aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
* Add CHANGELOG.md entry for #31162 [ci skip]Andrew White2017-11-271-0/+60
|
* Add DSL for configuring Content-Security-Policy headerAndrew White2017-11-277-0/+622
| | | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
* Merge pull request #24510 from ↵Rafael Mendonça França2017-11-252-9/+6
|\ | | | | | | | | | | vipulnsward/make-variable_size_secure_compare-public Make variable_size_secure_compare public
| * Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`,Vipul A M2017-06-072-9/+6
| | | | | | | | | | | | | | to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings.
* | Merge pull request #31195 from mltsy/patch-2Vipul A M2017-11-241-1/+1
|\ \ | | | | | | Fix tld_length documentation in ActionDispatch::Cookies [ci skip]
| * | Fix tld_length documentationJoe Marty2017-11-211-1/+1
| | | | | | | | | Change recommendation for tld_length (for sharing cookies across subdomains of a 2-token TLD), to 2 instead of 1.
* | | Fix CustomUrls#direct doc formattingT.J. Schuck2017-11-221-6/+6
| | | | | | | | | | | | | | | Particularly, the bulleted list was getting formatted as a code block because of the extra level of indentation. Pulling it back to the left makes it render properly as a list instead. [ci skip]
* | | Update incorrect backtick usage in RDoc to teletypeT.J. Schuck2017-11-223-6/+6
|/ / | | | | [ci skip]
* | Fix `test_session_store_with_expire_after` failure with rack-test 0.7.1Ryuta Kamizono2017-11-201-2/+2
| | | | | | | | https://travis-ci.org/rails/rails/jobs/304428814#L1977
* | Merge pull request #30782 from NickLaMuro/improve_performance_of_inflectionsMatthew Draper2017-11-141-2/+2
|\ \ | | | | | | Cache regexps generated from acronym_regex
| * | Deprecate ActiveSupport::Inflector#acronym_regexNick LaMuro2017-10-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | To be removed in Rails 6.0 (default for the deprecate helper). Code moved around as well for the ActiveSupport::Deprecation modules, since it was dependent on ActiveSupport::Inflector being loaded for it to work. By "lazy loading" the Inflector code from within the Deprecation code, we can require ActiveSupport::Deprecation from ActiveSupport::Inflector and not get a circular dependency issue.
| * | Cache regexps generated from acronym_regexNick LaMuro2017-10-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Problem ----------- The following line from `String#camelize`: string = string.sub(/^(?:#{inflections.acronym_regex}(?=\b|[A-Z_])|\w)/) { |match| match.downcase } and the following line from `String#camelize`: word.gsub!(/(?:(?<=([A-Za-z\d]))|\b)(#{inflections.acronym_regex})(?=\b|[^a-z])/) { "#{$1 && '_'.freeze }#{$2.downcase}" }#{$2.downcase}" } Both generate the same regexep in the first part of the `.sub`/`.gsub` method calls every time the function is called, creating an extra object allocation each time. The value of `acronym_regex` only changes if the user decides add an acronym to the current set of inflections and apends another string on the the regexp generated here, but beyond that it remains relatively static. This has been around since acronym support was introduced back in 2011 in PR#1648. Proposed Solution ----------------- To avoid re-generating these strings every time these methods are called, cache the values of these regular expressions in the `ActiveSupport::Inflector::Inflections` instance, making it so these regular expressions are only generated once, or when the acronym's are added to. Other notable changes is the attr_readers are nodoc'd, as they shouldn't really be public APIs for users. Also, the new method, define_acronym_regex_patterns, is the only method in charge of manipulating @acronym_regex, and initialize_dup also makes use of that new change. ** Note about fix for non-deterministic actionpack test ** With the introduction of `@acronym_underscore_regex` and `@acronym_camelize_regex`, tests that manipulated these for a short time, then reset them could caused test failures to happen. This happened because the previous way we reset the `@acronyms` and `@acronym_regex` was the set them using #instance_variable_set, which wouldn't run the #define_acronym_regex_patterns method. This has now been introduced into the actionpack tests to avoid this failure.
* | | Bump RuboCop to 0.51.0Koichi ITO2017-11-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ## Summary RuboCop 0.51.0 was released. https://github.com/bbatsov/rubocop/releases/tag/v0.51.0 And rubocop-0-51 channel is available in Code Climate. https://github.com/codeclimate/codeclimate-rubocop/issues/109 This PR will bump RuboCop to 0.51.0 and fixes the following new offenses. ```console % bundle exec rubocop Inspecting 2358 files (snip) Offenses: actionpack/lib/action_controller/metal/http_authentication.rb:251:59: C: Prefer double-quoted strings unless you need single quotes to avoid extra backslashes for escaping. [key.strip, value.to_s.gsub(/^"|"$/, "").delete('\'')] ^^^^ activesupport/test/core_ext/load_error_test.rb:8:39: C: Prefer double-quoted strings unless you need single quotes to avoid extra backslashes for escaping. assert_raise(LoadError) { require 'no_this_file_don\'t_exist' } ^^^^^^^^^^^^^^^^^^^^^^^^^^^ 2358 files inspected, 2 offenses detected ```
* | | Merge pull request #31099 from nobu/patch-1Rafael Mendonça França2017-11-091-1/+1
|\ \ \ | | | | | | | | | | | | Use `Tempfile.create`
| * | | Use `Dir.mktmpdir`Nobuyoshi Nakada2017-11-091-1/+1
| | | | | | | | | | | | | | | | As `@cache_path` is expected to be a directory name, use `Dir.mktmpdir`. And omit unnecessary `Dir.tmpdir`.
| * | | Use `Tempfile.create`Nobuyoshi Nakada2017-11-091-1/+1
|/ / / | | | | | | Instead of `Dir::Tmpname.make_tmpname`, an internal method which does not guarantee uniqueness, use `Tempfile.create`.
* | | Merge pull request #31078 from aeroastro/feature/fix-typoRafael França2017-11-091-2/+2
|\ \ \ | | | | | | | | Fix typoes on ActionDispatch::HTTP::FilterParameters
| * | | Fix typo on ActionDispatc::HTTP::FilterParametersTakumasa Ochi2017-11-071-2/+2
| | | |
* | | | Fix merge conflict and rubocop offencesRyuta Kamizono2017-11-071-19/+18
| | | |
* | | | Merge pull request #22435 from yui-knk/fix_engine_route_testRafael Mendonça França2017-11-065-6/+91
|\ \ \ \ | | | | | | | | | | | | | | | Make `assert_recognizes` to traverse mounted engines
| * | | | Make `assert_recognizes` to traverse mounted enginesyui-knk2016-04-235-6/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this commit paths of mounted engines are not traversed when `assert_recognizes` is called, causing strange test results. This commit enable to traverse mounted paths.
* | | | | Explicitly pass window handle to `resize_window_to`yuuji.yaginuma2017-11-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unlike `resize_window`, `resize_window_to` has three arguments. https://github.com/thoughtbot/capybara-webkit/blob/d63c3c8e3ae844f0c59359532a6dcb50f4a64d0a/lib/capybara/webkit/driver.rb#L135-L143 Therefore, if pass only width and height just like `resize_window`, `ArgumentError`will be raised. To prevent this, explicitly pass window handler. Follow up of #31046
* | | | | Merge pull request #31055 from ↵Ryuta Kamizono2017-11-051-0/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | y-yagi/show_request_forgery_protection_methods_in_api_doc Show `RequestForgeryProtection` methods in api doc [ci skip]
| * | | | | Show `RequestForgeryProtection` methods in api doc [ci skip]yuuji.yaginuma2017-11-051-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several methods of `RequestForgeryProtection` are not showed in the api doc even though `:doc:` is specified. (e.g. `form_authenticity_param`) http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html These methods are listed in the doc of v4.1. http://api.rubyonrails.org/v4.1/classes/ActionController/RequestForgeryProtection.html This is due to the influence of `:nodoc:` added in #18102, methods after `CROSS_ORIGIN_JAVASCRIPT_WARNING` not showed from the doc. Therefore, in order to show the method like originally, added `startdoc` after `CROSS_ORIGIN_JAVASCRIPT_WARNING`.
* | | | | | Merge pull request #31046 from NARKOZ/fix-capybara-webkit-deprecationEileen M. Uchitelle2017-11-041-1/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix Capybara::Webkit::Driver#resize_window deprecation warning
| * | | | | | Fix Capybara::Webkit::Driver#resize_window deprecation warningNihad Abbasov2017-11-041-1/+1
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | >[DEPRECATION] Capybara::Webkit::Driver#resize_window is deprecated. Please use Capybara::Window#resize_to instead.
* / / / / / Improve docs of ActionDispatch::Routing::Mapperbogdanvlviv2017-11-031-4/+14
|/ / / / /
* | | | | Merge pull request #31034 from haneru/edit-commentEileen M. Uchitelle2017-11-021-1/+1
|\ \ \ \ \ | | | | | | | | | | | | [ci skip]Fix typo in comments.
| * | | | | Edited comment from request.rbhaneru2017-11-031-1/+1
| | | | | |
* | | | | | Prevent source line wrapping in rescue layoutDave Gynn2017-10-311-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Long source lines cause line wrapping in the extracted source section of the rescue handler page which can make the line numbers not match up with the source lines.
* | | | | | Merge pull request #31004 from shuheiktgw/remove_unnecessary_returnsRafael França2017-10-312-2/+2
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Remove redundant return statements
| * | | | | removed unnecessary returnsShuhei Kitagawa2017-10-282-2/+2
| | | | | |
* | | | | | Merge pull request #31005 from shuheiktgw/remove_unnecessary_semicolonsMatthew Draper2017-10-284-9/+9
|\ \ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | Removed unnecessary semicolons
| * | | | | removed unnecessary semicolonsShuhei Kitagawa2017-10-283-8/+8
|/ / / / /
* | | | | Merge pull request #31003 from y-yagi/add_load_hook_for_system_test_caseRyuta Kamizono2017-10-281-0/+2
|\ \ \ \ \ | | | | | | | | | | | | Add load hook for `ActionDispatch::SystemTestCase`
| * | | | | Add load hook for `ActionDispatch::SystemTestCase`yuuji.yaginuma2017-10-281-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is useful to extend `SystemTestCase`. Also, since other test classes already have load hooks, should also be in `SystemTestCase`. Ref: 0510208dd1ff23baa619884c0abcae4d141fae53
* | | | | | Merge pull request #31001 from eugeneius/rm_x_post_data_format_docRyuta Kamizono2017-10-281-3/+0
|\ \ \ \ \ \ | | | | | | | | | | | | | | Remove mention of X-Post-Data-Format header [ci skip]
| * | | | | | Remove mention of X-Post-Data-Format header [ci skip]Eugene Kenny2017-10-281-3/+0
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | Support for this header was removed when `actionpack-xml_parser` was extracted, and has since been dropped from the gem.
* / / / / / Puma Rack handler is required by CapybaraGuillermo Iguaran2017-10-281-2/+0
|/ / / / / | | | | | | | | | | See: https://github.com/teamcapybara/capybara/blob/7d693f068c44f6a460336da70fb6e9e5f94f3db9/lib/capybara.rb#L450
* | | | | checking for nested attributes when attribute names specified to wrap them ↵Kelton Manzanares2017-10-252-6/+21
| | | | | | | | | | | | | | | | | | | | as well
* | | | | Fixed functionality to include method in params_wrapper.rbRyan Perez2017-10-251-0/+7
| | | | | | | | | | | | | | | | | | | | to properly wrap all attributes, including those which are nested.
* | | | | Require capybara 2.15 because we depend on the new puma integrationRafael Mendonça França2017-10-251-1/+1
| | | | |
* | | | | specify minimum capybara version for system testsJoe Francis2017-10-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgraded rails applications may have a Gemfile without a new enough capybara to run system tests. Setting a version here gives the user a more direct error message than they get otherwise. Resolves #30952
* | | | | Change the deprecation horizon of the dynamic routes segment to 6.0Rafael Mendonça França2017-10-231-2/+2
| | | | |
* | | | | Remove deprecated `ActionController::ParamsParser::ParseError`Rafael Mendonça França2017-10-232-7/+6
| |_|/ / |/| | |
* | | | Add changelog entry about new `allow_other_host` option for `redirect_back` ↵bogdanvlviv2017-10-221-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | method [ci skip] Related to #30850
* | | | [Action Pack] require => require_relativeAkira Matsuda2017-10-2137-70/+70
| | | | | | | | | | | | | | | | | | | | This basically reverts e9fca7668b9eba82bcc832cb0061459703368397, d08da958b9ae17d4bbe4c9d7db497ece2450db5f, d1fe1dcf8ab1c0210a37c2a78c1ee52cf199a66d, and 68eaf7b4d5f2bb56d939f71c5ece2d61cf6680a3
* | | | Keep `:api: plugin` methods in the doc [ci skip]Ryuta Kamizono2017-10-202-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | `:api:` tag was removed in 5349f231 since RDoc doesn't support `:api:` tag. But those methods are not private API, they are public API for renderers. The renderers should be able to know that they can override this method.
* | | | Remove unused `UnknownController` classyuuji.yaginuma2017-10-181-3/+0
| | | | | | | | | | | | | | | | `UnknownController` was added in b1999be, but it is not used anywhere.
* | | | Merge pull request #30876 from y-yagi/selenium_chrome_headlessEileen M. Uchitelle2017-10-176-1/+41
|\ \ \ \ | | | | | | | | | | Add headless chrome driver to System Tests