| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A callable object passed as a constraint for a route may access the request
parameters as part of its check. This causes the combined parameters hash
to be cached in the environment hash. If the constraint fails then any subsequent
access of the request parameters will be against that stale hash.
To fix this we delete the cache after every call to `matches?`. This may have a
negative performance impact if the contraint wraps a large number of routes as the
parameters hash is built by merging GET, POST and path parameters.
Fixes #2510.
(cherry picked from commit 56030506563352944fed12a6bb4793bb2462094b)
|
| |
|
|
|
|
| |
dangerous especially with Rack::Cache), it should only be loaded when the flash method is called
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IE since version 6 and recently Chrome and Firefox have started following
302 redirects from XHR requests other than GET/POST using the original request
method. This can lead to DELETE requests being redirected amongst other things.
Although it doesn't directly affect the Rails framework since it doesn't return
a 302 redirect to any non-GET/POST request a note has been added to raise
awareness of the issue. Some references:
Original article from @technoweenie:
http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/
Hacker News discussion of the article:
http://news.ycombinator.com/item?id=2903493
WebKit bug report:
https://bugs.webkit.org/show_bug.cgi?id=46183
Firefox bug report and changeset:
https://bugzilla.mozilla.org/show_bug.cgi?id=598304
https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d
Chrome bug report:
http://code.google.com/p/chromium/issues/detail?id=56373
HTTPbis bug report and changeset:
http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160
http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428
Roy T. Fielding's history of the issue:
http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html
Automated browser tests for the issue:
http://www.mnot.net/javascript/xmlhttprequest/
Fixes #4144
(cherry picked from commit 24f143789a8989f3bccde14ff28067de25cafd87)
|
|
|
|
|
| |
Closes #5886
Closes #3093
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
* The method for persisted records in 3-2-branch is 'PUT'
* size is generated by default in inputs
|
|
|
|
|
|
|
|
| |
(cherry picked from commit 7a80b69e00f68e673c6ceb5cc684aa9196ed3d9f)
Conflicts:
actionpack/test/controller/test_test.rb
|
|
|
|
| |
closes #3341
|
| |
|
| |
|
|
|
|
| |
Seriously people, please run the test before submitting pull request.
|
|\
| |
| | |
Catch nil.to_sym errors in partial_renderer, and raise ArgumentError instead
|
| |
| |
| |
| |
| |
| | |
Conflicts:
actionpack/test/template/render_test.rb
|
| | |
|
|/ |
|
| |
|
|
|
|
| |
Closes #5677
|
|\ |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
Closes #5632
|
| |
| |
| |
| |
| | |
If embedding auth_token in remote forms is off and we
pass a value for auth_token it should respect it.
|
| |
| |
| |
| | |
Embed auth token in remote forms
|
| |
| |
| |
| | |
Textarea newline fix breaks haml (3-2-stable)
|
| | |
|
| |
| |
| |
| | |
Closes #5632
|
| |
| |
| |
| |
| | |
If embedding auth_token in remote forms is off and we
pass a value for auth_token it should respect it.
|
| |
| |
| |
| |
| |
| |
| |
| | |
There is a regression introduced in 16ee611fa, which breaks
remote forms that should also work without javascript. This commit
introduces config option that allows to configure this behavior
defaulting to the old behavior (ie. include authenticity token
in remote forms by default)
|
|\ \
| | |
| | | |
[3-2-stable] Fix label_tag to merge the options hash with the object hash
|
| | |
| | |
| | |
| | |
| | |
| | | |
hash.
Closes #2492 and #5614
|
| | |
| | |
| | |
| | |
| | |
| | | |
objectify_options method should be applied to the proper options arg.
See explanation and example of the bug - https://github.com/kryzhovnik/rails_field_error_proc_bug_example
|
|\ \ \
| |_|/
|/| | |
Textarea newline fix breaks haml (3-2-stable)
|
| | |
| | |
| | |
| | |
| | |
| | | |
See issue #393, issue #4000, issue #5190, and issue #5191. Adds a newline after the textarea opening tag based on @codykrieger's original patch so that we don't cause regressions in Haml-using apps. The regression caused textarea tags to add newlines to the field unintentionally (each update/save added an extra newline.)
Also fix 6 more tests that didn't yet have the newline expectation.
|
| |/
|/| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously `rendered_format` was set only based on mime types
passed in Accept header, which was wrong if first type from
Accept was different than rendered partial. The fix is to simply
move setting rendered_format to the place where template
is available and grab format from the template. If it fails
we can fallback to formats passed by Accept header.
|
|\ \
| |/
|/| |
Fix build for branch 3-2-stable - return the same session hash object
|
| |
| |
| |
| |
| |
| |
| |
| | |
Make sure to return the same hash object instead of returning a new one.
Returning a new one causes failures on cookie store tests, where it
tests for the 'Set-Cookie' header with the session signature.
This is due to the hash ordering changes on Ruby 1.8.7-p358.
|
|/ |
|
| |
|
|
|
|
| |
headers (and its causing problems for Strong Parameters attempt of wrapping request.parameters because it will change in testing)
|
| |
|