aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller
Commit message (Collapse)AuthorAgeFilesLines
* Correct parameter access.Philip Arndt2012-09-191-1/+1
| | | * The params as supplied pass born in authors[0] but not authors[1] so it seems like the test isn't covering what it should be covering.
* Merge pull request #7251 from rails/integrate-strong_parametersDavid Heinemeier Hansson2012-09-186-40/+251
|\ | | | | Integrate strong_parameters in Rails 4
| * Support fields_for attributes, which may have numeric symbols as hash keysGuillermo Iguaran2012-09-161-0/+18
| |
| * Add config.action_controller.permit_all_attributes to bypass ↵Guillermo Iguaran2012-09-161-0/+14
| | | | | | | | StrongParameters protection
| * Change tainted/untainted wording to permitted/forbiddenGuillermo Iguaran2012-09-163-26/+26
| |
| * Don't use assert_nothing_raised when assert_equal is usedGuillermo Iguaran2012-09-161-4/+2
| |
| * require abstract_unit in parameters testsGuillermo Iguaran2012-09-163-0/+3
| |
| * Remove integration between attr_accessible/protected and ↵Guillermo Iguaran2012-09-161-40/+0
| | | | | | | | AC::Metal::ParamsWrapper
| * Integrate ActionController::Parameters from StrongParameters gemGuillermo Iguaran2012-09-165-0/+218
| |
* | log 404 status when ActiveRecord::RecordNotFound was raised (#7646)Yves Senn2012-09-171-0/+15
|/
* Merge pull request #7616 from lest/null-session-forgery-protectionMichael Koziarski2012-09-131-10/+6
|\ | | | | Implement :null_session CSRF protection method
| * Implement :null_session CSRF protection methodSergey Nartimov2012-09-131-10/+6
| | | | | | | | | | | | | | | | It's further work on CSRF after 245941101b1ea00a9b1af613c20b0ee994a43946. The :null_session CSRF protection method provide an empty session during request processing but doesn't reset it completely (as :reset_session does).
* | Define a SynchronousQueue for test in Action Pack.Rafael Mendonça França2012-09-121-0/+10
|/ | | | We don't need to rely on rails/queueing in Action Pack tests
* AS::Callbacks: deprecate monkey patch of object callbacksBogdan Gusiev2012-09-071-7/+7
|
* Added controller-level etag additions that will be part of the action etag ↵David Heinemeier Hansson2012-08-291-0/+32
| | | | computation *Jeremy Kemper/DHH*
* Add automatic template digests to all CacheHelper#cache calls (originally ↵David Heinemeier Hansson2012-08-291-5/+16
| | | | spiked in the cache_digests plugin) *DHH*
* Add Missing Keys from Journey on failed URL formatschneems2012-08-281-6/+6
| | | | | | | | | | | | | | | | | | | | | | | Many named routes have keys that are required to successfully resolve. If a key is left off like this: <%= link_to 'user', user_path %> This will produce an error like this: No route matches {:action=>"show", :controller=>"users"} Since we know that the :id is missing, we can add extra debugging information to the error message. No route matches {:action=>"show", :controller=>"users"} missing required keys: [:id] This will help new and seasoned developers look closer at their parameters. I've also subclassed the routing error to be clear that this error is a result of attempting to generate a url and not because the user is trying to visit a bad url. While this may sound trivial this error message is misleading and confuses most developers. The important part isn't what's in the options its's what's missing. Adding this information to the error message will make debugging much more obvious. This is the sister pull request of https://github.com/rails/journey/pull/44 which will be required to get they missing keys into the correct error message. Example Development Error in Rails: http://cl.ly/image/3S0T0n1T3421
* Deprecate AV::RecordIdentifier in controllersPiotr Sarnacki2012-08-281-0/+41
| | | | | | | | Methods provided by RecordIdentifier are not widely used in controllers nowadays as they're view specific (this is probably a legacy left after RJS rendering directly in controllers). However if people still need to use it, it's trivial to include ActionView::RecordIdentifier by themselves.
* Use ActionView::Base.logger instead of AC::Base.loggerPiotr Sarnacki2012-08-281-1/+1
|
* Move action_controller/vendor/html-scanner to action_viewPiotr Sarnacki2012-08-283-3/+3
| | | | | | This is another step in moving Action View's dependencies in Action Pack to Action View itself. Also, HtmlScanner seems to be better suited for views rather than controllers.
* Move ActionController::RecordIdentifier to ActionViewPiotr Sarnacki2012-08-281-40/+0
| | | | | | | Since it's more about DOM classes and ids it belongs to Action View better. What's more, it's more convenient to make it part of Action View to follow the rule that Action Pack can depend on Action View, but not the other way round.
* Access @rs only through attr_accessortomykaira2012-08-201-11/+11
|
* Extract common controllers to abstract_unitRafael Mendonça França2012-08-131-29/+0
|
* set the controller under test so we no longer need the reset! methodAaron Patterson2012-08-091-38/+4
|
* removes usage of Object#in? from the code base (the method remains defined ↵Xavier Noria2012-08-062-7/+8
| | | | | | | | | | | | | | | | | | | by Active Support) Selecting which key extensions to include in active_support/rails made apparent the systematic usage of Object#in? in the code base. After some discussion in https://github.com/rails/rails/commit/5ea6b0df9a36d033f21b52049426257a4637028d we decided to remove it and use plain Ruby, which seems enough for this particular idiom. In this commit the refactor has been made case by case. Sometimes include? is the natural alternative, others a simple || is the way you actually spell the condition in your head, others a case statement seems more appropriate. I have chosen the one I liked the most in each case.
* make sure the body finishes rendering before checking response closureAaron Patterson2012-08-031-1/+2
|
* Collapsed dual checks (one for content headers and one for content) into a ↵Armand du Plessis2012-08-022-4/+34
| | | | | | | | | | | | single check. Rails includes a single character body to a head(:no_content) response to work around an old Safari bug where headers were ignored if no body sent. This patch brings the behavior slightly closer to spec if :no_content/204 is explicity requested via a head only response. Status comparison done on symbolic and numeric values Not returning any content when responding with head and limited to a status code that explicitly states no content will be returned - 100..199, 204, 205, 304.
* Merge pull request #7240 from steveklabnik/fix_2301Rafael Mendonça França2012-08-021-3/+4
|\ | | | | Fix for digest authentication bug - issue #2301 in rails/rails
| * Fix for digest authentication bug - issue #2301 in rails/railsArthur Smith2012-08-021-3/+4
| |
* | load active_support/core_ext/object/inclusion in active_support/railsXavier Noria2012-08-022-2/+0
|/
* html_escape should escape single quotesSantiago Pastorino2012-07-312-3/+3
| | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215
* close the response when the response body is set so that normal render calls ↵Aaron Patterson2012-07-291-0/+9
| | | | will work
* header hash is duped before being sent up the rack stackAaron Patterson2012-07-291-0/+13
|
* make sure set_response! sets the correct response objectAaron Patterson2012-07-291-0/+6
|
* Controller actions are processed in a separate thread for liveAaron Patterson2012-07-291-3/+69
| | | | | | | | | | responses. Processing controller actions in a separate thread allows us to work around the rack api - we can allow the user to set status and headers, then block until the first bytes are written. As soon as the first bytes are written, the main thread can return the status, headers, and (essentially) a queue for the body.
* added live responses which can be written and read in separate threadsAaron Patterson2012-07-291-0/+26
|
* flushing output should write to the stream rather than mutating the response ↵Aaron Patterson2012-07-291-3/+3
| | | | object
* remove dead testAaron Patterson2012-07-291-4/+0
|
* adding a buffered stream to the response objectAaron Patterson2012-07-291-0/+30
|
* Remove warning renaming the test classes to use the test conventionRafael Mendonça França2012-07-292-2/+2
|
* this test is not a controller test, so switch to AS::TCAaron Patterson2012-07-281-1/+1
|
* Clean up Sweeper controller accessor when an Error is raisedBrian John2012-07-201-0/+11
|
* Fix indentation.Piotr Sarnacki2012-07-111-4/+4
|
* Don't raise an error if http auth token isn't well formattedPiotr Sarnacki2012-07-111-0/+8
| | | | | | | | | | | | | | When someone sends malformed authorization header, like: Authorization: Token foobar given token should be just ignored and resource should not be authorized, instead of raising error. Before this patch controller would return 401 header only for well formed tokens, like: Authorization: Token token=foobar and would return 500 in former case.
* deprecate `describe` without a block.Aaron Patterson2012-07-093-12/+0
| | | | | minitest/spec provides `describe`, so deprecate the rails version and have people use the superclass version
* Use "instance_accessor" for flash types class attributeCarlos Antonio da Silva2012-07-071-1/+0
|
* Added support add_flash_typeskennyj2012-07-071-0/+26
|
* Remove unused code.kennyj2012-07-071-4/+0
|
* Prevent conflict between mime types and Object methodsMircea Pricop2012-07-061-1/+3
| | | | | | | | | | | | | | | | | | | | | | | Assuming the type ":touch", Collector.new was calling send(:touch), which instead of triggering method_missing and generating a new collector method, actually invoked the private method `touch` inherited from Object. By generating the method for each mime type as it is registered, the private methods on Object can never be reached by `send`, because the `Collector` will have them before `send` is called on it. To do this, a callback mechanism was added to Mime::Type This allows someone to add a callback for whenever a new mime type is registered. The callback then gets called with the new mime as a parameter. This is then used in AbstractController::Collector to generate new collector methods after each mime is registered.
* Merge branch 'master' into testcleanAaron Patterson2012-07-051-0/+5
|\ | | | | | | | | | | | | | | | | | | * master: Add documentation for inheritance_column method Use ArgumentError vs. RuntimeError, which is more precise. CSV fixtures aren't supported by default anymore, update generated test_helper.rb to reflect that fix quoting for ActiveSupport::Duration instances Add few information on the field types Add the options method to action_controller testcase.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 16:05:02 +0000