aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
* Ensure request is present, as well as defined. [nzkoz]Michael Koziarski2007-09-291-4/+4
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7676 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Re-enable Routing optimisation code for _url methods, add defined?(request) ↵Michael Koziarski2007-09-283-17/+23
| | | | | | to the guard conditions git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7673 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Better error messages if you leave out the :secret option for request ↵Rick Olson2007-09-283-46/+81
| | | | | | forgery protection. Closes #9670 [rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7671 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Add missing requireMichael Koziarski2007-09-281-0/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7670 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Allow ability to disable request forgery protection, disable it in test mode ↵Rick Olson2007-09-2812-21/+75
| | | | | | by default. Closes #9693 [lifofifo] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7668 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed spelling errors (closes #9706) [tarmo/rmm5t]David Heinemeier Hansson2007-09-2818-30/+30
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7666 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed the layout defaults (closes #9564) [lifo]David Heinemeier Hansson2007-09-288-17/+96
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7661 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Avoid calling is_missing on LoadErrors. Closes #7460.Nicholas Seckar2007-09-272-1/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7644 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Reinstate the default AR.instantiate_observers to_prepare block.Jeremy Kemper2007-09-261-0/+6
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7641 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Move Railties' Dispatcher to ActionController::Dispatcher, introduce before_ ↵Jeremy Kemper2007-09-264-1/+302
| | | | | | and after_dispatch callbacks, and warm up to non-CGI requests. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7640 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Protect button_to behind protect_from_forgery (closes #9675) [lifo]David Heinemeier Hansson2007-09-252-108/+45
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7636 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Please do rememberDavid Heinemeier Hansson2007-09-251-0/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7633 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added another failing testDavid Heinemeier Hansson2007-09-251-0/+24
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7632 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Doh, forgot this fileDavid Heinemeier Hansson2007-09-251-0/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7631 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Better failing testsDavid Heinemeier Hansson2007-09-253-6/+6
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7630 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added failing tests for iphoneDavid Heinemeier Hansson2007-09-253-6/+15
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7629 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Updated iphone_with_html_response_type to fail as it uses the new ↵David Heinemeier Hansson2007-09-241-2/+2
| | | | | | register_alias approach git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7625 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Change from InvalidToken to InvalidAuthenticityToken to be more specificDavid Heinemeier Hansson2007-09-243-28/+33
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7623 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Stop rdoc from whiningDavid Heinemeier Hansson2007-09-242-8/+8
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7622 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Move rescue_action_with_handler from rescue_action to perform_action so it ↵Jeremy Kemper2007-09-241-2/+2
| | | | | | isn't clobbered by test overrides. References #9449, closes #9645. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7618 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Include asset host in public path cache key. Clear cache between asset tag ↵Jeremy Kemper2007-09-243-9/+22
| | | | | | tests. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7617 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* port over some of the csrf_killer README docsRick Olson2007-09-241-0/+13
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7614 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Beefed up docs a bitDavid Heinemeier Hansson2007-09-241-17/+27
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7612 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cache computed public asset paths.Jeremy Kemper2007-09-241-16/+20
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7611 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cache more file existence checks. Flip-flop escaping.Jeremy Kemper2007-09-241-9/+16
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7610 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cache file existence checks and the list of all stylesheet sources. Manually ↵Jeremy Kemper2007-09-241-7/+10
| | | | | | escape tag attributes. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7609 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* The tag helper may bypass escaping.Jeremy Kemper2007-09-243-17/+32
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7608 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cache asset ids.Jeremy Kemper2007-09-242-3/+14
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7607 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* escape_once uses negative lookahead to avoid double-escaping instead of a ↵Jeremy Kemper2007-09-241-6/+1
| | | | | | second gsub git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7606 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Optimized named routes respect AbstractRequest.relative_url_root. Closes #9612.Jeremy Kemper2007-09-233-4/+13
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7605 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Dont need all of test/unit (closes #6673) [zenspider/josh]David Heinemeier Hansson2007-09-231-1/+0
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7602 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Remove , and ; (comma and semicolon) from routing separators again. ↵Jeremy Kemper2007-09-232-3/+3
| | | | | | References #8558. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7599 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed cache_page to use the request url instead of the routing options when ↵David Heinemeier Hansson2007-09-232-8/+20
| | | | | | picking a save path (closes #8614) [josh] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7598 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Introduce ActionController::Base.rescue_from to declare exception-handling ↵Jeremy Kemper2007-09-233-12/+91
| | | | | | methods. Cleaner style than the case-heavy rescue_action_in_public. Closes #9449. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7597 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Rename some RequestForgeryProtection methods. The class method is now ↵Rick Olson2007-09-238-44/+50
| | | | | | #protect_from_forgery, and the default parameter is now 'authenticity_token'. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7596 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* move TextHelper#sanitize config options to the TextHelper module so it can ↵Rick Olson2007-09-232-130/+146
| | | | | | be included and used with any class, not just ActionView::Base git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7595 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model ↵Rick Olson2007-09-2316-22/+368
| | | | | | that verifies session-specific _tokens for non-GET requests. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7592 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. ↵Rick Olson2007-09-234-53/+423
| | | | | | Closes #8877. [Rick, lifofifo, Jacques Distler] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7589 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Test fix (closes #6911)David Heinemeier Hansson2007-09-221-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7587 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Improve tests (closes #7240) [josh]David Heinemeier Hansson2007-09-221-0/+5
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7581 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Roll back #7578, tests failedDavid Heinemeier Hansson2007-09-222-12/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7580 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Improve the error message for assert_redirected_to (closes #7337) [sandofsky]David Heinemeier Hansson2007-09-222-3/+12
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7578 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Disable the routing optimisation code when dealing with foo_url helpers. ↵Michael Koziarski2007-09-222-9/+11
| | | | | | Add test to actionmailer to expose the problem they introduced. References #9450 [Koz] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7572 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Remove use of & logic operator. Closes #8114.Nicholas Seckar2007-09-222-1/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7571 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed JavaScriptHelper#escape_javascript to also escape closing tags (closes ↵David Heinemeier Hansson2007-09-223-1/+4
| | | | | | #8023) [rubyruy] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7567 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed TextHelper#word_wrap for multiline strings with extra carrier returns ↵David Heinemeier Hansson2007-09-223-1/+9
| | | | | | (closes #8663) [seth] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7562 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Allow frameworks to be required by their gem name (closes #8845) [drnic]David Heinemeier Hansson2007-09-221-0/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7560 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Doc fix (closes #9123) [tzaharia]David Heinemeier Hansson2007-09-221-1/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7559 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Use rel="stylesheet" in lowercase as prescribed by XHTML standards (closes ↵David Heinemeier Hansson2007-09-222-36/+36
| | | | | | #8910) [RSL] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7558 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Doc fix (closes #9414) [Henrik N]David Heinemeier Hansson2007-09-221-3/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7548 5ecf4fe2-1ee6-0310-87b1-e25e094e27de