aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #6777 from route/logger_in_metal_testsCarlos Antonio da Silva2012-06-191-0/+17
|\ | | | | | | Added test for case when view doesn't have logger method when using ActionController::Metal controller.
| * Added test for case when view doesn't have logger method when using ↵Dmitry Vorotilin2012-06-191-0/+17
| | | | | | | | ActionController::Metal controller.
* | Ensure that cache-control headers are mergedJames Tucker2012-06-182-10/+44
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | There are several aspects to this commit, that don't well fit into broken down commits, so they are detailed here: * When a user uses response.headers['Cache-Control'] = some_value, then the documented convention in ConditionalGet is not adhered to, in this case, response.cache_control is ignored due to `return if self[CACHE_CONTROL].present?` * When a middleware sets cache-control headers that would clobber, they're converted to symbols directly, without underscores. This would lead to bugs. * Items that would live in :extras if set through expires_in, are placed directly in the @cache_control hash, and not respected in many cases (somewhat adhering to the aforementioned documentation). * Although quite useless, any directive named 'extras' would be ignored. The general convention applied is that expires_* take precedence, but no longer overwrite everything and expires_* are ALWAYS applied, even if the header is set. I am still unhappy about the contents of this commit, and the code in general. Ideally it should be refactored to no longer use :extras. I'd likely recommend expanding @cache_control into a class, and giving it the power to handle the merge in a more efficient fashion. Such a commit would be a larger change that could have additional semantic changes for other libraries unless they utilize expires_in in very standard ways.
* Bump tzinfo gem.kennyj2012-06-171-1/+1
|
* Merge pull request #6752 from steveklabnik/fix_5680Rafael Mendonça França2012-06-163-4/+21
|\ | | | | Respect absolute paths in compute_source_path.
| * Respect absolute paths in compute_source_path.Steve Klabnik2012-06-163-4/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using compute_source_path to determine the full path of an asset, if our source begins with '/', we don't want to include the directory. Examples are illustrative: > compute_source_path("foo", "stylesheets", "css") => "/Users/steve/src/my_app/public/stylesheets/foo.css" > compute_source_path("/foo", "stylesheets", "css") => "/Users/steve/src/my_app/public/foo.css" Before this patch, the second example would return the same as the first. Fixes #5680.
* | TestCase does not need to be loaded when loading the frameworkAaron Patterson2012-06-151-1/+3
| |
* | Support unicode character route in config/routes.rb.kennyj2012-06-165-3/+25
|/
* Use status, content_type, body method signature for render tooSantiago Pastorino2012-06-141-4/+3
|
* Refactor public exceptions to reuse render format methodCarlos Antonio da Silva2012-06-141-9/+6
|
* adding a test for #6459Aaron Patterson2012-06-141-0/+10
|
* Revert "AV::TestCase does not need to be loaded when eagerly loading the"Aaron Patterson2012-06-141-2/+1
| | | | This reverts commit f5e7cb84cd377feb1b60c5356ce02123e9c94380.
* we raise a subclass of LoadError, so rescue thatAaron Patterson2012-06-141-1/+6
|
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-06-142-8/+26
|\
| * moar copy edits [ci skip]Vijay Dev2012-06-141-2/+1
| |
| * copy editing [ci skip]Vijay Dev2012-06-141-4/+7
| |
| * fixed http token authentication formattingJakub Kuźma2012-06-121-8/+13
| |
| * on CSRF whitelisting the argument for :if must be a symbolDaniel Lopes2012-06-071-1/+1
| |
| * fix typos on the CSRF whitelisting docDaniel Lopes2012-06-071-3/+3
| |
| * Document the CSRF whitelisting on get requestsDaniel Lopes2012-06-071-5/+16
| |
* | AV::TestCase does not need to be loaded when eagerly loading theAaron Patterson2012-06-141-1/+2
| | | | | | | | framework
* | i suck, fixing error messageAaron Patterson2012-06-141-1/+1
| |
* | Wrap up missing helper exceptionsAaron Patterson2012-06-141-2/+10
| | | | | | | | | | | | | | The `path` method on missing helper errors is inconsistent with the implementation on LoadError in Ruby 2.0. Wrap up the missing helper exceptions so that the inconsistent behavior is mirrored in Ruby 2.0 (until we can figure out *why* it's inconsistent).
* | using hax to fix tests on Ruby 2.0Aaron Patterson2012-06-131-1/+6
| |
* | Fix buildSantiago Pastorino2012-06-131-2/+2
| |
* | Merge pull request #6721 from homakov/patch-2Santiago Pastorino2012-06-131-3/+0
|\ \ | | | | | | These lines don't help to mitigate CVE. They only turn [nil] into nil, w...
| * | These lines don't help to mitigate CVE. They only turn [nil] into nil, w/o ↵Egor Homakov2012-06-131-3/+0
| | | | | | | | | | | | | | | | | | them [nil] turns into [] and that is quite innocent. generated SQL - `IN (NULL)` compact! did all the job.
* | | ActionController::Caching depends on RackDelegation and ↵Santiago Pastorino2012-06-132-0/+35
|/ / | | | | | | AbstractController::Callbacks
* | Merge branch 'master-sec'Aaron Patterson2012-06-122-2/+8
|\ \ | | | | | | | | | | | | * master-sec: Array parameters should not contain nil values.
| * | Array parameters should not contain nil values.Aaron Patterson2012-06-122-2/+8
| | |
* | | content_type is already a Mime::Type objectSantiago Pastorino2012-06-121-1/+1
| | |
* | | This consider_all_requests_local doesn't make senseSantiago Pastorino2012-06-122-21/+2
|/ / | | | | | | | | This middleware is only for Public Exceptions. This follows bd8c0b8a
* | Return proper format on exceptionsSantiago Pastorino2012-06-113-14/+81
| |
* | both string and sumbol will be interpolated as string no need to convert to_sganesh2012-06-112-8/+8
| |
* | Symbol responds_to :upcase & :downcase in Ruby >= 1.9Akira Matsuda2012-06-062-4/+4
| |
* | stop `to_s`ing method namesAkira Matsuda2012-06-061-16/+16
| | | | | | | | Module#methods are Symbols in Ruby >= 1.9
* | fix meaningless test caseAkira Matsuda2012-06-061-1/+1
| | | | | | | | | | Module#instance_methods returns an Array of Symbols in Ruby >= 1.9 So this was not actually testing anything
* | One-liner code for logger in ActionView::Helpers::ControllerHelperDmitry Vorotilin2012-06-051-5/+1
| |
* | Merge pull request #6631 from yuki24/use_block_in_button_helperJosé Valim2012-06-052-3/+18
|\ \ | | | | | | Accept a block in FormHelper#button
| * | accept a block in button helper.Yuki Nishijima2012-06-052-3/+18
| |/
* / Metal controller doesn't have logger method, check it and then delegateDmitry Vorotilin2012-06-051-2/+8
|/
* Allow to use mounted helpers in ActionView::TestCasePiotr Sarnacki2012-06-014-1/+24
| | | | | Similarly to 6525002, this allows to use routes helpers for mounted helpers, but this time in ActionView::TestCase
* Merge pull request #6588 from nbibler/polymorphic_to_modelJosé Valim2012-06-012-2/+34
| | | | Correct the use of to_model in polymorphic routing
* Sync CHANGLOG with the 3-2-stable branchRafael Mendonça França2012-06-011-0/+32
|
* Include routes.mounted_helpers into integration testsPiotr Sarnacki2012-06-014-3/+27
| | | | | | | | | | | | | | | In integration tests, you might want to use helpers from engines that you mounted in your application. It's not hard to add it by yourself, but it's unneeded boilerplate. mounted_helpers are now included by default. That means that given engine mounted like: mount Foo::Engine => "/foo", :as => "foo" you will be able to use paths from this engine in tests this way: foo.root_path #=> "/foo" (closes #6573)
* Merge branch 'master-sec'Aaron Patterson2012-05-312-1/+28
|\ | | | | | | | | | | * master-sec: Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this! predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
| * Strip [nil] from parameters hash.Aaron Patterson2012-05-302-1/+28
| | | | | | | | | | | | Thanks to Ben Murphy for reporting this! CVE-2012-2660
| * Fix the buildSantiago Pastorino2012-05-221-1/+0
| |
| * require active_support/lazy_load_hooks where is neededSantiago Pastorino2012-05-221-0/+1
| |
* | Extracted redirect logic from ActionController::Force::ClassMethods.force_sslJeremy Friesen2012-05-313-7/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | Prior to this patch the existing .force_ssl method handles both defining the filter and handling the logic for performing the redirect. With this patch the logic for redirecting to the HTTPS protocol is separated from the filter logic that determines if a redirect should occur. By separating the two levels of behavior, an instance method for ActionController (i.e. #force_ssl_redirect) is exposed and available for more granular SSL enforcement. Cleaned up indentation.