| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit improves the handling of default_url_options in integration
tests by making behave closer to how a real application operates.
Specifically the following issues have been addressed:
* Options specified in routes.rb are used (fixes #546)
* Options specified in controllers are used
* Request parameters are recalled correctly
* Tests can override default_url_options directly
|
| |
| |
| |
| | |
when using the :head method/shortcut
|
|\ \
| | |
| | | |
Minor test improvement
|
| | |
| | |
| | |
| | | |
directive, just for clarity sake.
|
| | |
| | |
| | |
| | | |
renders 406 :not_acceptable
|
| | |
| | |
| | |
| | | |
format, rather than responding with a head :not_acceptable (406)
|
| | |
| | |
| | |
| | | |
specify a role for identifying accessible attributes when wrapping params
|
| | | |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes the following scenario:
resources :contacts do
post 'new', action: 'new', on: :collection, as: :new
end
Where the /new path is not generated because it's considered a canonical
action, part of the normal resource actions:
new_contacts POST /contacts(.:format) contacts#new
Fixes #2999
|
|\ \ \
| | | |
| | | | |
Make ActionController#head pass rack-link
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
|/ / / |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
Fix failing test: Mime::JS generates "text/javascript"
|
| | | |
|
|\ \ \
| | | |
| | | | |
JSONP should use mimetype application/javascript
|
| |\ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | | |
application/javascript
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This may break existing tests that are asserting the whole session contents
but should not break existing tests that are asserting individual keys - e.g:
class SomeControllerTest < ActionController::TestCase
setup do
session['user_id'] = 1
end
test "some test" do
get :some_action, nil, { 'another_var' => 2 }
# This assertion will now fail
assert_equal({ 'another_var' => 2 }, session)
# This assertion will still pass
assert_equal 2, session['another_var]
end
end
Fixes #1529.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In the current router DSL, using the +match+ DSL
method will match all verbs for the path to the
specified endpoint.
In the vast majority of cases, people are
currently using +match+ when they actually mean
+get+. This introduces security implications.
This commit disallows calling +match+ without
an HTTP verb constraint by default. To explicitly
match all verbs, this commit also adds a
:via => :all option to +match+.
Closes #5964
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
ActionController::RoutingError are raised in router execution time and can not be
rescued in a controller.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Document that default_url_options must return a hash with symbolized keys
|
| | | | | | |
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit 174cf8b22064c3999dfa685014d5b31ac993bb54, reversing
changes made to 7ecd6a731bd60665bc6de94095137f0b2c4ada2a.
The reverted commit improved the performance in the wrong place, now we
have added this 6ddbd1844a6fd6aca2992f5f75c9f605cf89808f improvement.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Remove unnecessary in HTML 5 type attribute with default value
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
stringified keys
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
mo fasta and mo betta the url_for
|
| |/ / / / / |
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
prevent the cache sweeper ignores NoMethodError
|
| | | | | | |
|
| | | | | | |
|
|/ / / / / |
|
| | | | |
| | | | |
| | | | |
| | | | | |
Closes #5632
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If embedding auth_token in remote forms is off and we
pass a value for auth_token it should respect it.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Changed default value for `config.action_view.embed_authenticity_token_in_remote_forms`
to `false`. This change breaks remote forms that need to work also without javascript,
so if you need such behavior, you can either set it to `true` or explicitly pass
`:authenticity_token => true` in form options
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
There is a regression introduced in 16ee611fa, which breaks
remote forms that should also work without javascript. This commit
introduces config option that allows to configure this behavior
defaulting to the old behavior (ie. include authenticity token
in remote forms by default)
Conflicts:
actionpack/CHANGELOG.md
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously `rendered_format` was set only based on mime types
passed in Accept header, which was wrong if first type from
Accept was different than rendered partial. The fix is to simply
move setting rendered_format to the place where template
is available and grab format from the template. If it fails
we can fallback to formats passed by Accept header.
|
| | | | |
| | | | |
| | | | |
| | | | | |
Fix for #5440
|
| | | | | |
|
| | | | | |
|