aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test
Commit message (Collapse)AuthorAgeFilesLines
* CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
|
* * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-082-0/+32
| | | | dealing with empty hashes. Thanks Damien Mathieu
* Add test to avoid regression of 4a86362Rafael Mendonça França2012-11-021-0/+10
|
* Revert "Merge pull request #7668 from Draiken/fix_issue_6497"Rafael Mendonça França2012-11-021-7/+0
| | | | | | | | | This reverts commit 61d5d2d8a97fd289b81991cd79dca3112e7ca135. Conflicts: actionpack/CHANGELOG.md REASON: This added a backward incompatible change.
* Revert "Merge pull request #7659 from HugoLnx/template_error_no_matches_rebased"Rafael Mendonça França2012-10-312-23/+0
| | | | | | | | | | | | | This reverts commit 7d17cd2cbfc086f5aa9dd636e1207eb130150428. Conflicts: actionpack/CHANGELOG.md Reason: This added a regression since people were relying on this buggy behavior. This will introduce back #3849 but we will be backward compatible in stable release. Fixes #8068.
* Merge pull request #7865 from teleological/link_to_remote_3_2Rafael Mendonça França2012-10-061-0/+7
|\ | | | | Accept :remote as symbol in link_to options (backport)
| * Accept :remote as symbol in link_to optionsRiley2012-10-061-0/+7
| | | | | | | | | | Accept either :remote or 'remote' in both the html_options and (url_)options hash arguments to link_to.
* | Use the Ruby 1.8 hash syntaxRafael Mendonça França2012-10-061-1/+1
|/
* Merge pull request #7848 from senny/3415_assert_template_has_nil_variableRafael Mendonça França2012-10-061-0/+11
| | | | | | can't pass :locals to #assert_template without a view test case (#3415) Conflicts: actionpack/CHANGELOG.md
* Merge pull request #7789 from senny/7777_resource_functions_modify_optionsRafael Mendonça França2012-10-011-0/+20
| | | | resource and resources do no longer modify passed options
* Since File instance doesn't respond to #open use a double to test theRafael Mendonça França2012-09-302-4/+3
| | | | behavior added at c53e5def08f7a289a92a8e5f79dcd7caa5c3a2fb
* Merge pull request #7659 from HugoLnx/template_error_no_matches_rebasedRafael Mendonça França2012-09-302-0/+23
| | | | | | | REBASED: fixing assert_template bug when template matches expected, but not ends with Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_controller/test_case.rb
* Don't paramify ActionDispatch::Http::UploadedFile in testsTim Vandecasteele2012-09-291-0/+7
| | | | | | | | | | To test uploading a file without using fixture_file_upload, a posted ActionDispatch::Http::UploadedFile should not be paramified (just like Rack::Test::UploadedFile). (Rack::Test::UploadedFile and ActionDispatch::Http::UploadedFile don't share the same API, tempfile is not accessible on Rack::Test::UploadedFile as discussed in https://github.com/brynary/rack-test/issues/30)
* Revert "Revert "Respect `config.digest = false` for `asset_path`""Rafael Mendonça França2012-09-201-0/+8
| | | | | | This reverts commit 54f55746a70a7091341e84236498203118a7fbb4. Reason: the last commit fixed the failing case
* Revert "Respect `config.digest = false` for `asset_path`"Rafael Mendonça França2012-09-201-8/+0
| | | | | | | | | | | | This reverts commit 1ac19c11792a745cd654f02dfaed8e93f95b3c70. Conflicts: actionpack/CHANGELOG.md Reason: This is causing failures in the railties build. See http://travis-ci.org/#!/rails/rails/jobs/2491787 Related with #7672
* Merge pull request #7668 from Draiken/fix_issue_6497Rafael Mendonça França2012-09-191-0/+7
| | | | | | Removing to_shorthand to fix #6497 Conflicts: actionpack/CHANGELOG.md
* Respect `config.digest = false` for `asset_path`Peter Wagenet2012-09-171-0/+8
| | | | | | | Previously, the `asset_path` internals only respected the `:digest` option, but ignored the global config setting. This meant that `config.digest = false` could not be used in conjunction with `config.compile = false` this corrects the behavior.
* log 404 status when ActiveRecord::RecordNotFound was raised (#7646)Yves Senn2012-09-171-0/+15
| | | | | | Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_controller/log_subscriber.rb
* Fix bug when Rails.application is defined but is nil. See #881Marc-Andre Lafortune2012-08-281-0/+7
|
* correct handling of date selects when using both disabled and discard optionsVasiliy Ermolovich2012-08-251-0/+24
| | | | | | | | | | | | we should take disabled option not only from `html_options` hash but from `options` hash too like `build_select` method does it. So datetime_select("post", "updated_at", { :discard_minute => true }, { :disabled => true }) datetime_select("post", "updated_at", :discard_minute => true , :disabled => true) both these variants work now closes #7431
* Merge pull request #7410 from sandeepravi/default_options_helper_valueRafael Mendonça França2012-08-211-0/+12
| | | | | | option_tags coerced to "" instead of nil Closes #7404
* Test actual content of permanent cookiebrainopia2012-08-101-1/+1
|
* Dont stream back cookie value if it was set to the same valuebrainopia2012-08-101-1/+13
|
* Revert "Revert "Merge pull request #6084 from ↵brainopia2012-08-101-0/+7
| | | | | | brainopia/support_for_magic_domain_on_all_stores"" This reverts commit a48ea6800ef712440b08c551f8041feb35de8cb4.
* Merge branch '3-2-8' into 3-2-stableSantiago Pastorino2012-08-092-2/+8
|\
| * Do not mark strip_tags result as html_safeSantiago Pastorino2012-08-091-2/+2
| | | | | | | | | | | | Thanks to Marek Labos & Nethemba CVE-2012-3465
| * escape select_tag :prompt valuesSantiago Pastorino2012-08-091-0/+6
| | | | | | | | CVE-2012-3463
| * html_escape should escape single quotesSantiago Pastorino2012-08-029-31/+31
| | | | | | | | | | | | | | | | | | | | | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215 Conflicts: actionpack/test/template/erb_util_test.rb actionpack/test/template/form_tag_helper_test.rb actionpack/test/template/text_helper_test.rb actionpack/test/template/url_helper_test.rb activesupport/lib/active_support/core_ext/string/output_safety.rb
* | Do not include application.js if it doesn't existsPrem Sichanugrist2012-08-061-0/+9
| | | | | | | | | | | | Rails were including 'application.js' to the pack when using `javascript_include_tag :all` even there's no application.js in the public directory.
* | Revert "Merge pull request #6084 from ↵Rafael Mendonça França2012-08-051-7/+0
| | | | | | | | | | | | | | | | brainopia/support_for_magic_domain_on_all_stores" This reverts commit 393c652cf63875f2728c04d47b34b2d6ae908186. This commit was supposed to fix a bug but it add more failures.
* | Merge pull request #6084 from brainopia/support_for_magic_domain_on_all_storesJosé Valim2012-08-021-0/+7
| | | | | | | | Support cookie jar options for all cookie stores
* | html_escape should escape single quotesSantiago Pastorino2012-08-029-31/+31
|/ | | | | | | | | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215 Conflicts: actionpack/test/template/erb_util_test.rb actionpack/test/template/form_tag_helper_test.rb actionpack/test/template/text_helper_test.rb actionpack/test/template/url_helper_test.rb activesupport/lib/active_support/core_ext/string/output_safety.rb
* Revert "Deprecate link_to_function and button_to_function helpers"Rafael Mendonça França2012-08-011-24/+12
| | | | This reverts commit 9dc57fe9c4807fc0ad4b1590a931891d9faa3164.
* Revert "Deprecate `:mouseover` options for `image_tag` helper."Rafael Mendonça França2012-08-011-40/+8
| | | | | | | This reverts commit 1aff7725c7a04cde202cca906208560a55409e6a. Conflicts: actionpack/CHANGELOG.md
* Revert "Deprecate `:confirm` in favor of `:data => { :confirm => 'Text' }` ↵Rafael Mendonça França2012-08-013-149/+52
| | | | | | | | | | | option" Revert "Deprecate `:disable_with` in favor of `'data-disable-with'` option for `button_to` and `submit_tag` helpers." This reverts commit fc092a9cba5fceec38358072e50e09250cf58840. This reverts commit e9051e20aeb2c666db06b6217954737665878db7. This reverts commit d47d6e7eda3aa3e6aa28d0c17ac6801234bb97d1. This reverts commit 21141e777bdce8534e3755c8de7268324b3d8714.
* Add support for optional root segments containing slashesAndrew White2012-07-171-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Optional segments with a root scope need to have the leading slash outside of the parentheses, otherwise the generated url will be empty. However if the route has non-optional elements then the leading slash needs to remain inside the parentheses otherwise the generated url will have two leading slashes, e.g: Blog::Application.routes.draw do get '/(:category)', :to => 'posts#index', :as => :root get '/(:category)/author/:name', :to => 'posts#author', :as => :author end $ rake routes root GET /(:category)(.:format) posts#index author GET (/:category)/author/:name(.:format) posts#author This change adds support for optional segments that contain a slash, allowing support for urls like /page/2 for the root path, e.g: Blog::Application.routes.draw do get '/(page/:page)', :to => 'posts#index', :as => :root end $ rake routes root GET /(page/:page)(.:format) posts#index Fixes #7073 (cherry picked from commit d8745decaf59aad32aa2f09abdba99b8d0e48b31)
* Fixed bug creating invalid HTML in select optionsRusty Geldmacher2012-07-101-0/+13
| | | | | | | | | When a select tag is created for a field with errors, and that select tag has :prompt or :include_blank options, then the inserted first option will errantly have a <div class="field_with_errors"> wrapping it. See https://github.com/rails/rails/issues/7017
* Show in log correct wrapped keysDmitry Vorotilin2012-07-051-0/+8
|
* Merge pull request #6649 from route/logger_in_metal_3_2Carlos Antonio da Silva2012-06-181-0/+17
|\ | | | | Logger in metal backport for 3.2
| * Added test for case when view doesn't have logger method when using ↵Dmitry Vorotilin2012-06-161-0/+17
| | | | | | | | ActionController::Metal controller.
* | It should also include text/css => Build FixArun Agrawal2012-06-161-1/+1
| |
* | Merge pull request #6752 from steveklabnik/fix_5680Rafael Mendonça França2012-06-162-3/+14
|/ | | | Respect absolute paths in compute_source_path.
* adding a test for #6459Aaron Patterson2012-06-141-0/+10
|
* ActionController::Caching depends on RackDelegation and ↵Santiago Pastorino2012-06-131-0/+32
| | | | AbstractController::Callbacks
* Array parameters should not contain nil values.Aaron Patterson2012-06-111-0/+4
|
* Duplicate tests removed.Arun Agrawal2012-06-091-16/+0
|
* Fix asset tags for files with more than one dotPiotr Sarnacki2012-06-073-0/+6
| | | | | | | | | | | | | | | After the fix done in 39f9f02a, there are cases that will not work correctly. If you have file with "2 extensions", like foo.min.js and you reference the file without extension, like: javascript_include_tag "foo.min" it will fail because sprockets finds foo.min.js with foo.min argument. This commit fixes this case and will get the right file even when referrencing it without extension. (closes #6598)
* Add test to flash sweep after two redirectsRafael Mendonça França2012-06-051-0/+20
| | | | | This test is needed to avoid regressions in the way that flash works now (swept in every request).
* Deprecate `:confirm` in favor of `:data => { :confirm => 'Text' }` optionCarlos Galdino2012-06-052-19/+110
| | | | | | | | | | | | This deprecation applies to: `button_to` `button_tag` `image_submit_tag` `link_to` `submit_tag` As :confirm is an UI specific option is better to use the data attributes, teaching users about unobtrusive JavaScript and how Rails works with it.
* Allow to use mounted helpers in ActionView::TestCasePiotr Sarnacki2012-06-012-0/+20
| | | | | Similarly to 6525002, this allows to use routes helpers for mounted helpers, but this time in ActionView::TestCase
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 20:17:49 +0000