aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller
Commit message (Collapse)AuthorAgeFilesLines
...
* | Remove :yaml related tests and fix other related to parsing empty arraysCarlos Antonio da Silva2013-01-081-43/+0
| | | | | | | | All Action Pack tests are green.
* | CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
| |
* | Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-081-13/+0
| | | | | | | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* | Merge branch 'master-sec'Aaron Patterson2013-01-081-0/+13
|\ \ | |/ |/| | | | | | | * master-sec: CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
| * CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
| |
* | view_cache_dependency APIJamis Buck2013-01-081-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | A declarative API for specifying dependencies that affect template cache digest computation. In your controller, specify any of said dependencies: view_cache_dependency { "phone" if using_phone? } When the block is evaluated, the resulting value is included in the cache digest calculation, allowing you to generate different digests for effectively the same template. (Mostly useful if you're mucking with template load paths.)
* | Revert "unpermitted params" exception -- it's just not going to work. See ↵David Heinemeier Hansson2013-01-081-43/+0
| | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75.
* | Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-081-0/+10
|/
* Namespace HashWithIndifferentAccessAkira Matsuda2013-01-071-3/+2
|
* Remove unnecessary begin..rescue..end, use only rescueAkira Matsuda2013-01-062-14/+10
|
* deprecate `assert_blank` and `assert_present`.Yves Senn2013-01-055-15/+15
| | | | | They don't add any benefits over `assert object.blank?` and `assert object.present?`
* Rename the last occurrence of UnexpectedParametersRafael Mendonça França2013-01-051-2/+2
|
* Rename the configuration to raise_on_unpermitted_parametersRafael Mendonça França2013-01-051-4/+4
| | | | Also changed the exception to UnpermittedParameters
* Allow developers to enable raising of exception when unexpected params are ↵Thomas Drake-Brockman2013-01-051-0/+33
| | | | provided.
* do not append a second slash when usingYves Senn2013-01-021-6/+16
|
* Alias refute methods to assert_not and perfer assert_not on testsRafael Mendonça França2012-12-311-1/+1
|
* Do not use the same tests descriptionRafael Mendonça França2012-12-311-3/+3
|
* Remove unneeded testsRafael Mendonça França2012-12-312-245/+0
| | | | These tests are needed only if we are using MiniTest::Spec
* Merge pull request #8662 from ↵Santiago Pastorino2012-12-311-1/+12
|\ | | | | | | | | senny/8661_should_not_append_charset_if_already_present Charset should not be appended to image/* type
| * charset should not be appended for `head` responsesYves Senn2012-12-311-1/+12
| | | | | | | | | | | | | | 1) Failure: test_head_created_with_image_png_content_type(RenderTest) [test/controller/render_test.rb:1238]: Expected: "image/png" Actual: "image/png; charset=utf-8"
* | Merge pull request #8546 from hsbt/fix-testcase-strict-warningSantiago Pastorino2012-12-301-1/+2
|\ \ | |/ |/| fix testcase: ruby-2.0.0 warned unused variables
| * change spy of after invoked controller action. because ruby-2.0.0 waned ↵SHIBATA Hiroshi2012-12-201-1/+2
| | | | | | | | unused variables
* | return Mime::NullType if format is unknownAngelo Capilleri2012-12-221-1/+1
| | | | | | | | | | | | | | | | | | | | If a request has an unknown format, the methods html?, xml?, json? ...etc not raise an Exception. This patch add a class Mime::NullType, that is returned when request.format is unknown and it responds false to the methods that ends with '?' and true to 'nil?'. It refers to #7837, this issue is considered a improvement not a bug.
* | Move background jobs to the 'jobs' branch until fully baked. Not shipping ↵Jeremy Kemper2012-12-211-10/+0
| | | | | | | | with Rails 4.0.
* | Refactoring the token_and_options method to fix bugsKurtis Rainbolt-Greene2012-12-151-6/+29
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | Adding a test for the equal trun bug Adding a test for the after equal trunc bug Adding a test for the slash bug Adding a test for the slash quote bug Adding a helper method for creating a sample request object with token Writing a method to create params array from raw params Writing a method to rewrite param values in the params Writing a method to get the token params from an authorization value Refactoring the token_and_options method to fix bugs Removing unnessecary test A constant for this shared regex seemed appropriate Wanting to split up this logic Adding small documentation pieces
* Removed :if and :unless from fragment cache option in favour ofAngelo capilleri2012-12-141-16/+16
| | | | | | | | | | | | | | | | | | | | | | | cache_if(condition, option, &block) and cache_unless(condition, option, &block). In the PR #8371 was introduced conditional options :if and :unless in the cache method. Example: <%= cache @model, if: some_condition(@model) do %> ... <%end%> This is a good feature but *cache_if* and and *cache_unless* are more concise and close to the standard of rails view helpers (ex: link_to_if and link_to_unless). Example: <%= cache_if condition, @model do %> ... <%end%>
* use _action callbacks in actionmailerFrancesco Rodriguez2012-12-081-5/+5
|
* use `_action` instead of `_filter` callbacksFrancesco Rodriguez2012-12-072-5/+5
|
* update documentation and code to use _action callbacksFrancesco Rodriguez2012-12-0711-18/+18
|
* Allow fragment cache to accept :if and :unless optionsFabrizio Regini2012-12-051-0/+64
| | | | [Stephen Ausman + Fabrizio Regini]
* Adding filter capability to ActionController logsFabrizio Regini2012-12-051-0/+22
|
* Override <%== to always behave as literal text rather than toggling based on ↵Jeremy Kemper2012-12-031-2/+8
| | | | whether escaping is enabled. Fixes that existing plaintext email templates using <%== unexpectedly flipped to *escaping* HTML when #8235 was merged.
* hash filters should be accessed with symbols or stringsFrancesco Rodriguez2012-11-301-0/+25
|
* Remove observers and sweepersRafael Mendonça França2012-11-282-57/+0
| | | | | | | | They was extracted from a plugin. See https://github.com/rails/rails-observers [Rafael Mendonça França + Steve Klabnik]
* Merge pull request #8318 from Empact/fixture-fileRafael Mendonça França2012-11-271-0/+12
|\ | | | | Use File.join to better integrate fixture_path in fixture_file_upload.
| * Use File.join to better integrate fixture_path in fixture_file_upload.Ben Woosley2012-11-261-0/+12
| |
* | Accept symbols as #send_data :disposition valueElia Schito2012-11-271-0/+12
| |
* | Merge pull request #8316 from roberto/assert_template_validate_optionsCarlos Antonio da Silva2012-11-261-0/+6
|\ \ | | | | | | | | | | | | | | | | | | | | | assert_template: validating option keys It only handles the keys locals, partial, layout and count. assert_template(foo: "bar") # raises ArgumentError assert_template(leiaute: "test") # raises ArgumentError
| * | assert_template: validating option keysRoberto Soares2012-11-251-0/+6
| | |
* | | Merge pull request #8317 from latortuga/cache-digest-opt-outDavid Heinemeier Hansson2012-11-261-0/+12
|\ \ \ | |/ / |/| | Add explicit opt-out for fragment cache digesting
| * | Add explicit opt-out for fragment cache digestingDrew Ulmer2012-11-251-0/+12
| |/ | | | | | | | | | | | | | | | | This add support for sending an explicit opt-out of the "Russian-doll" cache digest feature on a case-by-case basis. This is useful when cache- expiration needs to be performed manually and it would be otherwise difficult to know the exact name of a digested cache key. More information: https://github.com/rails/cache_digests/pull/16
* | `assert_template` fails with empty string.Roberto Soares2012-11-231-0/+7
| |
* | `assert_template` fails with empty string when a template has been renderedRoberto Soares2012-11-231-0/+7
|/ | | | | | | | For instance, it prevents false positive in this case: file = nil get :index assert_template("#{file}")
* Merge pull request #8183 from jcoglan/objectless_sessionsJon Leighton2012-11-211-0/+21
|\ | | | | Store FlashHashes in the session as plain hashes
| * Store FlashHashes in the session as plain hashes rather than custom objects ↵James Coglan2012-11-091-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | with unstable class names and instance variables. Refactor FlashHash to take values for its ivars in the constructor, to pretty up FlashHash.from_session_value. Remove stale comment on FlashHash: it is no longer Marshaled in the session so we can change its implementation. Remove blank lines I introduced in controller/test_case.rb. Unit tests for FlashHash#to_session_value. Put in a compatibility layer to accept FlashHash serializations from Rails 3.0+. Test that Rails 3.2 session flashes are correctly converted to the new format. Remove code path for processing Rails 3.0 FlashHashes since they can no longer deserialize. Fix session['flash'] deletion condition: it will never be empty?, it will either be nil or a hash with 'discard' and 'flashes' keys.
* | render every partial with a new `PartialRenderer`.Yves Senn2012-11-191-0/+10
| | | | | | | | | | | | | | | | This resolves issues when rendering nested partials. Previously the `PartialRenderer` was reused which led to situations where the state of the renderer was reset. Closes #8197
* | Remove extra whitespaceSantiago Pastorino2012-11-151-1/+1
| |
* | Merge pull request #8112 from rails/encrypted_cookiesSantiago Pastorino2012-11-152-4/+8
|\ \ | | | | | | Encrypted cookies
| * | Move ensure_secret_secure to DummyKeyGeneratorSantiago Pastorino2012-11-031-1/+1
| | |
| * | Use derived keys everywhere, http_authentication was missing itSantiago Pastorino2012-11-031-1/+3
| | |