rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Removed single space padding from empty response body.	Godfrey Chan	2014-07-10	4	-16/+16
\| \| \| \| \| \| \| \| \| \| \| \|	`render nothing: true` or rendering a `nil` body no longer add a single space to the response body. The old behavior was added as a workaround for a bug in an early version of Safari, where the HTTP headers are not returned correctly if the response body has a 0-length. This is been fixed since and the workaround is no longer necessary. Use `render body: ' '` if the old behavior is desired.
*	Address CVE-2014-4671 (JSONP Flash exploit)	Greg Campbell	2014-07-09	2	-2/+2
\| \| \| \| \| \|	Adds a comment before JSONP callbacks. See http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/ for more details on the exploit in question.
*	Merge pull request #16013 from tgxworld/remove_symbolized_path_parameters	Rafael Mendonça França	2014-07-04	1	-3/+3
\|\ \| \| \| \|	Remove symbolized_path_parameters.
\| *	Remove symbolized_path_parameters.	Guo Xiang Tan	2014-07-02	1	-3/+3
\| \| \| \| \| \| \| \|	This pull request is a continuation of https://github.com/rails/rails/commit/925bd975 and https://github.com/rails/rails/commit/8d8ebe3d.
* \|	Merge pull request #16011 from xjlu/token_and_options	Rafael Mendonça França	2014-07-04	1	-2/+22
\|\ \ \| \| \| \| \| \|	Improve token_and_options regex and test
\| * \|	Improve token_and_options regex and test	Xinjiang Lu	2014-07-01	1	-2/+22
\| \|/ \| \| \| \| \| \|	add a test case to test the regex for the helper method raw_params
* /	Change the JSON renderer to enforce the 'JS' Content Type	Lucas Mazza	2014-07-02	1	-0/+13
\|/ \| \| \| \| \| \|	The controller can set the response format as 'JSON' before the renderer code be evaluated, so we must replace it when necessary. Fixes #15081
*	Merge pull request #15933 from rafael/master	Rafael Mendonça França	2014-06-27	1	-0/+29
\|\ \| \| \| \| \| \| \| \| \| \|	Add always permitted parameters as a configurable option. [Rafael Mendonça França + Gary S. Weaver]
\| *	Improvements per code review.	Rafael Chacón	2014-06-27	1	-0/+29
\| \| \| \| \| \| \| \| \| \| \| \|	* General style fixes. * Add changes to configuration guide. * Add missing tests.
* \|	Merge pull request #15537 from tgxworld/fix_state_leak	Matthew Draper	2014-06-20	3	-4/+5
\|\ \ \| \| \| \| \| \|	Fix state leak.
\| * \|	Remove redundant code.	Guo Xiang Tan	2014-06-05	1	-4/+0
\| \| \|
\| * \|	Prevent state leak.	Guo Xiang Tan	2014-06-05	3	-0/+5
\| \| \|
* \| \|	Merge pull request #15692 from sromano/falseClass	Matthew Draper	2014-06-14	1	-1/+17
\|\ \ \ \| \| \| \| \| \| \| \| \| \| \| \|	ActionController::Parameters#require now accepts FalseClass values
\| * \| \|	ActionController::Parameters#require now accepts FalseClass values	Sergio Romano	2014-06-13	1	-1/+17
\|/ / / \| \| \| \| \| \| \| \| \|	Fixes #15685.
* \| \|	Fix parsed token value with header `Authorization token=`.	Larry Lv	2014-06-13	1	-6/+23
\| \| \|
* \| \|	use Ruby for mocking	Aaron Patterson	2014-06-12	1	-1/+1
\| \| \|
* \| \|	remove warnings	Kuldeep Aggarwal	2014-06-12	1	-1/+0
\| \| \| \| \| \| \| \| \| \| \| \|	warning: assigned but unused variable - scope_called, path and strexp
* \| \|	Merge pull request #15545 from zuhao/refactor_actionpack_assert_select_test	Yves Senn	2014-06-08	1	-1/+4
\|\ \ \ \| \| \| \| \| \| \| \|	Restore test deliveries for ActionMailer.
\| * \| \|	Restore test deliveries for ActionMailer.	Zuhao Wan	2014-06-07	1	-1/+4
\| \|/ /
* \| \|	Handle client disconnect during live streaming	Matthew Draper	2014-06-08	1	-0/+89
\| \| \| \| \| \| \| \| \| \| \| \|	.. even when the producer is blocked for a write.
* \| \|	adds some details to the rationale of converted_arrays [ci skip]	Xavier Noria	2014-06-07	1	-1/+1
\| \| \|
* \| \|	adds a regression test for the strong params converted arrays cache	Xavier Noria	2014-06-07	1	-1/+18
\| \| \| \| \| \| \| \| \| \| \| \|	This is a regression test for 29844dd.
* \| \|	Revert "Convert StrongParameters cache to a hash. This fixes an unbounded"	Xavier Noria	2014-06-07	1	-1/+1
\|/ / \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	We cannot cache keys because arrays are mutable. We rather want to cache the arrays. This behaviour is tailor-made for the usage pattern strongs params is designed for. In a forthcoming commit I am going to add a test that covers why we need to cache by value. Every strong params instance has a live span of a request, the cache goes away with the object. Since strong params have such a concrete intention, it would be interesting to see if there are actually any real-world use cases that are an actual leak, one that practically may matter. I am not convinced that the theoretical leak has any practical consequences, but if it can be shown there are, then I believe we should either get rid of the cache (which is an optimization), or else wipe it in the mutating API. This reverts commit e63be2769c039e4e9ada523a8497ce3206cc8a9b.
* \|	Mime::PNG is already defined.	Zuhao Wan	2014-06-05	1	-6/+0
\| \|
* \|	Merge pull request #15498 from zenspider/fix_memory_leak	Guillermo Iguaran	2014-06-03	1	-1/+1
\|\ \ \| \| \| \| \| \|	Convert StrongParameters cache to a hash. This fixes an unbounded memory leak
\| * \|	Convert StrongParameters cache to a hash. This fixes an unbounded	Ryan Davis	2014-06-03	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	memory leak demonstrated on @tenderlove's latest blog post: http://tenderlovemaking.com/2014/06/02/yagni-methods-are-killing-me.html
* \| \|	add tests for nested lambda constraints	Aaron Patterson	2014-06-03	1	-0/+27
\|/ /
* \|	Merge pull request #15384 from zuhao/refactor_actionpack_params_wrapper_test	Yves Senn	2014-05-29	1	-7/+19
\|\ \ \| \| \| \| \| \|	Clear inflections after test.
\| * \|	Clear inflections after test.	Zuhao Wan	2014-05-28	1	-7/+19
\| \| \|
* \| \|	Merge pull request #15386 from ↵	Santiago Pastorino	2014-05-28	1	-3/+6
\|\ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	zuhao/refactor_actionpack_request_forgery_protection_test Avoid hardcoded `request_forgery_protection_token` value in teardown.
\| * \| \|	Avoid hardcoded value in teardown.	Zuhao Wan	2014-05-28	1	-3/+6
\| \| \| \|
* \| \| \|	Merge pull request #15388 from zuhao/refactor_actionpack_send_file_test	Santiago Pastorino	2014-05-28	1	-2/+6
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \|	Unregister Mime::Type in teardown.
\| * \| \| \|	Unregister Mime::Type in teardown.	Zuhao Wan	2014-05-28	1	-2/+6
\| \|/ / /
* \| \| \|	Merge pull request #15385 from zuhao/refactor_actionpack_render_other_test	Santiago Pastorino	2014-05-28	1	-4/+7
\|\ \ \ \ \| \|/ / / \|/\| \| \|	Add and remove renderer inside the test to prevent leak.
\| * \| \|	Add and remove renderer inside the test to prevent leak.	Zuhao Wan	2014-05-28	1	-4/+7
\| \|/ /
* \| \|	Merge pull request #15383 from ↵	Yves Senn	2014-05-28	1	-10/+8
\|\ \ \ \| \|/ / \|/\| \| \| \| \| \| \| \|	zuhao/refactor_actionpack_localized_templates_test Move I18n.locale setting into setup and teardown.
\| * \|	Move I18n.locale setting into setup and teardown.	Zuhao Wan	2014-05-28	1	-10/+8
\| \| \|
* \| \|	Add with_default_charset helper.	Zuhao Wan	2014-05-28	1	-12/+20
\|/ /
* \|	Deprecate all _filter callbacks in favor of _action callbacks	Rafael Mendonça França	2014-05-27	2	-191/+191
\| \| \| \| \| \| \| \| \| \|	This is the continuation of the work started at 9d62e04838f01f5589fa50b0baa480d60c815e2c
* \|	PARAMETERS_KEY is only used in the request, so move the constant there	Aaron Patterson	2014-05-27	1	-5/+5
\| \|
* \|	The correct status to test should be :switching_protocols.	Zuhao Wan	2014-05-25	1	-2/+2
\| \|
* \|	use symbol keys for path_parameters	Aaron Patterson	2014-05-22	1	-5/+5
\| \|
* \|	Merge pull request #11346 from tomykaira/fix_10257	Rafael Mendonça França	2014-05-20	1	-0/+7
\|\ \ \| \| \| \| \| \|	Check authentication scheme in Basic auth
\| * \|	Check authentication scheme in Basic auth	tomykaira	2013-07-07	1	-0/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	`authenticate_with_http_basic` and its families should check the authentication schema is "Basic". Different schema, such as OAuth2 Bearer should be rejected by basic auth, but it was passing as the test shows. This fixes #10257.
* \| \|	Merge pull request #15182 from zuhao/refactor_actionpack_respond_with_test_2	Yves Senn	2014-05-20	1	-4/+10
\|\ \ \ \| \| \| \| \| \| \| \|	Un-define :to_json for Customer class after stubbing.
\| * \| \|	Add using_resouce_with_json to controller.	Zuhao Wan	2014-05-20	1	-4/+10
\| \| \| \|
* \| \| \|	Merge pull request #15178 from zuhao/refactor_actionpack_respond_with_test	Yves Senn	2014-05-20	1	-0/+19
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \|	Deregister csv renderer after test to prevent leak.
\| * \| \| \|	Add ActionController::Renderers.remove.	Zuhao Wan	2014-05-20	1	-0/+19
\| \|/ / /
* / / /	Revert "Rewrite journey routes formatter for performance"	Aaron Patterson	2014-05-19	1	-0/+20
\|/ / / \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This reverts commit 5c224de9e110763ec7a0f01f5b604bcf81f40bfb. Conflicts: actionpack/lib/action_dispatch/journey/visitors.rb 5c224de9e110763ec7a0f01f5b604bcf81f40bfb introduced a bug in the formatter. This commit includes a regression test.
* \| \|	fixes stack level too deep exception on action named 'status' returning ↵	Christiaan Van den Poel	2014-05-15	1	-0/+31
\| \| \| \| \| \| \| \| \| \| \| \|	'head :ok'