aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
* Auth token mask from breach-mitigation-rails gemBradley Buda2014-08-192-8/+71
| | | | | | | | | | | | This merges in the code from the breach-mitigation-rails gem that masks authenticity tokens on each request by XORing them with a random set of bytes. The masking is used to make it impossible for an attacker to steal a CSRF token from an SSL session by using techniques like the BREACH attack. The patch is pretty simple - I've copied over the [relevant code](https://github.com/meldium/breach-mitigation-rails/blob/master/lib/breach_mitigation/masking_secrets.rb) and updated the tests to pass, mostly by adjusting stubs and mocks.
* extract methods and metaprogram less.Aaron Patterson2014-08-141-11/+16
|
* remove deprecated `MissingHelperError` proxy.Yves Senn2014-08-142-3/+5
| | | | The error was moved outside of the `ClassMethods` module.
* Merge pull request #16027 from tgxworld/template_assertionsYves Senn2014-08-143-0/+36
|\ | | | | Fixes to ActionController::TemplateAssertions
| * Fix assert_template for files.Guo Xiang Tan2014-08-143-0/+36
| | | | | | | | | | The test was not failing for `assert_template file: nil` when a file has been rendered.
* | ask the scope object if it is a resource_method_scopeAaron Patterson2014-08-131-10/+13
| |
* | ask the scope for the action nameAaron Patterson2014-08-131-14/+18
| |
* | reduce calls to scope_levelAaron Patterson2014-08-131-1/+5
| | | | | | | | | | this will help us to encapsulate magical symbols so hopefully we can eliminate hardcoded magic symbols
* | change to attr_readerAaron Patterson2014-08-131-5/+1
| |
* | scope_level is no longer a hash key, just use the ivarAaron Patterson2014-08-131-4/+9
| |
* | move the scope level key fully inside the scope objectAaron Patterson2014-08-131-1/+5
| |
* | move scope_level to a method on the scope objectAaron Patterson2014-08-131-7/+20
| | | | | | | | now we don't have to have a hard coded key
* | only look up scope level onceAaron Patterson2014-08-131-6/+7
| | | | | | | | avoid hash lookups and remove depency on the instance
* | only test `prefix` onceAaron Patterson2014-08-131-2/+4
| | | | | | | | we don't need to repeat if statements
* | pass consistent parameters to canonical_action?Aaron Patterson2014-08-131-5/+5
| | | | | | | | | | now we only have to look up @scope[:scope_level] once per call to canonical_action? and we don't have a variable named "flag"
* | fewer operations on the options hashAaron Patterson2014-08-132-11/+11
| | | | | | | | | | since we pass `as` down, then we won't have to do an insert / delete dance with the options hash
* | this should be accessing the hash, not calling a methodAaron Patterson2014-08-131-1/+1
| |
* | UnexpectedErrors may reference exceptions that can't be dumpedAaron Patterson2014-08-131-0/+17
| | | | | | | | | | | | UnexpectedError exceptions wrap the original exception, and the original exception may contain a reference to something that can't be marshal dumped which will cause the process to die.
* | [ci skip] correct default cache store classAditya Kapoor2014-08-131-1/+1
|/
* Merge pull request #16491 from akshay-vishnoi/doc-changesYves Senn2014-08-131-1/+1
|\ | | | | [ci skip] fix spelling of overridden
| * [ci skip] fix spelling of overrideAkshay Vishnoi2014-08-131-1/+1
| |
* | AM, AP, AV, and AMo tests are already order_independent!Akira Matsuda2014-08-131-5/+0
|/
* Merge pull request #16476 from akshay-vishnoi/doc-changesRafael Mendonça França2014-08-122-2/+2
|\ | | | | [ci skip] use "based on" or "based off of"
| * use 'based on' instead of 'based off' [ci skip]Akshay Vishnoi2014-08-122-2/+2
| |
* | Nobody sucks so nobody should call this awful method nameRafael Mendonça França2014-08-121-1/+1
|/
* users_dont_suck_but_only_we_suck_and_only_our_tests_are_order_dependent!Akira Matsuda2014-08-121-0/+5
| | | | | Calling ActiveSupport::TestCase.i_suck_and_my_tests_are_order_dependent! in AS::TestCase makes everyone's tests order dependent, which should never be done by the framework.
* Merge pull request #16440 from tgxworld/pass_log_in_blockSantiago Pastorino2014-08-091-4/+6
|\ | | | | Pass block for logging.
| * Pass block for logging.Guo Xiang Tan2014-08-091-4/+6
| | | | | | | | This follows the good practice listed on http://guides.rubyonrails.org/debugging_rails_applications.html#impact-of-logs-on-performance.
* | Revert "Merge pull request #16434 from strzalek/cookies-digest-config-option"Santiago Pastorino2014-08-083-30/+2
| | | | | | | | | | | | | | This reverts commit 705977620539e2be6548027042f33175ebdc2505, reversing changes made to dde91e9bf5ab246f0f684b40288b272f4ba9a699. IT BROKE THE BUILD!!!
* | Add config option for cookies digestŁukasz Strzałkowski2014-08-083-2/+30
| | | | | | | | | | | | You can now configure custom digest for cookies in the same way as `serializer`: config.action_dispatch.cookies_digest = \SHA256'
* | Merge pull request #16427 from ryandao/full_stack_source_extractGuillermo Iguaran2014-08-089-69/+114
|\ \ | | | | | | Full stack source extract
| * | Update actionpack CHANGELOGRyan Dao2014-08-081-0/+5
| | |
| * | Retrieve source code for the entire stack traceRyan Dao2014-08-088-69/+109
| |/ | | | | | | | | | | Provide the ability to extract the source code of the entire exception stack trace, not just the frame raising the error. This improves debugging capability of the error page, especially for framework-related errors.
* / Fixes to TestCaseTest.Guo Xiang Tan2014-08-081-4/+5
|/
* Fix spelling.Guo Xiang Tan2014-08-071-1/+1
|
* Remove ActionController::RaiseActionExceptions.Guo Xiang Tan2014-08-071-34/+0
| | | | | The latest modification to the code was done in https://github.com/rails/rails/commit/5e3517ea. In Rails 3.2, `ActionController#rescue_action` was deprecated and `rescue_action_without_handler` is no longer being used.
* refactor Redirecting so we do not need a controller instanceAaron Patterson2014-08-062-10/+7
|
* call the routes method on enginesAaron Patterson2014-08-051-74/+37
| | | | if we access the instance, we can free up lots of codes
* a rails application should be an engine subclassAaron Patterson2014-08-051-1/+1
|
* no reason to lazily instantiate the routesAaron Patterson2014-08-051-45/+42
| | | | | especially if you're just going to add a call two lines down that populates the cache. common.
* just assign the instance variables on the testAaron Patterson2014-08-051-7/+3
|
* avoid testing only_pathAaron Patterson2014-08-042-2/+5
| | | | | we know that this call only wants the path returned, so lets call a method that returns the path.
* Regenerate sid when sbdy tries to fixate the sessionSantiago Pastorino2014-08-042-12/+11
| | | | | | Fixed broken test. Thanks Stephen Richards for reporting.
* Using no_result_var in Journey's parser generatorJack Danger Canty2014-08-032-43/+33
| | | | | | | | | | | Previously the generated parser had an intermediate local variable `result` that really useful if you're building up a stateful object but Journey always discards the result argument to the reduce functions. This produces a simpler parser for anybody who actually wants to read the thing. Sadly, there's no real performance speedup with this change.
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2014-08-021-1/+2
|\ | | | | | | | | Conflicts: guides/source/testing.md
| * copy edits[ci skip]Vijay Dev2014-08-021-3/+1
| |
| * Performed Returns true if redirect/render has happenedGaurish Sharma2014-07-191-1/+4
| |
* | just set the host, no need for another hash allocation / merge!Aaron Patterson2014-08-011-1/+1
| |
* | always return a string from find_script_nameAaron Patterson2014-08-012-7/+9
| | | | | | | | this allows us to avoid nil checks on the return value
* | use `get` instead of accessing the named routes internalsAaron Patterson2014-07-311-1/+1
| |
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 05:41:31 +0000