| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
| |
|
|
|
|
|
| |
Since this protection is now in Parameters we can use it instead of
reimplementing again.
|
|
|
|
| |
Actually, private methods cannot be called with `self.`, so it's not just redundant, it's a bad habit in Ruby
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We want to avoid terminating the whole loop here, because it will cause
parameters that should be removed to not be removed, since we are
terminating early. In this specific case, `param2` is processed before
`param1` due to the reversing of `route.parts`, and since `param2` fails
the check on this line, it would previously cause the whole loop to
fail, and `param1` would still be in `parameterized_parts`. Now, we are
simply calling `next`, which is the intended behavior.
Introduced by 8ca8a2d773b942c4ea76baabe2df502a339d05b1.
Fixes #27454.
|
| |
|
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
| |
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|
|
|
|
|
|
|
| |
Allowing :controller and :action values to be specified via the path
in config/routes.rb has been an underlying cause of a number of issues
in Rails that have resulted in security releases. In light of this it's
better that controllers and actions are explicitly whitelisted rather
than trying to blacklist or sanitize 'bad' values.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `url_for` methods in `actionpack` and `actionview`
now make a copy of the provided options
before generating polymorphic paths or URLs.
The bug in the previous behavior
is most noticeable in a case like:
url_options = [:new, :post, param: 'value']
if current_page?(url_options)
css_class = "active"
end
link_to "New Post", url_options, class: css_class
|
|
|
|
|
| |
This way we can get the relative_url_root from the application without
setting another global value
|
|
|
|
|
|
| |
Fixed an issue where the `RAILS_RELATIVE_URL_ROOT` environment
variable is not prepended to the path when `url_for` is called.
If `SCRIPT_NAME` (used by Rack) is set, it takes precedence.
|
|\ |
|
|/
|
|
| |
url_for
|
|
|
|
| |
Fixes https://github.com/rails/rails/issues/17714.
|
|
|
|
|
|
| |
We added a deprecation warning for these cases in aa1fadd, so these are now
causing deprecation warnings in the test output. AFAICT, in these two cases, the
option is not integral to the purpose of the test, so they can be safely removed
|
| |
|
|
|
|
|
| |
also if you want a path from a named helper, you should call
helper_path, not helper_url(:only_path => true).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5c224de9e110763ec7a0f01f5b604bcf81f40bfb.
Conflicts:
actionpack/lib/action_dispatch/journey/visitors.rb
5c224de9e110763ec7a0f01f5b604bcf81f40bfb introduced a bug in the
formatter. This commit includes a regression test.
|
|
|
|
| |
relative URL.
|
| |
|
| |
|
|
|
|
|
|
| |
leading .)
Adding a boolean route constraint checks for presence/absence of request property
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the current router DSL, using the +match+ DSL
method will match all verbs for the path to the
specified endpoint.
In the vast majority of cases, people are
currently using +match+ when they actually mean
+get+. This introduces security implications.
This commit disallows calling +match+ without
an HTTP verb constraint by default. To explicitly
match all verbs, this commit also adds a
:via => :all option to +match+.
Closes #5964
|
|
|
|
|
|
|
| |
This reverts commit 174cf8b22064c3999dfa685014d5b31ac993bb54, reversing
changes made to 7ecd6a731bd60665bc6de94095137f0b2c4ada2a.
The reverted commit improved the performance in the wrong place, now we
have added this 6ddbd1844a6fd6aca2992f5f75c9f605cf89808f improvement.
|
|
|
|
| |
stringified keys
|
| |
|
| |
|
|
|
|
| |
* e.g. blog_url(subdomain: current_user) instead of blog_url(subdomain: current_user.to_param)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
numeric addresses.
See-also pull request #3561 from 3-1-stable
Otherwise the following occurs:
TypeError: can't convert nil into String
/Users/bfolkens/dev/bfolkens-rails-core/actionpack/lib/action_dispatch/http/url.rb:75:in host_or_subdomain_and_domain'
/Users/bfolkens/dev/bfolkens-rails-core/actionpack/lib/action_dispatch/http/url.rb:37:in url_for'
/Users/bfolkens/dev/bfolkens-rails-core/actionpack/lib/action_dispatch/routing/url_for.rb:147:in test_subdomain_may_be_accepted_with_numeric_host'
/Users/bfolkens/dev/bfolkens-rails-core/activesupport/lib/active_support/testing/setup_and_teardown.rb:67:in run'
/Users/bfolkens/dev/bfolkens-rails-core/activesupport/lib/active_support/callbacks.rb:426:in send'
/Users/bfolkens/dev/bfolkens-rails-core/activesupport/lib/active_support/callbacks.rb:81:in run'
|
|
|
|
| |
for subdomain(s) removal from the host during link generation. Closes #2025
|
| |
|
| |
|
|
|
|
|
|
| |
[#5774 state:committed]
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
|
|
|
|
|
|
| |
allowing for easy manipulation of the host during link generation.
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
|
|
|
|
| |
Added route which matches all: controller, action, id and format
|
| |
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
|
|
| |
http://tools.ietf.org/rfc/rfc3986.txt
[#4762 state:resolved]
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
|
|
|
|
| |
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|