|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| | AbstractController::Callbacks | 
| |\  
| | 
| | 
| | 
| | | * master-sec:
  Array parameters should not contain nil values. | 
| | | |  | 
| |/  
|   
|   
|   
| | This middleware is only for Public Exceptions.
This follows bd8c0b8a | 
| | |  | 
| | |  | 
| | 
| 
| 
| | Module#methods are Symbols in Ruby >= 1.9 | 
| | 
| 
| 
| 
| | Module#instance_methods returns an Array of Symbols in Ruby >= 1.9
So this was not actually testing anything | 
| | |  | 
| | 
| 
| 
| 
| | Similarly to 6525002, this allows to use routes helpers for mounted
helpers, but this time in ActionView::TestCase | 
| | 
| 
| 
| | Correct the use of to_model in polymorphic routing | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | In integration tests, you might want to use helpers from engines that
you mounted in your application. It's not hard to add it by yourself,
but it's unneeded boilerplate. mounted_helpers are now included by
default. That means that given engine mounted like:
    mount Foo::Engine => "/foo", :as => "foo"
you will be able to use paths from this engine in tests this way:
    foo.root_path #=> "/foo"
(closes #6573) | 
| |\  
| | 
| | 
| | 
| | 
| | | * master-sec:
  Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
  predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this | 
| | | 
| | 
| | 
| | 
| | 
| | | Thanks to Ben Murphy for reporting this!
CVE-2012-2660 | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | Prior to this patch the existing .force_ssl method handles both defining
the filter and handling the logic for performing the redirect.
With this patch the logic for redirecting to the HTTPS protocol is
separated from the filter logic that determines if a redirect should
occur.  By separating the two levels of behavior, an instance method
for ActionController (i.e. #force_ssl_redirect) is exposed and available
for more granular SSL enforcement.
Cleaned up indentation. | 
| | | 
| | 
| | 
| | | Add some tests for link_to with blocks and escaping content. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | Make possible to use a block in button_to helper if button text is hard
to fit into the name parameter, e.g.:
    <%= button_to [:make_happy, @user] do %>
      Make happy <strong><%= @user.name %></strong>
    <% end %>
    # => "<form method="post" action="/users/1/make_happy" class="button_to">
    #      <div>
    #        <button type="submit">
    #          Make happy <strong>Name</strong>
    #        </button>
    #      </div>
    #    </form>" | 
| | | |  | 
| |\ \  
| | | 
| | | 
| | | 
| | | | appfolio/moving_number_helper_methods_to_active_support
Moving number helper from ActionView to Active Support | 
| | | | |  | 
| |/ /  
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| |   
| | | When more than one directory for helpers is provided to a controller, it
should preserver the order of directories. Given 2 paths:
    MyController.helpers_paths = ["dir1/helpers", "dir2/helpers"]
helpers from dir1 should be loaded first. Before this commit, all
helpers were mixed and then sorted alphabetically, which essentially
would require to rename helpers to get desired order.
This is a problem especially for engines, where you would like to be
able to predict accurately which engine helpers will load first.
(closes #6496) | 
| | | 
| | 
| | 
| | | This options can be used to not escape the result by default. | 
| | | 
| | 
| | 
| | | Refactoring the truncate method to not do a sort-circuit return | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | rails helpers.
This way if my text is long I don't have to do something like this:
.text
= truncate(@text, :length => 27)
 if @text.size >= 27
    = link_to "continue", notes_path, ....."") | 
| | | |  | 
| |\ \  
| | | 
| | | | Added session.keys and session.values back to ActionDispatch::Request::Session | 
| | | | 
| | | 
| | | 
| | | | ActionDispatch::Request::Session#values | 
| |/ /  
| |   
| |   
| | | These tests check the values of 'min' and 'max' input attrs | 
| |\ \  
| | | 
| | | | Add HTML5 color and date/time inputs | 
| | | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | | The input types added are:
- input[type="month"]
- input[type="week"]
- input[type="datetime"]
- input[type="datetime-local"] | 
| | | | |  | 
| | |/  
|/|   
| |   
| |   
| | | * Added tests for 'else' case in ActionView::Helpers::TranslationHelper#wrap_translate_defaults
* Also updated the testing syntax of translation.html_safe? asserts to provide better output upon failure. | 
| | | |  | 
| | | 
| | 
| | 
| | 
| | | This reverts commit 254c04286c5916ae7f91eb6e173b312e7a74e364, reversing
changes made to 513a0525c24c2944630acfa465b22cd2f4601adf. | 
| |\ \  
| |/  
|/| | Resolver concurrency fix | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | The Template cache in the Resolver can be accessed by multiple threads
similtaneously in multi-threaded environments. The cache is implemented
using a Hash, which isn't threadsafe in all VMs (notably JRuby).
This commit extracts the cache to a new Cache class and adds mutexes to
prevent concurrent access. | 
| |\ \  
| | | 
| | | | When a route references a missing controller, raise ActionController::RoutingError with clearer message | 
| | | | 
| | | 
| | | 
| | | | ActionController::RoutingError with a clearer message | 
| | | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | | Although no recognized formats use non-ASCII characters, sometimes they
can be included in the :format parameter because of invalid URLS. To
prevent encoding incompatibility errors we need to escape them before
passing the path to URI.unescape.
Closes #4379 | 
| | | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | | Passing path parameters with invalid encoding is likely to trigger errors
further on like `ArgumentError (invalid byte sequence in UTF-8)`. This will
result in a 500 error whereas the better error to return is a 400 error which
allows exception notification libraries to filter it out if they wish.
Closes #4450 | 
| | | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | | Currently Rack raises a TypeError when it encounters a malformed or
ambiguous hash like `foo[]=bar&foo[4]=bar`. Rather than pass this
through to the application this commit captures the exception and
re-raises it using a new ActionController::BadRequest exception.
The new ActionController::BadRequest exception returns a 400 error
instead of the 500 error that would've been returned by the original
TypeError. This allows exception notification libraries to ignore
these errors if so desired.
Closes #3051 | 
| | | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | | Before this change, assert_recognizes, assert_generates, and
assert_routing raised ActionController::RoutingError when they failed to
recognize the route.
This commit changes them to raise Assertion instead. This aligns with
convention for logical failures, and supports reporting tools that care
about the difference between logical failures and errors e.g. the
summary at the end of a test run.
- Fixes #5899 | 
| | | | |  | 
| | | | |  | 
| | | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | 
| | | | Make the method API more clear by explicitly showing the expected
arguments. This means that the options cannot be passed as second
argument because we are not relying on extract_options! anymore,
you are expected to give a selected key or `nil` if you want to pass
options, as it is the last argument.
Notice that this does not change the current method arguments contract
available in 3.2, it just brings back the same functionality with the
divider addition. | 
| |\ \ \  
| | | | 
| | | | | Tidied and standardised text_helper implementations. |