| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Latest changes in remote ip handling conflicted with each other in
tests. Related:
dd09811fa6214a130fdc2de1d4c00b4337cb15f9
6a720226aad2adffcbd2422d40db772719579e2f
|
|\
| |
| | |
The first IP address in the X-Forwarded-For header is the originating IP
|
| | |
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
| |
for subdomain(s) removal from the host during link generation. Closes #2025
|
|
|
|
|
|
| |
requests. Closes #2119
An xhr request must have an "Accept" or "Content-type" header in order to be considered a request with valid_accept_header.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
This provides more safety to applications that put secret information in the query string, such as API keys or SSO tokens.
Signed-off-by: Xavier Noria <fxn@hashref.com>
|
| |
|
|
|
|
| |
changes the relevant parts of the url, or an object which responds to call can be supplied so common redirect rules can be easily reused. This commit includes a change where url generation from parts has been moved to AD::Http::URL as a class method.
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
allowing for easy manipulation of the host during link generation.
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
@@tld_length is used by default. Also set the default value of @@tld_length to 1.
|
|
|
|
|
|
| |
parsing the query string [#3030 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
autoloading."
Booting a new Rails application does not work after this commit [#5359 state:open]
This reverts commit 38a421b34d0b414564e919f67d339fac067a56e6.
|
|
|
|
|
|
| |
autoloading.
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
|
|
| |
ensure that request.scheme returns https when using a reverse proxy.
[#5408 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
's/[ \t]*$//' -i {} \;)
|
|
|
|
| |
Signed-off-by: wycats <wycats@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
ActionDispatch::Request rather than Rack::Request.
* Changed ActionDispatch::Request#method to return a String, to be
compatible with the Rack::Request superclass.
* Changed ActionDispatch::Request#method to return the original
method in the case of methodoverride and #request_method not to,
to be compatible with Rack::Request
|
|
|
|
|
|
| |
Rack::Request expect
it to return a String. Split the Rails API so that Request#content_type returns
a String, and Request#content_mime_type returns a Mime::Type object.
|
|
|
|
| |
of configuring a middleware
|
|
|
|
|
| |
* ActionController::Base.ip_spoofing_check deprecated => config.action_dispatch.ip_spoofing_check
* ActionController::Base.trusted_proxies deprecated => config.action_dispatch.trusted_proxies
|
|
|
|
| |
let's deprecate it.
|
|
|
|
| |
* Refactored ActionPatch to use fullpath instead
|
| |
|
| |
|
|
|
|
| |
mixed array [#3928 status:resolved]
|
|
|
|
| |
anything in the middleware stack.
|
| |
|
|
|
|
|
|
| |
ActionDispatch::ParametersFilter to handle parameter filteration instead. This will make filteration not depending on controller anymore.
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* request.formats is much simpler now
* For XHRs or Accept headers with a single item, we use the Accept header
* For other requests, we use params[:format] or fallback to HTML
* This is primarily to work around the fact that browsers provide completely
broken Accept headers, so we have to whitelist the few cases we can
specifically isolate and treat other requests as coming from the browser
* For APIs, we can support single-item Accept headers, which disambiguates
from the browsers
* Requests to an action that only has an XML template from the browser will
no longer find the template. This worked previously because most browsers
provide a catch-all */*, but this was mostly accidental behavior. If you
want to serve XML, either use the :xml format in links, or explicitly
specify the XML template: render "template.xml".
|
| |
|
|
|
|
|
|
| |
ActionController::Base.trusted_proxies [#2126 state:resolved]
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
|
|
|
|
| |
Signed-off-by: Yehuda Katz <wycats@gmail.com>
|
|
|
|
| |
Signed-off-by: Yehuda Katz <wycats@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Resolved all the conflicts since 2.3.0 -> HEAD. Following is a list
of commits that could not be applied cleanly or are obviated with the
abstract_controller refactor. They all need to be revisited to ensure
that fixes made in 2.3 do not reappear in 3.0:
2259ecf368e6a6715966f69216e3ee86bf1a82a7
AR not available
* This will be reimplemented with ActionORM or equivalent
06182ea02e92afad579998aa80144588e8865ac3
implicitly rendering a js response should not use the default layout
[#1844 state:resolved]
* This will be handled generically
893e9eb99504705419ad6edac14d00e71cef5f12
Improve view rendering performance in development mode and reinstate
template recompiling in production [#1909 state:resolved]
* We will need to reimplement rails-dev-boost on top of the refactor;
the changes here are very implementation specific and cannot be
cleanly applied. The following commits are implicated:
199e750d46c04970b5e7684998d09405648ecbd4
3942cb406e1d5db0ac00e03153809cc8dc4cc4db
f8ea9f85d4f1e3e6f3b5d895bef6b013aa4b0690
e3b166aab37ddc2fbab030b146eb61713b91bf55
ae9f258e03c9fd5088da12c1c6cd216cc89a01f7
44423126c6f6133a1d9cf1d0832b527e8711d40f
0cb020b4d6d838025859bd60fb8151c8e21b8e84
workaround for picking layouts based on wrong view_paths
[#1974 state:resolved]
* The specifics of this commit no longer apply. Since it is a two-line
commit, we will reimplement this change.
8c5cc66a831aadb159f3daaffa4208064c30af0e
make action_controller/layouts pick templates from the current instance's
view_paths instead of the class view_paths [#1974 state:resolved]
* This does not apply at all. It should be trivial to apply the feature
to the reimplemented ActionController::Base.
87e8b162463f13bd50d27398f020769460a770e3
fix HTML fallback for explicit templates [#2052 state:resolved]
* There were a number of patches related to this that simply compounded
each other. Basically none of them apply cleanly, and the underlying
issue needs to be revisited. After discussing the underlying problem
with Koz, we will defer these fixes for further discussion.
|
| |
|