aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test
Commit message (Collapse)AuthorAgeFilesLines
* option_tags coerced to "" instead of nilSandeep2012-08-211-0/+12
|
* Make sure :via works with mountPratik Naik2012-08-201-0/+9
|
* Access @rs only through attr_accessortomykaira2012-08-201-11/+11
|
* Added X-Content-Type-Options to the header defaults.Jim Jones2012-08-181-1/+3
| | | | With a value of "nosniff", this prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.
* Merge pull request #7244 from lucasuyezu/masterCarlos Antonio da Silva2012-08-152-0/+22
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix indentation on template errors to consider line number character count. For instance, when an error is shown, if the related source code snippet has line numbers from, lets say, 8-12, the lines are left aligned, which means the code indent is wrong: 8: foo 9: bar 10: raise 11: baz 12: ... This changes it to right align the source code snippet, so that the indentation is correct: 8: foo 9: bar 10: raise 11: baz 12: ...
| * Indentation should consider line number character count.Lucas Uyezu2012-08-132-0/+22
| |
* | Extract common controllers to abstract_unitRafael Mendonça França2012-08-133-45/+33
| |
* | Implementing Routing ConcernsRafael Mendonça França2012-08-131-0/+94
|/ | | | | | | This pattern was introduced as a plugin by @dhh. The original implementation can be found in https://github.com/rails/routing_concerns
* push header merge down to a private method so that live responses can have ↵Aaron Patterson2012-08-131-0/+11
| | | | their own header object
* live response headers can be merged with a hashAaron Patterson2012-08-131-0/+6
|
* Add support for start_hour and end_hour options in select_hour helperEvan Tann2012-08-131-0/+29
| | | | Updated documentation to demonstrate start_hour and end_hour options
* Ensure option_html_attributes does not modify the given option hashesCarlos Antonio da Silva2012-08-111-0/+9
| | | | We can avoid creating extra hashes with #merge, and use #merge! instead.
* Simplify html attributes generation for options_for_selectCarlos Antonio da Silva2012-08-111-5/+6
| | | | | | | Further simplify the option_html_attributes method after the changes introduced in dacbcbe55745aa9e5484b10b11f65ccca7db1c54 to not escape the html options here (since they're going to be escaped down the chain in content tag).
* Merge pull request #7314 from schneems/schneems/form_for_errorRafael Mendonça França2012-08-101-0/+14
|\ | | | | Check for Blank Record in form_for
| * check for nil or empty record in form_forschneems2012-08-101-0/+14
| | | | | | | | if nil or an empty array is passed into form_for you get a horrible error message, this one is much more indicative of what the programmer needs to know to fix the problem.
* | Fix handling SCRIPT_NAME from within mounted engine'sPiotr Sarnacki2012-08-111-18/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you mount your application at a path, for example /myapp, server should set SCRIPT_NAME to /myapp. With such information, rails application knows that it's mounted at /myapp path and it should generate routes relative to that path. Before this patch, rails handled SCRIPT_NAME correctly only for regular apps, but it failed to do it for mounted engines. The solution was to hardcode default_url_options[:script_name], which is not the best answer - it will work only when application is mounted at a fixed path. This patch fixes the situation by respecting original value of SCRIPT_NAME when generating application's routes from engine and the other way round - when you generate engine's routes from application. This is done by using one of 2 pieces of information in env - current SCRIPT_NAME or SCRIPT_NAME for a corresponding router. This is because we have 2 cases to handle: - generating engine's route from application: in this situation SCRIPT_NAME is basically SCRIPT_NAME set by the server and it indicates the place where application is mounted, so we can just pass it as :original_script_name in url_options. :original_script_name is used because if we use :script_name, router will ignore generating prefix for engine - generating application's route from engine: in this situation we already lost information about the SCRIPT_NAME that server used. For example if application is mounted at /myapp and engine is mounted at /blog, at this point SCRIPT_NAME is equal /myapp/blog. Because of that we need to keep reference to /myapp SCRIPT_NAME by binding it to the current router. Later on we can extract it and use when generating url Please note that starting from now you *should not* use default_url_options[:script_name] explicitly if your server already passes correct SCRIPT_NAME to rack env. (closes #6933)
* | Test actual content of permanent cookiebrainopia2012-08-101-1/+1
|/
* set the controller under test so we no longer need the reset! methodAaron Patterson2012-08-091-38/+4
|
* Do not mark strip_tags result as html_safeSantiago Pastorino2012-08-091-2/+2
| | | | | | Thanks to Marek Labos & Nethemba CVE-2012-3465
* push drawing once to it's own moduleAaron Patterson2012-08-091-32/+20
|
* refactor the before_setup hooks to a moduleAaron Patterson2012-08-091-13/+12
|
* switch callbacks to minitest hooksAaron Patterson2012-08-091-3/+6
|
* some testsEgor Homakov2012-08-091-0/+27
|
* Allow data attributes to be set as a first-level option for form_for, so you ↵David Heinemeier Hansson2012-08-081-0/+6
| | | | can write `form_for @record, data: { behavior: 'autosave' }` instead of `form_for @record, html: { data: { behavior: 'autosave' } }` *DHH*
* Deprecate `button_to_function` and `link_to_function` helpers.Rafael Mendonça França2012-08-071-0/+42
| | | | | | | | | | | | | | | | | | | | | | We recommend the use of Unobtrusive JavaScript instead. For example: link_to "Greeting", "#", :class => "nav_link" $(function() { $('.nav_link').click(function() { // Some complex code return false; }); }); or link_to "Greeting", '#', onclick: "alert('Hello world!'); return false", class: "nav_link" for simple cases. This reverts commit 3acdd652e9fe99481c879c84c5807a84eb9ad724.
* Revert "Merge pull request #7033 from kron4eg/master". Not a a fan at all of ↵David Heinemeier Hansson2012-08-071-54/+0
| | | | | | | what this makes ERB files look like. This reverts commit 46b8bceedd3e47169c50a04c93161424909c75fb, reversing changes made to 2f58795e783150f2e1b1f6c64e305703f0061129.
* Restoring the '%' trim mode for ERb templates, allowing for a leading ↵Artiom Di2012-08-071-0/+54
| | | | percent sign on a line to indicate non-inserted Ruby code.
* Do not include application.js if it doesn't existsPrem Sichanugrist2012-08-061-0/+9
| | | | | | Rails were including 'application.js' to the pack when using `javascript_include_tag :all` even there's no application.js in the public directory.
* Don't use `html_escape` to test the escapingRafael Mendonça França2012-08-054-4/+4
|
* removes usage of Object#in? from the code base (the method remains defined ↵Xavier Noria2012-08-067-12/+13
| | | | | | | | | | | | | | | | | | | by Active Support) Selecting which key extensions to include in active_support/rails made apparent the systematic usage of Object#in? in the code base. After some discussion in https://github.com/rails/rails/commit/5ea6b0df9a36d033f21b52049426257a4637028d we decided to remove it and use plain Ruby, which seems enough for this particular idiom. In this commit the refactor has been made case by case. Sometimes include? is the natural alternative, others a simple || is the way you actually spell the condition in your head, others a case statement seems more appropriate. I have chosen the one I liked the most in each case.
* Revert "polymorphic_url with an array generates a query string"Andrew White2012-08-041-14/+0
| | | | | Passing options as the last value in an array doesn't work with form_for. This reverts commit 61c8a4d926343903593a27080216af7e4ed81268.
* Revert "Refactor passing url options via array for polymorphic_url"Andrew White2012-08-041-7/+0
| | | | | Passing options as the last value in an array doesn't work with form_for. This reverts commit 6be564c7a087773cb0b51c54396cc190e4f5c983.
* Renamed _path_segments to _recallBogdan Gusiev2012-08-041-1/+1
|
* Refactor passing url options via array for polymorphic_urlAndrew White2012-08-041-0/+7
| | | | | | | | Rather than keep the url options in record_or_hash_or_array, extract it and reverse merge with options as it may contain important private keys like `:routing_type`. Closes #7259
* polymorphic_url with an array generates a query stringRomain Tribes2012-08-041-0/+14
| | | | | Generating an URL with an array of records is now able to build a query string if the last item of the array is a hash.
* Add test select_tag escapes promptSantiago Pastorino2012-08-031-0/+6
|
* make sure the body finishes rendering before checking response closureAaron Patterson2012-08-031-1/+2
|
* Collapsed dual checks (one for content headers and one for content) into a ↵Armand du Plessis2012-08-022-4/+34
| | | | | | | | | | | | single check. Rails includes a single character body to a head(:no_content) response to work around an old Safari bug where headers were ignored if no body sent. This patch brings the behavior slightly closer to spec if :no_content/204 is explicity requested via a head only response. Status comparison done on symbolic and numeric values Not returning any content when responding with head and limited to a status code that explicitly states no content will be returned - 100..199, 204, 205, 304.
* Merge pull request #7240 from steveklabnik/fix_2301Rafael Mendonça França2012-08-021-3/+4
|\ | | | | Fix for digest authentication bug - issue #2301 in rails/rails
| * Fix for digest authentication bug - issue #2301 in rails/railsArthur Smith2012-08-021-3/+4
| |
* | load active_support/core_ext/object/inclusion in active_support/railsXavier Noria2012-08-027-7/+0
| |
* | Improve error handling when using partial name with hyphen. Fix #7079kennyj2012-08-031-0/+7
|/
* html_escape should escape single quotesSantiago Pastorino2012-07-318-25/+25
| | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215
* close the response when the response body is set so that normal render calls ↵Aaron Patterson2012-07-291-0/+9
| | | | will work
* header hash is duped before being sent up the rack stackAaron Patterson2012-07-291-0/+13
|
* freeze the header objectAaron Patterson2012-07-291-0/+2
|
* make sure set_response! sets the correct response objectAaron Patterson2012-07-291-0/+6
|
* Controller actions are processed in a separate thread for liveAaron Patterson2012-07-291-3/+69
| | | | | | | | | | responses. Processing controller actions in a separate thread allows us to work around the rack api - we can allow the user to set status and headers, then block until the first bytes are written. As soon as the first bytes are written, the main thread can return the status, headers, and (essentially) a queue for the body.
* raise exceptions on header set after response committedAaron Patterson2012-07-291-0/+19
|
* make sure appropriate headers are set and deletedAaron Patterson2012-07-291-0/+11
|