| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Un-define :to_json for Customer class after stubbing.
|
| | |
|
|\ \
| | |
| | | |
Deregister csv renderer after test to prevent leak.
|
| |/ |
|
|/
|
|
|
|
|
|
|
|
| |
This reverts commit 5c224de9e110763ec7a0f01f5b604bcf81f40bfb.
Conflicts:
actionpack/lib/action_dispatch/journey/visitors.rb
5c224de9e110763ec7a0f01f5b604bcf81f40bfb introduced a bug in the
formatter. This commit includes a regression test.
|
| |
|
|
|
|
| |
'head :ok'
|
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| | |
Add controller and action name to the fragment caching instrumentation payload
Conflicts:
actionpack/CHANGELOG.md
|
| | |
|
|\ \
| | |
| | | |
Add multiple lines message support for SSE module
|
| | | |
|
| | |
| | |
| | |
| | | |
Then we can avoid nil checks
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
`assert_redirected_to` would fail if there is no controller set on
a `ActionDispatch::IntegrationTest`, as _compute_redirect_to_location
would be called on the controller to build the url.
This regression was introduced after 1dacfbabf3bb1e0a9057dd2a016b1804e7fa38c0.
[fixes #14691]
|
|/ / |
|
| | |
|
| |
| |
| |
| |
| | |
There may be situations where you need to tunnel SSL connections over
port 80 so we shouldn't remove it if it has been explicitly provided.
|
| |
| |
| |
| | |
relative URL.
|
| |
| |
| |
| | |
do not test internals
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously if you were looking for a given key, the header may incorrectly tell you that it did not exist even though it would return a valid value:
```ruby
env = { "CONTENT_TYPE" => "text/plain" }
headers = ActionDispatch::Http::Headers.new(env)
headers["Content-Type"]
# => "text/plain"
headers.key?("Content-Type")
# => false
```
This PR fixes that behavior by converting the key before checking for presence
|
|\ \
| | |
| | | |
Moved 'params[request_forgery_protection_token]' into its own method and...
|
| | |
| | |
| | |
| | | |
improved tests.
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
This will avoid directory traversal in implicit render.
Fixes: CVE-2014-0130
Conflicts:
actionpack/lib/abstract_controller/base.rb
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Callable route constraint verification
Conflicts:
actionpack/CHANGELOG.md
|
| | |
| | |
| | |
| | | |
silently failing to enforce the constraint
|
| |/
|/| |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Make remote_ip detection properly handle private IPv6 addresses
Conflicts:
actionpack/CHANGELOG.md
|
| | |
| | |
| | |
| | | |
Fixes #12638.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
cookies are marshal-encoded. This is not the case when `secret_token` is
used in conjunction with the `:json` or `:hybrid` serializer.
In those case, when upgrading to use `secret_key_base`, this would cause a
`TypeError: incompatible marshal file format` and a 500 error for the user.
Fixes #14774.
*Godfrey Chan*
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
1. Escape '%' characters in URLs - only unescaped data
should be passed to URL helpers
2. Add an `escape_segment` helper to `Router::Utils`
that escapes '/' characters
3. Use `escape_segment` rather than `escape_fragment`
in optimized URL generation
4. Use `escape_segment` rather than `escape_path`
in URL generation
For point 4 there are two exceptions. Firstly, when a route uses wildcard
segments (e.g. *foo) then we use `escape_path` as the value may contain '/'
characters. This means that wildcard routes can't be optimized. Secondly,
if a `:controller` segment is used in the path then this uses `escape_path`
as the controller may be namespaced.
Fixes #14629, #14636 and #14070.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Makes it clear that anything passed with the helper must not be percent encoded.
Fixes previous behavior which tricks people into believing passing
non-percent-encoded will generate a proper percent-encoded path while in
reality it doesn't ('%' isn't escaped).
The intention is nice but the heuristic is broken.
|
| | |
| | |
| | |
| | | |
Related with cbb917455f306cf5818644b162f22be09f77d4b2
|
| | |
| | |
| | |
| | | |
This was changed at cbb917455f306cf5818644b162f22be09f77d4b2
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | | |
Use common to_io so users can access the underlying IO object
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In some cases users may need to work with/manipulate more of the
Tempfile api than provided by Upload. Allow users to get at the
underlying io via the common to_io method of IO/IO-like objects
|
|\ \ \ \
| | | | |
| | | | | |
Display diagnostics in text format for xhr request
|
| | | | | |
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Remove surplus period from assertion messages
|
| |/ / / |
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When requesting a controller with the following code with a unknown format:
def my_action
respond_to do |format|
format.json { head :ok }
format.any { render text: 'Default response' }
end
end
we should render the default response instead of raising ActionController::UnknownFormat
Fixes #14462
Conflicts:
actionpack/CHANGELOG.md
actionpack/test/controller/mime/respond_with_test.rb
Conflicts:
actionpack/CHANGELOG.md
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
This parsing is unecessary once the Request object already has the
needed information.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adding flash types to a controller within any of the tests will result
in a global state change of the controller under test.
This patch will prevent state leaks and allow us to run the test in random order.
|
| | | |
|
| | | |
|
| | |
| | |
| | | |
Adding tests for Session `destroy`, `update` and `delete` methods. No changes for code under test.
|