| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
can write `form_for @record, data: { behavior: 'autosave' }` instead of `form_for @record, html: { data: { behavior: 'autosave' } }` *DHH*
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We recommend the use of Unobtrusive JavaScript instead. For example:
link_to "Greeting", "#", :class => "nav_link"
$(function() {
$('.nav_link').click(function() {
// Some complex code
return false;
});
});
or
link_to "Greeting", '#', onclick: "alert('Hello world!'); return false", class: "nav_link"
for simple cases.
This reverts commit 3acdd652e9fe99481c879c84c5807a84eb9ad724.
|
|
|
|
|
|
|
| |
what this makes ERB files look like.
This reverts commit 46b8bceedd3e47169c50a04c93161424909c75fb, reversing
changes made to 2f58795e783150f2e1b1f6c64e305703f0061129.
|
|
|
|
| |
percent sign on a line to indicate non-inserted Ruby code.
|
|
|
|
|
|
| |
Rails were including 'application.js' to the pack when using
`javascript_include_tag :all` even there's no application.js in the
public directory.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
by Active Support)
Selecting which key extensions to include in active_support/rails
made apparent the systematic usage of Object#in? in the code base.
After some discussion in
https://github.com/rails/rails/commit/5ea6b0df9a36d033f21b52049426257a4637028d
we decided to remove it and use plain Ruby, which seems enough
for this particular idiom.
In this commit the refactor has been made case by case. Sometimes
include? is the natural alternative, others a simple || is the
way you actually spell the condition in your head, others a case
statement seems more appropriate. I have chosen the one I liked
the most in each case.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
Closes #7215
|
| |
|
|
|
|
| |
escaped
|
|\
| |
| | |
don't escape options in option_html_attributes method
|
| |
| |
| |
| |
| |
| |
| |
| | |
we don't need to escape values in this method as we pass
these html attributes to `tag_options` method that handle escaping as
well.
it fixes the case when we want to pass html5 data options
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
| |
This applies to the following helpers:
`button_to`
`button_tag`
`image_submit_tag`
`link_to`
`submit_tag`
|
|
|
|
| |
and PartialRenderer
|
|
|
|
|
|
| |
When a select tag is created for a field with errors, then the inserted
options will errantly have a <div class="field_with_errors"> wrapping
them.
|
|
|
|
|
| |
The extension was removed in 22bc12ec374b8bdeb3818ca0a3eb787dd3ce39d8,
making "test" an alias for minitest's "it".
|
| |
|
|
|
|
|
| |
They also make more sense here since all the related logic with I18n is
handled by AS::NumberHelper, and not by AV anymore.
|
|
|
|
|
|
| |
Just make use of the returning exception from assert_raise, instead of
calling the method again with a rescue clause to test the saved
exception number.
|
|\
| |
| | |
Make the Resolver template cache threadsafe
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The Template cache in the Resolver can be accessed by multiple threads
similtaneously in multi-threaded environments. The cache is implemented
using a Hash, which isn't threadsafe in all VMs (notably JRuby).
This commit extracts the cache to a new Cache class and adds mutexes to
prevent concurrent access.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When using compute_source_path to determine the full path of an
asset, if our source begins with '/', we don't want to include
the directory. Examples are illustrative:
> compute_source_path("foo", "stylesheets", "css")
=> "/Users/steve/src/my_app/public/stylesheets/foo.css"
> compute_source_path("/foo", "stylesheets", "css")
=> "/Users/steve/src/my_app/public/foo.css"
Before this patch, the second example would return the same as the
first.
Fixes #5680.
|
| |
| |
| |
| |
| | |
Module#instance_methods returns an Array of Symbols in Ruby >= 1.9
So this was not actually testing anything
|
| | |
|
| |
| |
| |
| |
| | |
Similarly to 6525002, this allows to use routes helpers for mounted
helpers, but this time in ActionView::TestCase
|
| |
| |
| |
| | |
Add some tests for link_to with blocks and escaping content.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make possible to use a block in button_to helper if button text is hard
to fit into the name parameter, e.g.:
<%= button_to [:make_happy, @user] do %>
Make happy <strong><%= @user.name %></strong>
<% end %>
# => "<form method="post" action="/users/1/make_happy" class="button_to">
# <div>
# <button type="submit">
# Make happy <strong>Name</strong>
# </button>
# </div>
# </form>"
|
| | |
|
| |
| |
| |
| | |
This options can be used to not escape the result by default.
|
| |
| |
| |
| | |
Refactoring the truncate method to not do a sort-circuit return
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
rails helpers.
This way if my text is long I don't have to do something like this:
.text
= truncate(@text, :length => 27)
if @text.size >= 27
= link_to "continue", notes_path, ....."")
|
| |
| |
| |
| | |
These tests check the values of 'min' and 'max' input attrs
|
|\ \
| | |
| | | |
Add HTML5 color and date/time inputs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The input types added are:
- input[type="month"]
- input[type="week"]
- input[type="datetime"]
- input[type="datetime-local"]
|
| | | |
|
| |/
|/|
| |
| |
| | |
* Added tests for 'else' case in ActionView::Helpers::TranslationHelper#wrap_translate_defaults
* Also updated the testing syntax of translation.html_safe? asserts to provide better output upon failure.
|
| |
| |
| |
| |
| | |
This reverts commit 254c04286c5916ae7f91eb6e173b312e7a74e364, reversing
changes made to 513a0525c24c2944630acfa465b22cd2f4601adf.
|
|\ \
| |/
|/| |
Resolver concurrency fix
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The Template cache in the Resolver can be accessed by multiple threads
similtaneously in multi-threaded environments. The cache is implemented
using a Hash, which isn't threadsafe in all VMs (notably JRuby).
This commit extracts the cache to a new Cache class and adds mutexes to
prevent concurrent access.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make the method API more clear by explicitly showing the expected
arguments. This means that the options cannot be passed as second
argument because we are not relying on extract_options! anymore,
you are expected to give a selected key or `nil` if you want to pass
options, as it is the last argument.
Notice that this does not change the current method arguments contract
available in 3.2, it just brings back the same functionality with the
divider addition.
|
|\ \
| | |
| | | |
Tidied and standardised text_helper implementations.
|
| | | |
|
| | | |
|
|/ /
| |
| |
| | |
escaping of delimiters and separators
|