aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test
Commit message (Collapse)AuthorAgeFilesLines
* Remove :yaml related tests and fix other related to parsing empty arraysCarlos Antonio da Silva2013-01-082-45/+2
| | | | All Action Pack tests are green.
* CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
|
* * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-082-0/+32
| | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-083-45/+0
| | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* Merge branch 'master-sec'Aaron Patterson2013-01-083-0/+45
|\ | | | | | | | | | | * master-sec: CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
| * CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
| |
| * * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-072-0/+32
| | | | | | | | | | | | | | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* | view_cache_dependency APIJamis Buck2013-01-082-2/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | A declarative API for specifying dependencies that affect template cache digest computation. In your controller, specify any of said dependencies: view_cache_dependency { "phone" if using_phone? } When the block is evaluated, the resulting value is included in the cache digest calculation, allowing you to generate different digests for effectively the same template. (Mostly useful if you're mucking with template load paths.)
* | Merge pull request #8810 from NARKOZ/image-submit-tagSteve Klabnik2013-01-081-2/+2
|\ \ | | | | | | set 'alt' attribute for image_submit_tag
| * | set 'alt' attribute for image_submit_tagNihad Abbasov2013-01-081-2/+2
| | |
* | | Revert "unpermitted params" exception -- it's just not going to work. See ↵David Heinemeier Hansson2013-01-081-43/+0
| | | | | | | | | | | | the discussion on https://github.com/rails/strong_parameters/pull/75.
* | | Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-081-0/+10
|/ /
* / Do not generate local vars for partials without object or collectionCarlos Antonio da Silva2013-01-082-0/+8
|/ | | | | | | | | Previously rendering a partial without giving :object or :collection would generate a local variable with the partial name by default. This was noticed due to warnings in Ruby 2.0 of not used variables, which turned out to be the generation of not used variables inside partials that do not contain objects related to them.
* Namespace HashWithIndifferentAccessAkira Matsuda2013-01-071-3/+2
|
* Needless requiresAkira Matsuda2013-01-061-2/+0
|
* Missing requiresAkira Matsuda2013-01-061-0/+1
|
* Do not call fields_for from form_for, to avoid instantiating two buildersCarlos Antonio da Silva2013-01-061-1/+13
|
* Remove unnecessary begin..rescue..end, use only rescueAkira Matsuda2013-01-064-25/+17
|
* deprecate `assert_blank` and `assert_present`.Yves Senn2013-01-056-16/+16
| | | | | They don't add any benefits over `assert object.blank?` and `assert object.present?`
* display mountable engine routes on RoutingError.Yves Senn2013-01-051-2/+20
|
* split formatting concerns from RoutesInspectorYves Senn2013-01-051-4/+21
|
* Rename the last occurrence of UnexpectedParametersRafael Mendonça França2013-01-051-2/+2
|
* Rename the configuration to raise_on_unpermitted_parametersRafael Mendonça França2013-01-051-4/+4
| | | | Also changed the exception to UnpermittedParameters
* Merge pull request #8752 from thomasfedb/masterRafael Mendonça França2013-01-051-0/+33
|\ | | | | Exception on unexpected params when enabled.
| * Allow developers to enable raising of exception when unexpected params are ↵Thomas Drake-Brockman2013-01-051-0/+33
| | | | | | | | provided.
* | Allow use of durations for ActionDispatch::SSL configurationAndrew White2013-01-041-0/+7
|/
* Restore original remote_ip algorithm.Andre Arko2013-01-021-58/+44
| | | | | | | | | | | Proxy servers add X-Forwarded-For headers, resulting in a list of IPs. We remove trusted IP values, and then take the last given value, assuming that it is the most likely to be the correct, unfaked value. See [1] for a very thorough discussion of why that is the best option we have at the moment. [1]: http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection/ Fixes #7979
* do not append a second slash when usingYves Senn2013-01-021-6/+16
|
* No need to pass a empty block to content_tag_for anymoreRafael Mendonça França2013-01-021-11/+11
|
* Make content_tag_for work without blockRafael Mendonça França2013-01-021-0/+8
| | | | This is version of #8640 for master
* Fix test for DebugExceptions due to template changeGuillermo Iguaran2012-12-311-1/+1
|
* Use ActiveSupport::TestCase in the journey testsRafael Mendonça França2012-12-3113-13/+13
|
* Alias refute methods to assert_not and perfer assert_not on testsRafael Mendonça França2012-12-3112-22/+22
|
* Do not use the same tests descriptionRafael Mendonça França2012-12-311-3/+3
|
* Remove unneeded testsRafael Mendonça França2012-12-315-381/+0
| | | | These tests are needed only if we are using MiniTest::Spec
* Add active_support/testing/autorunRafael Mendonça França2012-12-313-3/+3
| | | | | minitest/autorun load minitest/spec polluting the global namespace with the DSL that we don't want on Rails
* Merge pull request #8662 from ↵Santiago Pastorino2012-12-311-1/+12
|\ | | | | | | | | senny/8661_should_not_append_charset_if_already_present Charset should not be appended to image/* type
| * charset should not be appended for `head` responsesYves Senn2012-12-311-1/+12
| | | | | | | | | | | | | | 1) Failure: test_head_created_with_image_png_content_type(RenderTest) [test/controller/render_test.rb:1238]: Expected: "image/png" Actual: "image/png; charset=utf-8"
* | Merge pull request #8546 from hsbt/fix-testcase-strict-warningSantiago Pastorino2012-12-301-1/+2
|\ \ | |/ |/| fix testcase: ruby-2.0.0 warned unused variables
| * change spy of after invoked controller action. because ruby-2.0.0 waned ↵SHIBATA Hiroshi2012-12-201-1/+2
| | | | | | | | unused variables
* | Fix collection_radio_buttons with the option `:checked` with value ofRafael Mendonça França2012-12-261-0/+6
| | | | | | | | `false`
* | we're not supporting SQLite 2Akira Matsuda2012-12-241-13/+5
| |
* | Merge pull request #8085 from acapilleri/format_never_nilGuillermo Iguaran2012-12-222-2/+11
|\ \ | | | | | | if format is unknown NullMimeTypeObject is returned
| * | return Mime::NullType if format is unknownAngelo Capilleri2012-12-222-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a request has an unknown format, the methods html?, xml?, json? ...etc not raise an Exception. This patch add a class Mime::NullType, that is returned when request.format is unknown and it responds false to the methods that ends with '?' and true to 'nil?'. It refers to #7837, this issue is considered a improvement not a bug.
* | | Merge pull request #8586 from balexand/cache_digests_regexRafael Mendonça França2012-12-212-1/+11
|\ \ \ | |/ / |/| | Digestor explicit dependency should not contain trailing whitespace
| * | Digestor explicit dependency should not contain trailing whitespaceBrian Alexander2012-12-212-1/+11
| | | | | | | | | | | | test for rails/rails#8586
* | | Move background jobs to the 'jobs' branch until fully baked. Not shipping ↵Jeremy Kemper2012-12-211-10/+0
| | | | | | | | | | | | with Rails 4.0.
* | | Merge pull request #7312 from krainboltgreene/http-token-parser-bugSteve Klabnik2012-12-211-6/+29
|\ \ \ | |/ / |/| | Http token parser bug
| * | Refactoring the token_and_options method to fix bugsKurtis Rainbolt-Greene2012-12-151-6/+29
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adding a test for the equal trun bug Adding a test for the after equal trunc bug Adding a test for the slash bug Adding a test for the slash quote bug Adding a helper method for creating a sample request object with token Writing a method to create params array from raw params Writing a method to rewrite param values in the params Writing a method to get the token params from an authorization value Refactoring the token_and_options method to fix bugs Removing unnessecary test A constant for this shared regex seemed appropriate Wanting to split up this logic Adding small documentation pieces
* | Integrate Journey into Action DispatchAndrew White2012-12-1913-0/+1615
| | | | | | | | | | | | | | | | Move the Journey code underneath the ActionDispatch namespace so that we don't pollute the global namespace with names that may be used for models. Fixes rails/journey#49.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-17 19:40:26 +0000