| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Specify accept-charset on all forms. All recent browsers,
as well as IE5+, will use the encoding specified for form
parameters
* Unfortunately, IE5+ will not look at accept-charset unless
at least one character in the form's values is not in the
page's charset. Since the user can override the default
charset (which Rails sets to UTF-8), we provide a hidden
input containing a unicode character, forcing IE to look
at the accept-charset.
* Now that the vast majority of web input is UTF-8, we set
the inbound parameters to UTF-8. This will eliminate many
cases of incompatible encodings between ASCII-8BIT and
UTF-8.
* You can safely ignore params[:_snowman_]
TODO:
* Validate inbound text to confirm it is UTF-8
* Combine the whole_form implementations in form_helper_test
and form_tag_helper_test
|
|
|
|
|
|
| |
:controller and :action may appear in the generated url [#4326 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
ActiveSupport::TestCase::Assertion [#4987 state:commited]
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
frameworks like ActiveRecord and ActiveResource to log outsude Rails::Application [#4816 state:resolved]
|
|
|
|
|
|
|
|
|
|
| |
- was exposed as _view, which suggested it was private
- left _view as an alias of view as not to break any extensions that are
relying on _view
[#4932 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
rendering the view.
- Previously, _assigns were locked down the first time _view was
referenced.
[#4931 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
explicitly passes in :value => nil [#4839 state:resolved]
Signed-off-by: Michael Koziarski <michael@koziarski.com>
|
| |
|
|
|
|
|
|
| |
setup within the railtie
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
true [#4856 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
|
|
| |
partials are rendered under different conditions.
[#4903 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
[#4879 state:resolved]
Signed-off-by: Xavier Noria <fxn@hashref.com>
|
|
|
|
|
|
| |
[#4902 state:committed]
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
|
|
|
|
|
|
|
|
| |
sanitize the input always unless :sanitize => false is set
[#4825 state:committed]
Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
|
|
|
|
|
|
| |
[#4878]
Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
|
|
|
|
|
|
|
|
|
|
| |
As discussed in Lighthouse ticket #4825 and ticket #4878, the truncate()
method cannot guarantee safe output for all possible inputs/offsets, so
it is best to leave the output unsafe so that it gets escaped when used
in a view.
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
|
|
|
|
|
|
| |
[#4777 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
state:resolved]
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
| |
[#4799 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
|
|
|
|
| |
markdown.
[#4794 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
|
|
|
|
| |
:safe => true option is not provided
|
| |
|
|
|
|
| |
lookup for some cases.
|
| |
|
|
|
|
| |
coming back from AS are UTF-8.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
References #1523 [#1862 state:resolved] [#3591 state:resolved]
Add test that shows how link text can contain HTML if needed:
the trick is using block form in combination with `raw`.
Let link text be automatically HTML-escaped
[#2017 state:resolved]
|
| |
| |
| |
| |
| |
| | |
recognizes all URI scheme allowed characters, such as colon and period.
[#3494 state:resolved]
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
_helper module included in the view.
- ensures that protect_against_forgery? is present when a helper
included in a partial that is rendered by the template under test
calls it (which happens in FormTagHelper#extra_tags_for_form, for
example).
[#4700 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
- decouple tests from the test case class by moving them outside
- split out more TestCase subs as cleaner way of avoiding bleed of
class level concepts
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
ActionView::TestCase::TestController without stubs. Just say:
@controller.controller_path = "path/i/need/for/this/test"
[#4697 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| | |
with strings or symbols
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
array where values for keys of the form (.|_)html keys are html_safe"
This reverts commit 05c95b5c5815c0b3ae55fda7a897922b7f3ec2c7.
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- enables alternative testing frameworks to include AV::TC::Behavior
instead of subclassing AV::TC
- also added tests and code for:
- test view delegates :notice to request.flash
- useful since generators generate views that use notice
- test case doesn't try to include modules that are actually
classes
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|/
|
|
|
|
|
|
| |
where values for keys of the form (.|_)html keys are html_safe
[#4675]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|
|
|
| |
Signed-off-by: José Valim <jose.valim@gmail.com>
|
|\ |
|
| |
| |
| |
| |
| |
| | |
[#4604 state:committed]
Signed-off-by: José Valim <jose.valim@gmail.com>
|
| |
| |
| |
| | |
This reverts commits af0d1a88157942c6e6398dbf73891cff1e152405 and 64d109e3539ad600f58536d3ecabd2f87b67fd1c.
|