conditional get methods from Action Pack
* | Allow fresh_when/stale? to take a record instead of an options hash [DHH]David Heinemeier Hansson2011-12-011-0/+46
|/
* Deprecate passing the template handler in the template name.José Valim2011-09-221-16/+12
| | | | | | For example, calling hello.erb is now deprecated. Since Rails 3.0 passing the handler had no effect whatsover. This commit simply deprecates such cases so we can clean up the code in later releases.
* Get rid of update_details in favor of passing details to find_template.José Valim2011-09-221-1/+3
|
* * is not allowed in windows file names. Closes #2574 #2847Santiago Pastorino2011-09-041-1/+1
|
* Properly escape glob characters.Aaron Patterson2011-08-161-0/+14
|
* - added ActionView::PartialRenderer#merge_path_into_partial(path, partial)Gaston Ramos2011-07-241-1/+1
| | | | fix issues/1951
* - added test case for issue:Gaston Ramos2011-07-241-0/+14
| | | | | https://github.com/rails/rails/issues/1951 Namespaced model partial_path is wrong in namespaced controllers
* removed deprecated methods, and related tests, from ActionPackJosh Kalderimis2011-05-241-6/+1
|
* removes support for render :updateXavier Noria2011-04-131-9/+0
|
* Ensure render is case sensitive even on systems with case-insensitive ↵José Valim2011-02-081-0/+10
| | | | | | filesystems. This fixes CVE-2011-0449
* Move ETag and ConditionalGet logic from AD::Response to the middleware stack.José Valim2010-10-031-118/+0
|
* Redefine duplicated test name.Emilio Tagua2010-09-281-1/+1
|
* Remove more warnings by initializing variables in test.Emilio Tagua2010-09-281-0/+6
|
* Remove more warnings: no need to define attr_accessor if already exists. ↵Emilio Tagua2010-09-281-0/+1
| | | | Initialize ivar.
* Fix header capitalization by explicitly upcasing first letter of every word, ↵Maxim Chernyak2010-09-181-0/+11
| | | | and avoiding capitalize. [#5636 state:resolved]
* Removed deprecated RouteSet API, still many tests failPiotr Sarnacki2010-09-051-1/+1
|
* code gardening: we have assert_(nil|blank|present), more concise, with ↵Xavier Noria2010-08-171-6/+6
| | | | better default failure messages - let's use them
* Deletes trailing whitespaces (over text files only find * -type f -exec sed ↵Santiago Pastorino2010-08-141-2/+2
| | | | 's/[ \t]*$//' -i {} \;)
* Make sure a namespaced <%= render form %> still renders the _form partial ↵Jan De Poorter2010-06-201-0/+11
| | | | | | [#4784 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
* edit pass: the names of Rails components have a space, ie, "Active Record", ↵Xavier Noria2010-06-141-1/+1
| | | | not "ActiveRecord"
* Revert "Moved encoding work in progress to a feature branch."wycats2010-05-171-2/+2
| | | | This reverts commit ade756fe42423033bae8e5aea8f58782f7a6c517.
* Moved encoding work in progress to a feature branch.Jeremy Kemper2010-05-161-2/+2
| | | | This reverts commits af0d1a88157942c6e6398dbf73891cff1e152405 and 64d109e3539ad600f58536d3ecabd2f87b67fd1c.
* Significantly improved internal encoding heuristics and support.wycats2010-05-161-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | * Default Encoding.default_internal to UTF-8 * Eliminated the use of file-wide magic comments to coerce code evaluated inside the file * Read templates as BINARY, use default_external or template-wide magic comments inside the Template to set the initial encoding * This means that template handlers in Ruby 1.9 will receive Strings encoded in default_internal (UTF-8 by default) * Create a better Exception for encoding issues, and use it when the template source has bytes that are not compatible with the specified encoding * Allow template handlers to opt-into handling BINARY. If they do so, they need to do some of their own manual encoding work * Added a "Configuration Gotchas" section to the intro Rails Guide instructing users to use UTF-8 for everything * Use config.encoding= in Ruby 1.8, and raise if a value that is an invalid $KCODE value is used Also: * Fixed a few tests that were assert() rather than assert_equal() and were caught by Minitest requiring a String for the message * Fixed a test where an assert_select was misformed, also caught by Minitest being more restrictive * Fixed a test where a Rack response was returning a String rather than an Enumerable
* Fixed 1 failure and 2 errors in ActionPack testsuite [#4613 state:commited]rohit2010-05-161-2/+2
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* partial counters with :as [#2804 state:resolved]Jeff Kreeftmeijer2010-05-151-0/+9
| | | | Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>