| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
cookies are marshal-encoded. This is not the case when `secret_token` is
used in conjunction with the `:json` or `:hybrid` serializer.
In those case, when upgrading to use `secret_key_base`, this would cause a
`TypeError: incompatible marshal file format` and a 500 error for the user.
Fixes #14774.
*Godfrey Chan*
|
| |\
| |
| | |
replace class_eval by define_method in abstract_controller/callbacks
|
| | | |
|
| |/
|
|
|
| |
ActionController::Renderers::RENDERERS is an instance of Set. Docs incorrectly
state that it's a Hash.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Escape '%' characters in URLs - only unescaped data
should be passed to URL helpers
2. Add an `escape_segment` helper to `Router::Utils`
that escapes '/' characters
3. Use `escape_segment` rather than `escape_fragment`
in optimized URL generation
4. Use `escape_segment` rather than `escape_path`
in URL generation
For point 4 there are two exceptions. Firstly, when a route uses wildcard
segments (e.g. *foo) then we use `escape_path` as the value may contain '/'
characters. This means that wildcard routes can't be optimized. Secondly,
if a `:controller` segment is used in the path then this uses `escape_path`
as the controller may be namespaced.
Fixes #14629, #14636 and #14070.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The URI::Parser#escape method is a general use method that has to deal
with a variety of input however our use of it is limited in scope so
we can increase the performance by implementing our specific needs
within ActionDispatch::Journey::Router::Utils directly.
If there is no encoding required then there is no change in performance
or number of objects allocated, but for each character that needs to be
encoded we save five object allocations and gain a performance boost.
The performance boost seen varies from 20% when there is one character
to over 50% when encoding ten characters.
|
| |
|
|
|
|
|
|
|
|
| |
Makes it clear that anything passed with the helper must not be percent encoded.
Fixes previous behavior which tricks people into believing passing
non-percent-encoded will generate a proper percent-encoded path while in
reality it doesn't ('%' isn't escaped).
The intention is nice but the heuristic is broken.
|
| | |
|
| |\ |
|
| | | |
|
| | |
| |
| |
| | |
Related with cbb917455f306cf5818644b162f22be09f77d4b2
|
| | |
| |
| |
| | |
This was changed at cbb917455f306cf5818644b162f22be09f77d4b2
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | |
| | | |
Use common to_io so users can access the underlying IO object
|
| | | |
| | |
| | |
| | |
| | |
| | | |
In some cases users may need to work with/manipulate more of the
Tempfile api than provided by Upload. Allow users to get at the
underlying io via the common to_io method of IO/IO-like objects
|
| | | |
| | |
| | |
| | | |
Include proper module since AV was extracted form AP as mentioned in #14659.
|
| |\ \ \
| | | |
| | | | |
Display diagnostics in text format for xhr request
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Remove surplus period from assertion messages
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Fix subscriptions not being unsubscribed.
|
| | |/ / / |
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When requesting a controller with the following code with a unknown format:
def my_action
respond_to do |format|
format.json { head :ok }
format.any { render text: 'Default response' }
end
end
we should render the default response instead of raising ActionController::UnknownFormat
Fixes #14462
Conflicts:
actionpack/CHANGELOG.md
actionpack/test/controller/mime/respond_with_test.rb
Conflicts:
actionpack/CHANGELOG.md
|
| |/ /
| |
| |
| |
| |
| |
| | |
References to ``AppName::Application` removed in favour of ``Rails.application``
as generated with a new rails 4.1 app.
[ci skip]
|
| | | |
|
| |\ \
| | |
| | |
| | | |
Enhance routing error html page
|
| | | |
| | |
| | |
| | | |
- also refactored the javascript.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since `:shallow` may be set at any point in the resource nesting we should
only make the new and collection routes shallow when the parent is shallow.
This is a bit of a hack but until the mapper is refactored to an object graph
instead of a hash of merged values it's the best we can do.
Fixes #14684.
|
| |/ / |
|
| | |
| |
| |
| |
| | |
This parsing is unecessary once the Request object already has the
needed information.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Adding flash types to a controller within any of the tests will result
in a global state change of the controller under test.
This patch will prevent state leaks and allow us to run the test in random order.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| | |
- accepts_nested_attribute_for -> accepts_nested_attributes_for
|
| |\ \
| |/
|/| |
append link to bad code when error type is SyntaxError
|
| | | |
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
THe match documentation doesn't mention any requirement of the
parameter name requirement for matches. However, including a
bare glob character without a variable assignment causes a
parse error.
|
| | |/
|/| |
|
| | | |
|
| | | |
|
