aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch '3-2-8' into 3-2-stableSantiago Pastorino2012-08-092-2/+8
|\
| * Do not mark strip_tags result as html_safeSantiago Pastorino2012-08-091-2/+2
| | | | | | | | | | | | Thanks to Marek Labos & Nethemba CVE-2012-3465
| * escape select_tag :prompt valuesSantiago Pastorino2012-08-091-0/+6
| | | | | | | | CVE-2012-3463
| * html_escape should escape single quotesSantiago Pastorino2012-08-029-31/+31
| | | | | | | | | | | | | | | | | | | | | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215 Conflicts: actionpack/test/template/erb_util_test.rb actionpack/test/template/form_tag_helper_test.rb actionpack/test/template/text_helper_test.rb actionpack/test/template/url_helper_test.rb activesupport/lib/active_support/core_ext/string/output_safety.rb
* | Do not include application.js if it doesn't existsPrem Sichanugrist2012-08-061-0/+9
| | | | | | | | | | | | Rails were including 'application.js' to the pack when using `javascript_include_tag :all` even there's no application.js in the public directory.
* | Revert "Merge pull request #6084 from ↵Rafael Mendonça França2012-08-051-7/+0
| | | | | | | | | | | | | | | | brainopia/support_for_magic_domain_on_all_stores" This reverts commit 393c652cf63875f2728c04d47b34b2d6ae908186. This commit was supposed to fix a bug but it add more failures.
* | Merge pull request #6084 from brainopia/support_for_magic_domain_on_all_storesJosé Valim2012-08-021-0/+7
| | | | | | | | Support cookie jar options for all cookie stores
* | html_escape should escape single quotesSantiago Pastorino2012-08-029-31/+31
|/ | | | | | | | | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215 Conflicts: actionpack/test/template/erb_util_test.rb actionpack/test/template/form_tag_helper_test.rb actionpack/test/template/text_helper_test.rb actionpack/test/template/url_helper_test.rb activesupport/lib/active_support/core_ext/string/output_safety.rb
* Revert "Deprecate link_to_function and button_to_function helpers"Rafael Mendonça França2012-08-011-24/+12
| | | | This reverts commit 9dc57fe9c4807fc0ad4b1590a931891d9faa3164.
* Revert "Deprecate `:mouseover` options for `image_tag` helper."Rafael Mendonça França2012-08-011-40/+8
| | | | | | | This reverts commit 1aff7725c7a04cde202cca906208560a55409e6a. Conflicts: actionpack/CHANGELOG.md
* Revert "Deprecate `:confirm` in favor of `:data => { :confirm => 'Text' }` ↵Rafael Mendonça França2012-08-013-149/+52
| | | | | | | | | | | option" Revert "Deprecate `:disable_with` in favor of `'data-disable-with'` option for `button_to` and `submit_tag` helpers." This reverts commit fc092a9cba5fceec38358072e50e09250cf58840. This reverts commit e9051e20aeb2c666db06b6217954737665878db7. This reverts commit d47d6e7eda3aa3e6aa28d0c17ac6801234bb97d1. This reverts commit 21141e777bdce8534e3755c8de7268324b3d8714.
* Add support for optional root segments containing slashesAndrew White2012-07-171-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Optional segments with a root scope need to have the leading slash outside of the parentheses, otherwise the generated url will be empty. However if the route has non-optional elements then the leading slash needs to remain inside the parentheses otherwise the generated url will have two leading slashes, e.g: Blog::Application.routes.draw do get '/(:category)', :to => 'posts#index', :as => :root get '/(:category)/author/:name', :to => 'posts#author', :as => :author end $ rake routes root GET /(:category)(.:format) posts#index author GET (/:category)/author/:name(.:format) posts#author This change adds support for optional segments that contain a slash, allowing support for urls like /page/2 for the root path, e.g: Blog::Application.routes.draw do get '/(page/:page)', :to => 'posts#index', :as => :root end $ rake routes root GET /(page/:page)(.:format) posts#index Fixes #7073 (cherry picked from commit d8745decaf59aad32aa2f09abdba99b8d0e48b31)
* Fixed bug creating invalid HTML in select optionsRusty Geldmacher2012-07-101-0/+13
| | | | | | | | | When a select tag is created for a field with errors, and that select tag has :prompt or :include_blank options, then the inserted first option will errantly have a <div class="field_with_errors"> wrapping it. See https://github.com/rails/rails/issues/7017
* Show in log correct wrapped keysDmitry Vorotilin2012-07-051-0/+8
|
* Merge pull request #6649 from route/logger_in_metal_3_2Carlos Antonio da Silva2012-06-181-0/+17
|\ | | | | Logger in metal backport for 3.2
| * Added test for case when view doesn't have logger method when using ↵Dmitry Vorotilin2012-06-161-0/+17
| | | | | | | | ActionController::Metal controller.
* | It should also include text/css => Build FixArun Agrawal2012-06-161-1/+1
| |
* | Merge pull request #6752 from steveklabnik/fix_5680Rafael Mendonça França2012-06-162-3/+14
|/ | | | Respect absolute paths in compute_source_path.
* adding a test for #6459Aaron Patterson2012-06-141-0/+10
|
* ActionController::Caching depends on RackDelegation and ↵Santiago Pastorino2012-06-131-0/+32
| | | | AbstractController::Callbacks
* Array parameters should not contain nil values.Aaron Patterson2012-06-111-0/+4
|
* Duplicate tests removed.Arun Agrawal2012-06-091-16/+0
|
* Fix asset tags for files with more than one dotPiotr Sarnacki2012-06-073-0/+6
| | | | | | | | | | | | | | | After the fix done in 39f9f02a, there are cases that will not work correctly. If you have file with "2 extensions", like foo.min.js and you reference the file without extension, like: javascript_include_tag "foo.min" it will fail because sprockets finds foo.min.js with foo.min argument. This commit fixes this case and will get the right file even when referrencing it without extension. (closes #6598)
* Add test to flash sweep after two redirectsRafael Mendonça França2012-06-051-0/+20
| | | | | This test is needed to avoid regressions in the way that flash works now (swept in every request).
* Deprecate `:confirm` in favor of `:data => { :confirm => 'Text' }` optionCarlos Galdino2012-06-052-19/+110
| | | | | | | | | | | | This deprecation applies to: `button_to` `button_tag` `image_submit_tag` `link_to` `submit_tag` As :confirm is an UI specific option is better to use the data attributes, teaching users about unobtrusive JavaScript and how Rails works with it.
* Allow to use mounted helpers in ActionView::TestCasePiotr Sarnacki2012-06-012-0/+20
| | | | | Similarly to 6525002, this allows to use routes helpers for mounted helpers, but this time in ActionView::TestCase
* Merge pull request #6588 from nbibler/polymorphic_to_modelJosé Valim2012-06-011-1/+27
|\ | | | | Correct the use of to_model in polymorphic routing
| * Use to_model delegates for polymorphic route generationNathaniel Bibler2012-06-011-1/+27
| |
* | Include routes.mounted_helpers into integration testsPiotr Sarnacki2012-06-011-0/+19
|/ | | | | | | | | | | | | | | In integration tests, you might want to use helpers from engines that you mounted in your application. It's not hard to add it by yourself, but it's unneeded boilerplate. mounted_helpers are now included by default. That means that given engine mounted like: mount Foo::Engine => "/foo", :as => "foo" you will be able to use paths from this engine in tests this way: foo.root_path #=> "/foo" (closes #6573)
* Strip [nil] from parameters hash.Aaron Patterson2012-05-301-1/+6
| | | | | | Thanks to Ben Murphy for reporting this! CVE-2012-2660
* Assets: don't add extension if other given and file existsSergey Nartimov2012-05-212-0/+3
| | | | | | | | | | | | | | We should lookup if asset without appended extension exists. When sprockets are disabled the asset tag helpers incorporate this logic. When sprockets are enabled we should have the same logic. For example, we have style.ext file in app/assets/stylesheets and we use stylesheet_link_tag in the layout. In this case we should have /assets/style.ext instead of /assets/style.ext.css in the output. Closes #6310
* Fixed tag_helper data-attribute bug with BigDecimalsBodacious2012-05-201-2/+2
|
* Use right option for excerpt text helper in tests, fix buildCarlos Antonio da Silva2012-05-191-8/+8
| | | | | | | `excerpt` text helper uses `:radius`, not `line_width` (that is used by `word_wrap` helper). Also cleanup some whitespaces.
* Merge pull request #5020 from KL-7/fix-blank-image_tag-sourceJosé Valim2012-05-181-0/+1
| | | | Render img tag with empty src if empty string is passed to image_tag.
* Deprecate old APIs for highlight, excerpt and word_wrapJeremy Walker2012-05-181-36/+45
|
* Deprecate `:disable_with` for `button_tag` tooCarlos Galdino + Rafael Mendonça França2012-05-142-6/+15
|
* Fix typoCarlos Galdino + Rafael Mendonça França2012-05-141-8/+8
|
* Deprecate `:disable_with` in favor of `'data-disable-with'` option for ↵Carlos Galdino + Rafael Mendonça França2012-05-142-25/+37
| | | | `button_to` and `submit_tag` helpers.
* Deprecate `:mouseover` options for `image_tag` helper.Rafael Mendonça França2012-05-131-8/+40
|
* Merge pull request #3237 from sakuro/data-url-schemeRafael Mendonça França2012-05-131-1/+2
| | | | Support data: url scheme
* Don't ignore nil positional arguments for url helpers - fixes #6196.Andrew White2012-05-101-0/+34
|
* Refactor the handling of default_url_options in integration testsAndrew White2012-05-101-0/+80
| | | | | | | | | | | | This commit improves the handling of default_url_options in integration tests by making behave closer to how a real application operates. Specifically the following issues have been addressed: * Options specified in routes.rb are used (fixes #546) * Options specified in controllers are used * Request parameters are recalled correctly * Tests can override default_url_options directly
* Merge pull request #6149 from jmbejar/javascript_include_tag_with_not_duplicatesSantiago Pastorino2012-05-091-0/+6
|\ | | | | Make sure that javascript_include_tag/stylesheet_link_tag methods don't consider duplicated assets
| * Make sure that javascript_include_tag/stylesheet_link_tag methods inJorge Bejar2012-05-031-0/+6
| | | | | | | | sprockets/helpers/rails_helper.rb discard duplicated assets
* | Add failing test re #3436 which demonstrates content_type is not respected ↵Kunal Shah2012-05-071-0/+21
| | | | | | | | when using the :head method/shortcut
* | Add a role option to wrap_parameters.Nick Ragaz2012-05-041-2/+15
|/ | | | The role option identifies which parameters are accessible and should be wrapped. The default role is :default.
* Reset the request parameters after a constraints checkAndrew White2012-05-031-0/+19
| | | | | | | | | | | | | | A callable object passed as a constraint for a route may access the request parameters as part of its check. This causes the combined parameters hash to be cached in the environment hash. If the constraint fails then any subsequent access of the request parameters will be against that stale hash. To fix this we delete the cache after every call to `matches?`. This may have a negative performance impact if the contraint wraps a large number of routes as the parameters hash is built by merging GET, POST and path parameters. Fixes #2510. (cherry picked from commit 56030506563352944fed12a6bb4793bb2462094b)
* Deprecate link_to_function and button_to_function helpersRafael Mendonça França2012-04-301-12/+24
|
* Restore interpolation of path option in redirect routesAndrew White2012-04-291-1/+40
|
* Escape interpolated params when redirecting - fixes #5688Andrew White2012-04-291-0/+28
|