| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| | |
Fix missing action_missing
Conflicts:
actionpack/CHANGELOG.md
|
| | |
| |
| |
| |
| | |
A recent change introduced the assumption that all controller actions
are known beforehand, which is not true when using action_missing.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the host in `default_url_options` is accidentally set with a protocol such as
```
host: "http://example.com"
```
then the generated url will have the protocol twice `http://http://example.com` which is not what the user intended. Likely they wanted to define a host `host: "example.com"` and a `protocol: "http://"` but did not know the convention.
This may not the most common problem, but when it happens it can go undetected for a while. I accidentally added `http://` out of habit recently only to find all the links in my emails were broken after deploying a demo site to production. Rather than allow this accident go undetected, we can fix the problem in line by properly setting the protocol and host.
I was able to find this related question on stack overflow: http://stackoverflow.com/questions/5878329/rails-3-devise-how-do-i-make-the-email-confirmation-links-use-secure-https-n where the answer was highly upvoted.
This is based off of work in #7415 cc/ @pixeltrix
ATP Action Mailer and Action Pack
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| | |
* master-sec:
fix protocol checking in sanitization [CVE-2013-1857]
JDOM XXE Protection [CVE-2013-1856]
fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855]
stop calling to_sym when building arel nodes [CVE-2013-1854]
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
i18n locale fallback for localized views
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Fix rake test warnings in actionpack
|
| | |/ / |
|
| |/ / |
|
| |\ \
| | |
| | | |
multipart POST - utf8 param name not encoded
|
| | | | |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
The env hash passed to `Http::Headers#new` must be in env format.
Also be aware that the passed hash is modified directly.
docs and test-cases for setting headers/env in functional tests.
Follow up to #9700.
|
| | |
| |
| |
| | |
stale on live streams(issue #9636)
|
| | | |
|
| | |
| |
| |
| | |
Closes #6513.
|
| | |
| |
| |
| |
| | |
Also:
cleanup, use consistent syntax for `Http::Header` and test.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If an explicit name has been given and it already ends with "[]"
Before:
select(:category, [], {}, multiple: true, name: "post[category][]")
# => <select name="post[category][][]" ...>
After:
select(:category, [], {}, multiple: true, name: "post[category][]")
# => <select name="post[category][]" ...>
|
| | | |
|
| |\ \
| | |
| | | |
Allow use of assert_template with the :file option.
|
| | | |
| | |
| | |
| | | |
This worked in Rails 3.2, but was a regression in 4.0.0.beta1
|
| | | | |
|
| | |/
|/| |
|
| | |
| |
| |
| |
| |
| | |
Fix ActionDispatch::Request#formats on xhr requests when HTTP_ACCEPT
header is empty string. About issue #7774, same fix as in commit bebb02f
but for xhr requests.
|
| |/
|
|
|
|
|
|
| |
Rather than trying to use gsub to remove the optional route segments,
which will fail with nested optional segments, use a custom visitor
class that returns a empty string for group nodes.
Closes #9524
|
| |\
| |
| | |
Fix for #9360 content_for regression
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Closes #9466.
Passing `format: true` used to override the constraints: { format: /json/ }
with `/.+/`. This patch only sets the format if there is no constraint present.
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix calculation of db_runtime property in
ActiveRecord::Railties::ControllerRuntime#cleanup_view_runtime.
Previously, after raising ActionView::MissingTemplate, db_runtime was
not populated.
Closes #9218, Fixes #9215.
Conflicts:
activerecord/CHANGELOG.md
|
| | | |
| | |
| | |
| | | |
exception
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* use 1.9 style hash syntax
* don't use brances on assert_equal
* prefere " over '
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
With 155cd5e6 the number_helpers were moved into AS all the tests were copied over
but the tests in AP were not deleted. This is confusing.
I removed all duplicated tests and reorganized the tests in AP to only test the
functionality, that is added in AP.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Closes #9435.
Skip valid encoding checks for non-String parameters that come
from the matched route's defaults.
|
| | | |
| | |
| | |
| | | |
Closes #9432.
|
| |\ \ \
| | | |
| | | | |
Journey::Path::Pattern#new raise more meaningful exception message.
|
| | | | |
| | | |
| | | |
| | | | |
exception message.
|
| |/ / / |
|
| |\ \ \
| | | |
| | | | |
Custom dependency trackers for the template digestor
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Since all changes from #9347 are related to AS, it seems proper that the
test is placed there as well.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
ActiveSupport::NumberHelper#number_to_human now returns the number unaltered when
the units hash does not contain the needed key, e.g. when the number provided is less
than the largest key provided.
|
| |\ \ \ \
| | | | |
| | | | | |
use ISO 8601 format in time_tag helper
|
