| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
If the options :shallow_prefix and :shallow_path are not set in the
scope options then copy them from the normal :as and :path options
if they are set.
|
|
|
|
|
|
|
| |
If a developer has specified either :path or :as in the options hash then
these should be used as the defaults for :shallow_path and :shallow_prefix.
Fixes #14241.
|
|
|
|
|
|
|
|
| |
By tracking the depth of resource nesting we can push the need for nested
shallow scoping to only those routes that are nested more than one deep.
This allows us to keep the fix for #12498 and fix the regression in #14224.
Fixes #14224.
|
|\
| |
| | |
Make CSRF failure logging optional/configurable.
|
| |
| |
| |
| |
| | |
Added the log_warning_on_csrf_failure option to ActionController::RequestForgeryProtection
which is on by default.
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
`render :body` should just not set the `Content-Type` header. By
removing the header, it breaks the compatibility with other parts.
After this commit, `render :body` will returns `text/html` content type,
sets by default from `ActionDispatch::Response`, and it will preserve
the overridden content type if you override it.
Fixes #14197, #14238
This partially reverts commit 3047376870d4a7adc7ff15c3cb4852e073c8f1da.
|
|
|
|
|
|
|
|
|
|
|
| |
Take variants into account when calculating template digests in
ActionView::Digest.
Digestor#digest now takes a hash as an argument to support variants and
allow more flexibility in the future. Old-style arguments have been
deprecated.
Fixes #14242
|
| |
|
| |
|
|
|
|
|
|
| |
when an exception happens in an action before the response has been
committed, then we should re-raise the exception in the main thread.
This lets us reuse the existing exception handling.
|
|
|
|
|
|
| |
detect the type of controller we're testing and return the right type of
response based on that controller. This allows us to stop doing the
weird sleep thing.
|
|
|
|
| |
callback and an error happens
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 4f2cd3e9 introduced a bug by reordering the call to
`@controller.recycle!` above the call to `build_request_uri`. The
impact of this was that the `@_url_options` cache ends up not being
reset between building a request URI (occurring within the test
controller) and the firing of the actual request.
We encountered this bug because we had the following setup:
class MinimumReproducibleController < ActionController::Base
before_filter { @param = 'param' }
def index
render text: url_for(params)
end
def default_url_options
{ custom_opt: @param }
end
end
def test_index
get :index # builds url, then fires actual request
end
The first step in `get :index` in the test suite would populate the
@_url_options cache. The subsequent call to `url_for` inside of the
controller action would then utilize the uncleared cache, thus never
calling the now-updated default_url_options.
This commit fixes this bug calling recycle! twice, and removes a call
to set response_body, which should no longer be needed since we're
recycling the request object explicitly.
|
|
|
|
| |
when only 1 parameter is unpermitted.
|
|
|
|
|
| |
Setting this attribute to `true` will remove the content type header
from the request. This is use in `render :body` feature.
|
|
|
|
|
|
|
|
|
| |
This is an option for to HTML content with a content type of
`text/html`. This rendering option calls `ERB::Util.html_escape`
internally to escape unsafe HTML string, so you will have to mark your
string as html safe if you have any HTML tag in it.
Please see #12374 for more detail.
|
|
|
|
|
|
|
|
| |
This is as an option to render content with a content type of
`text/plain`. This is the preferred option if you are planning to render
a plain text content.
Please see #12374 for more detail.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an option for sending a raw content back to browser. Note that
this rendering option will unset the default content type and does not
include "Content-Type" header back in the response.
You should only use this option if you are expecting the "Content-Type"
header to not be set. More information on "Content-Type" header can be
found on RFC 2616, section 7.2.1.
Please see #12374 for more detail.
|
|
|
|
|
|
| |
if the controller action has not yet streamed any data, actions should
process as normal, and errors should trigger the appropriate behavior
(500, or in the case of ActionController::BadRequest, a 400 Bad Request)
|
|
|
|
| |
defined (just like any other variant)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow setting `request.variant` as an array - an order in which they will be
rendered.
For example:
request.variant = [:tablet, :phone]
respond_to do |format|
format.html.none
format.html.phone # this gets rendered
end
|
| |
|
| |
|
| |
|
|
|
|
| |
(currently failing)
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
This was a reaction to: https://github.com/rails/rails/pull/9700#issuecomment-34550210
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we set :shallow_path when shallow is called it can result in incorrect
paths if the resource is inside a namespace because namespace itself sets
the :shallow_path option to the namespace path.
We fix this by removing the :shallow_path option from shallow as that should
only be turning shallow routes on and not otherwise affecting the scope.
To do this we need to treat the :shallow option to resources differently to
other scope options and move it to before the nested block is called.
This change also has the positive side effect of making the behavior of the
:shallow option consistent with the shallow method.
Fixes #12498.
|
|\
| |
| | |
Fix response flatten infinite recursion
|
| |
| |
| |
| |
| |
| | |
Returning `self` from within the array returned by `to_ary`
caused this. Instead, we can just substitute another object.
It provides the `each` behavior required by the rack spec.
|
| | |
|
|\ \
| | |
| | | |
Remove outdated TODO from url_for test, this test was fixed in 900a2d30
|
| |/ |
|
| | |
|
|/ |
|
| |
|
|\
| |
| |
| |
| |
| |
| | |
Do not discard query parameters on requests that use wrap_parameters
Conflicts:
actionpack/CHANGELOG.md
|
| | |
|
| |
| |
| |
| |
| | |
Rename allowed options to :marshal and :json, for custom serializers
only allow the use of custom classes.
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
MessageEncryptor has :serializer option, where any serializer object can
be passed. This commit make it possible to set this serializer from configuration
level.
There are predefined serializers (:marshal_serializer, :json_serialzier)
and custom serializer can be passed as String, Symbol (camelized and
constantized in ActionDispatch::Session namepspace) or serializer object.
Default :json_serializer was also added to generators to provide secure
defalt.
|
|
|
|
|
|
|
|
| |
The request attributes filtered_parameters, filtered_env and filtered_path
are memoized for performance reasons. However this can cause unusual
behavior in tests where there are multiple calls to get, post, etc.
Fixes #13803.
|
| |
|
|
|
|
| |
Fixes #13824
|
| |
|