aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller
Commit message (Collapse)AuthorAgeFilesLines
* Rack::Test::UploadedFile is a permitted scalarFabio Kreusch2013-02-211-1/+2
|
* Remove XML Parser from ActionDispatchPrem Sichanugrist2013-02-201-131/+15
| | | | | If you want an ability to parse XML parameters, please install `actionpack-xml_parser` gem.
* Fix #9168 Initialize NullCookieJar with all options needed for KeyGeneratorAndrey Chernih2013-02-081-0/+35
|
* Missing or unneeded require extract_optionsAkira Matsuda2013-02-012-0/+2
|
* Remove yaml Proc param parser testBrendon Murphy2013-01-281-13/+0
| | | | | | | | I don't believe this test is exercising any explicit params_parser behavior that the other two Proc tests aren't already doing. Given that we now know it's a bad idea to load user input via YAML.load, somebody reading this test might get a dangerous idea about building out a YAML params parser.
* Merge pull request #9032 from firmhouse/head-breaks-csrfSantiago Pastorino2013-01-281-0/+4
|\ | | | | Make HEAD work / convert to GET once more
| * Added a test that shows that a HEAD request does not normally pass CSRF ↵Michiel Sikkes2013-01-221-0/+4
| | | | | | | | protection
* | ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051]Xavier Noria2013-01-231-1/+2
|/
* Lets kepp using Ruby 1.9 syntaxRafael Mendonça França2013-01-222-37/+37
|
* Restore I18n.locale after running testsAkira Matsuda2013-01-221-1/+7
|
* Make sure to reset default_url_optionsAkira Matsuda2013-01-221-1/+5
|
* Add missing assert callsCarlos Antonio da Silva2013-01-201-2/+2
|
* strong parameters filters permitted scalarsXavier Noria2013-01-202-17/+164
|
* Restore and adapt the implementation reverted atRafael Mendonça França2013-01-192-8/+8
| | | | | | https://github.com/rails/rails/commit/cc1c3c5be061e7572018f734e5239750ab449e3f Now instead of raise, we log by default in development and test
* Added ability to raise or log on unpermitted params.Thomas Drake-Brockman2013-01-202-0/+83
|
* Remove useless || operationCarlos Antonio da Silva2013-01-171-1/+1
|
* Removing : warning: ambiguous first argument;Arun Agrawal2013-01-171-4/+4
|
* Deprecate direct calls to AC::RecordIdentifier.dom_id and dom_classCarlos Antonio da Silva2013-01-161-0/+34
| | | | Also add some generic tests to ensure they're properly deprecated.
* Remove warnings: "(...) interpreted as grouped expression"Carlos Antonio da Silva2013-01-161-2/+2
|
* strong parameters exception handlingBrian Alexander2013-01-151-9/+6
|
* Change the behavior of route defaultsAndrew White2013-01-151-0/+31
| | | | | | | | | | | | | | | | | | | This commit changes route defaults so that explicit defaults are no longer required where the key is not part of the path. For example: resources :posts, bucket_type: 'posts' will be required whenever constructing the url from a hash such as a functional test or using url_for directly. However using the explicit form alters the behavior so it's not required: resources :projects, defaults: { bucket_type: 'projects' } This changes existing behavior slightly in that any routes which only differ in their defaults will match the first route rather than the closest match. Closes #8814
* Ensure port is set when passed via the process methodAndrew White2013-01-151-0/+52
|
* Merge pull request #8821 from jamis/masterRafael Mendonça França2013-01-101-2/+2
|\ | | | | | | | | | | | | Evaluate view_cache_dependencies at the instance level Conflicts: actionpack/lib/action_controller/caching.rb
| * evaluate the dependency blocks at the instance level, not class levelJamis Buck2013-01-081-2/+2
| |
* | Remove :yaml related tests and fix other related to parsing empty arraysCarlos Antonio da Silva2013-01-081-43/+0
| | | | | | | | All Action Pack tests are green.
* | CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
| |
* | Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-081-13/+0
| | | | | | | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* | Merge branch 'master-sec'Aaron Patterson2013-01-081-0/+13
|\ \ | |/ |/| | | | | | | * master-sec: CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
| * CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
| |
* | view_cache_dependency APIJamis Buck2013-01-081-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | A declarative API for specifying dependencies that affect template cache digest computation. In your controller, specify any of said dependencies: view_cache_dependency { "phone" if using_phone? } When the block is evaluated, the resulting value is included in the cache digest calculation, allowing you to generate different digests for effectively the same template. (Mostly useful if you're mucking with template load paths.)
* | Revert "unpermitted params" exception -- it's just not going to work. See ↵David Heinemeier Hansson2013-01-081-43/+0
| | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75.
* | Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-081-0/+10
|/
* Namespace HashWithIndifferentAccessAkira Matsuda2013-01-071-3/+2
|
* Remove unnecessary begin..rescue..end, use only rescueAkira Matsuda2013-01-062-14/+10
|
* deprecate `assert_blank` and `assert_present`.Yves Senn2013-01-055-15/+15
| | | | | They don't add any benefits over `assert object.blank?` and `assert object.present?`
* Rename the last occurrence of UnexpectedParametersRafael Mendonça França2013-01-051-2/+2
|
* Rename the configuration to raise_on_unpermitted_parametersRafael Mendonça França2013-01-051-4/+4
| | | | Also changed the exception to UnpermittedParameters
* Allow developers to enable raising of exception when unexpected params are ↵Thomas Drake-Brockman2013-01-051-0/+33
| | | | provided.
* do not append a second slash when usingYves Senn2013-01-021-6/+16
|
* Alias refute methods to assert_not and perfer assert_not on testsRafael Mendonça França2012-12-311-1/+1
|
* Do not use the same tests descriptionRafael Mendonça França2012-12-311-3/+3
|
* Remove unneeded testsRafael Mendonça França2012-12-312-245/+0
| | | | These tests are needed only if we are using MiniTest::Spec
* Merge pull request #8662 from ↵Santiago Pastorino2012-12-311-1/+12
|\ | | | | | | | | senny/8661_should_not_append_charset_if_already_present Charset should not be appended to image/* type
| * charset should not be appended for `head` responsesYves Senn2012-12-311-1/+12
| | | | | | | | | | | | | | 1) Failure: test_head_created_with_image_png_content_type(RenderTest) [test/controller/render_test.rb:1238]: Expected: "image/png" Actual: "image/png; charset=utf-8"
* | Merge pull request #8546 from hsbt/fix-testcase-strict-warningSantiago Pastorino2012-12-301-1/+2
|\ \ | |/ |/| fix testcase: ruby-2.0.0 warned unused variables
| * change spy of after invoked controller action. because ruby-2.0.0 waned ↵SHIBATA Hiroshi2012-12-201-1/+2
| | | | | | | | unused variables
* | return Mime::NullType if format is unknownAngelo Capilleri2012-12-221-1/+1
| | | | | | | | | | | | | | | | | | | | If a request has an unknown format, the methods html?, xml?, json? ...etc not raise an Exception. This patch add a class Mime::NullType, that is returned when request.format is unknown and it responds false to the methods that ends with '?' and true to 'nil?'. It refers to #7837, this issue is considered a improvement not a bug.
* | Move background jobs to the 'jobs' branch until fully baked. Not shipping ↵Jeremy Kemper2012-12-211-10/+0
| | | | | | | | with Rails 4.0.
* | Refactoring the token_and_options method to fix bugsKurtis Rainbolt-Greene2012-12-151-6/+29
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | Adding a test for the equal trun bug Adding a test for the after equal trunc bug Adding a test for the slash bug Adding a test for the slash quote bug Adding a helper method for creating a sample request object with token Writing a method to create params array from raw params Writing a method to rewrite param values in the params Writing a method to get the token params from an authorization value Refactoring the token_and_options method to fix bugs Removing unnessecary test A constant for this shared regex seemed appropriate Wanting to split up this logic Adding small documentation pieces
* Removed :if and :unless from fragment cache option in favour ofAngelo capilleri2012-12-141-16/+16
| | | | | | | | | | | | | | | | | | | | | | | cache_if(condition, option, &block) and cache_unless(condition, option, &block). In the PR #8371 was introduced conditional options :if and :unless in the cache method. Example: <%= cache @model, if: some_condition(@model) do %> ... <%end%> This is a good feature but *cache_if* and and *cache_unless* are more concise and close to the standard of rails view helpers (ex: link_to_if and link_to_unless). Example: <%= cache_if condition, @model do %> ... <%end%>