Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | | Merge pull request #9753 from jbarreneche/bug/render-locale-fallbacks | Carlos Antonio da Silva | 2013-03-18 | 1 | -0/+9 | |
|\ \ | | | | | | | i18n locale fallback for localized views | |||||
| * | | Include I18n fallbacks in :locale lookup context | Juan Barreneche | 2013-03-16 | 1 | -0/+9 | |
| | | | ||||||
* | | | remove ancient TODOs [ci skip]. | Yves Senn | 2013-03-18 | 1 | -2/+0 | |
| | | | ||||||
* | | | Fix rake test warnings in actionpack | Mack Earnhardt | 2013-03-17 | 1 | -1/+1 | |
|/ / | ||||||
* | | `Http::Headers` directly modifies the passed environment. | Yves Senn | 2013-03-15 | 1 | -0/+22 | |
| | | | | | | | | | | | | | | | | | | The env hash passed to `Http::Headers#new` must be in env format. Also be aware that the passed hash is modified directly. docs and test-cases for setting headers/env in functional tests. Follow up to #9700. | |||||
* | | Handle conditional get in live requests - this will prevent error when using ↵ | Bernard Potocki | 2013-03-14 | 1 | -0/+15 | |
| | | | | | | | | stale on live streams(issue #9636) | |||||
* | | allow headers and env to be passed in `IntegrationTest`. | Yves Senn | 2013-03-13 | 1 | -0/+15 | |
| | | | | | | | | Closes #6513. | |||||
* | | Fix warnings | Carlos Antonio da Silva | 2013-03-07 | 1 | -2/+2 | |
| | | ||||||
* | | Allow use of assert_template with the :file option. | Justin Coyne | 2013-03-01 | 1 | -0/+35 | |
| | | | | | | | | This worked in Rails 3.2, but was a regression in 4.0.0.beta1 | |||||
* | | Add tests for #9441 | Francesco Rodriguez | 2013-02-26 | 1 | -0/+16 | |
|/ | ||||||
* | fix respond_to without blocks not working if one of the blocks is all | grosser | 2013-02-24 | 1 | -0/+21 | |
| | ||||||
* | Rack::Test::UploadedFile is a permitted scalar | Fabio Kreusch | 2013-02-21 | 1 | -1/+2 | |
| | ||||||
* | Remove XML Parser from ActionDispatch | Prem Sichanugrist | 2013-02-20 | 1 | -131/+15 | |
| | | | | | If you want an ability to parse XML parameters, please install `actionpack-xml_parser` gem. | |||||
* | Fix #9168 Initialize NullCookieJar with all options needed for KeyGenerator | Andrey Chernih | 2013-02-08 | 1 | -0/+35 | |
| | ||||||
* | Missing or unneeded require extract_options | Akira Matsuda | 2013-02-01 | 2 | -0/+2 | |
| | ||||||
* | Remove yaml Proc param parser test | Brendon Murphy | 2013-01-28 | 1 | -13/+0 | |
| | | | | | | | | I don't believe this test is exercising any explicit params_parser behavior that the other two Proc tests aren't already doing. Given that we now know it's a bad idea to load user input via YAML.load, somebody reading this test might get a dangerous idea about building out a YAML params parser. | |||||
* | Merge pull request #9032 from firmhouse/head-breaks-csrf | Santiago Pastorino | 2013-01-28 | 1 | -0/+4 | |
|\ | | | | | Make HEAD work / convert to GET once more | |||||
| * | Added a test that shows that a HEAD request does not normally pass CSRF ↵ | Michiel Sikkes | 2013-01-22 | 1 | -0/+4 | |
| | | | | | | | | protection | |||||
* | | ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051] | Xavier Noria | 2013-01-23 | 1 | -1/+2 | |
|/ | ||||||
* | Lets kepp using Ruby 1.9 syntax | Rafael Mendonça França | 2013-01-22 | 2 | -37/+37 | |
| | ||||||
* | Restore I18n.locale after running tests | Akira Matsuda | 2013-01-22 | 1 | -1/+7 | |
| | ||||||
* | Make sure to reset default_url_options | Akira Matsuda | 2013-01-22 | 1 | -1/+5 | |
| | ||||||
* | Add missing assert calls | Carlos Antonio da Silva | 2013-01-20 | 1 | -2/+2 | |
| | ||||||
* | strong parameters filters permitted scalars | Xavier Noria | 2013-01-20 | 2 | -17/+164 | |
| | ||||||
* | Restore and adapt the implementation reverted at | Rafael Mendonça França | 2013-01-19 | 2 | -8/+8 | |
| | | | | | | https://github.com/rails/rails/commit/cc1c3c5be061e7572018f734e5239750ab449e3f Now instead of raise, we log by default in development and test | |||||
* | Added ability to raise or log on unpermitted params. | Thomas Drake-Brockman | 2013-01-20 | 2 | -0/+83 | |
| | ||||||
* | Remove useless || operation | Carlos Antonio da Silva | 2013-01-17 | 1 | -1/+1 | |
| | ||||||
* | Removing : warning: ambiguous first argument; | Arun Agrawal | 2013-01-17 | 1 | -4/+4 | |
| | ||||||
* | Deprecate direct calls to AC::RecordIdentifier.dom_id and dom_class | Carlos Antonio da Silva | 2013-01-16 | 1 | -0/+34 | |
| | | | | Also add some generic tests to ensure they're properly deprecated. | |||||
* | Remove warnings: "(...) interpreted as grouped expression" | Carlos Antonio da Silva | 2013-01-16 | 1 | -2/+2 | |
| | ||||||
* | strong parameters exception handling | Brian Alexander | 2013-01-15 | 1 | -9/+6 | |
| | ||||||
* | Change the behavior of route defaults | Andrew White | 2013-01-15 | 1 | -0/+31 | |
| | | | | | | | | | | | | | | | | | | | This commit changes route defaults so that explicit defaults are no longer required where the key is not part of the path. For example: resources :posts, bucket_type: 'posts' will be required whenever constructing the url from a hash such as a functional test or using url_for directly. However using the explicit form alters the behavior so it's not required: resources :projects, defaults: { bucket_type: 'projects' } This changes existing behavior slightly in that any routes which only differ in their defaults will match the first route rather than the closest match. Closes #8814 | |||||
* | Ensure port is set when passed via the process method | Andrew White | 2013-01-15 | 1 | -0/+52 | |
| | ||||||
* | Merge pull request #8821 from jamis/master | Rafael Mendonça França | 2013-01-10 | 1 | -2/+2 | |
|\ | | | | | | | | | | | | | Evaluate view_cache_dependencies at the instance level Conflicts: actionpack/lib/action_controller/caching.rb | |||||
| * | evaluate the dependency blocks at the instance level, not class level | Jamis Buck | 2013-01-08 | 1 | -2/+2 | |
| | | ||||||
* | | Remove :yaml related tests and fix other related to parsing empty arrays | Carlos Antonio da Silva | 2013-01-08 | 1 | -43/+0 | |
| | | | | | | | | All Action Pack tests are green. | |||||
* | | CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. | Jeremy Kemper | 2013-01-08 | 1 | -0/+13 | |
| | | ||||||
* | | Revert "Merge branch 'master-sec'" | Jeremy Kemper | 2013-01-08 | 1 | -13/+0 | |
| | | | | | | | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79. | |||||
* | | Merge branch 'master-sec' | Aaron Patterson | 2013-01-08 | 1 | -0/+13 | |
|\ \ | |/ |/| | | | | | | | * master-sec: CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu | |||||
| * | CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. | Jeremy Kemper | 2013-01-08 | 1 | -0/+13 | |
| | | ||||||
* | | view_cache_dependency API | Jamis Buck | 2013-01-08 | 1 | -0/+18 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | A declarative API for specifying dependencies that affect template cache digest computation. In your controller, specify any of said dependencies: view_cache_dependency { "phone" if using_phone? } When the block is evaluated, the resulting value is included in the cache digest calculation, allowing you to generate different digests for effectively the same template. (Mostly useful if you're mucking with template load paths.) | |||||
* | | Revert "unpermitted params" exception -- it's just not going to work. See ↵ | David Heinemeier Hansson | 2013-01-08 | 1 | -43/+0 | |
| | | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75. | |||||
* | | Never treat action or controller as unpermitted params | David Heinemeier Hansson | 2013-01-08 | 1 | -0/+10 | |
|/ | ||||||
* | Namespace HashWithIndifferentAccess | Akira Matsuda | 2013-01-07 | 1 | -3/+2 | |
| | ||||||
* | Remove unnecessary begin..rescue..end, use only rescue | Akira Matsuda | 2013-01-06 | 2 | -14/+10 | |
| | ||||||
* | deprecate `assert_blank` and `assert_present`. | Yves Senn | 2013-01-05 | 5 | -15/+15 | |
| | | | | | They don't add any benefits over `assert object.blank?` and `assert object.present?` | |||||
* | Rename the last occurrence of UnexpectedParameters | Rafael Mendonça França | 2013-01-05 | 1 | -2/+2 | |
| | ||||||
* | Rename the configuration to raise_on_unpermitted_parameters | Rafael Mendonça França | 2013-01-05 | 1 | -4/+4 | |
| | | | | Also changed the exception to UnpermittedParameters | |||||
* | Allow developers to enable raising of exception when unexpected params are ↵ | Thomas Drake-Brockman | 2013-01-05 | 1 | -0/+33 | |
| | | | | provided. | |||||
* | do not append a second slash when using | Yves Senn | 2013-01-02 | 1 | -6/+16 | |
| |