aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Expand)AuthorAgeFilesLines
* * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealin...Aaron Patterson2013-01-084-5/+38
* Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-085-51/+5
* Merge branch 'master-sec'Aaron Patterson2013-01-085-5/+51
|\
| * CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-0/+13
| * * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealin...Aaron Patterson2013-01-074-5/+38
* | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-01-0910-26/+34
|\ \
| * | prefer american spelling of 'behavior'Gosha Arinich2013-01-071-1/+1
| * | HTTP 302 means Found, not MovedChase DuBois2013-01-051-1/+1
| * | extract alert= and notice= examples to FlashHash#now [ci skip]Francesco Rodriguez2013-01-031-17/+15
| * | Revert "TODO typo fix"Akira Matsuda2013-01-041-1/+1
| * | TODO typo fixGosha Arinich2013-01-041-1/+1
| * | Add examples `alert=` and `notice=`, using memeslambda_2013-01-031-0/+10
| * | Change `Example for` to `Example of`lambda_2013-01-031-2/+2
| * | PUT => PATCHAkira Matsuda2013-01-033-6/+6
| * | s/ERb/ERB/Akira Matsuda2013-01-021-1/+1
| * | PUT => PATCH or PUTAkira Matsuda2013-01-021-1/+1
| * | find_or_create_by is deprecated in AR 4Akira Matsuda2013-01-021-3/+3
| * | Model.scoped is deprecated in favour of Model.allAkira Matsuda2013-01-021-4/+4
* | | view_cache_dependency APIJamis Buck2013-01-086-10/+72
* | | Merge pull request #8810 from NARKOZ/image-submit-tagSteve Klabnik2013-01-083-9/+14
|\ \ \
| * | | set 'alt' attribute for image_submit_tagNihad Abbasov2013-01-083-9/+14
* | | | Revert "unpermitted params" exception -- it's just not going to work. See the...David Heinemeier Hansson2013-01-083-102/+11
* | | | Never treat action or controller as unpermitted paramsDavid Heinemeier Hansson2013-01-082-6/+25
* | | | Bump rack dependency to 1.4.3Carlos Antonio da Silva2013-01-081-1/+1
* | | | Eliminate Rack::File headers deprecation warningSam Ruby2013-01-081-1/+1
|/ / /
* | | Do not generate local vars for partials without object or collectionCarlos Antonio da Silva2013-01-084-1/+15
* | | Avoid Rack security warning no secret providedSantiago Pastorino2013-01-081-0/+2
| |/ |/|
* | improve StrongParameters documentation [ci skip]Francesco Rodriguez2013-01-071-8/+7
* | access `@path` and `@routes` via reader methods in journeyGosha Arinich2013-01-072-3/+3
* | refactor ShowExceptions' #call to use def-rescue instead of begin-rescueGosha Arinich2013-01-071-7/+4
* | remove begin-rescue in favor of def-rescueGosha Arinich2013-01-071-10/+9
* | Fix operators precedence issueRafael Mendonça França2013-01-061-1/+1
* | Merge pull request #8787 from tank-bohr/masterRafael Mendonça França2013-01-061-2/+2
|\ \
| * | return multiple assingment and response variabletank-bohr2013-01-071-2/+2
* | | Merge pull request #8785 from goshakkk/refactor-debug-exceptionsRafael Mendonça França2013-01-061-2/+1
|\ \ \ | |/ / |/| |
| * | refactor DebugExceptions by combining two conditionals into oneGosha Arinich2013-01-071-2/+1
* | | Reduce number of Strings a bitAkira Matsuda2013-01-072-4/+4
* | | Namespace HashWithIndifferentAccessAkira Matsuda2013-01-074-6/+5
|/ /
* | Merge pull request #8783 from goshakkk/refactor-journey-routesRafael Mendonça França2013-01-061-12/+11
|\ \
| * | refactor Journey::RoutesGosha Arinich2013-01-071-12/+11
* | | fix for rbxtank-bohr2013-01-071-2/+2
|/ /
* | Needless requiresAkira Matsuda2013-01-062-6/+0
* | Missing requiresAkira Matsuda2013-01-062-0/+2
* | These are already required through AS/railsAkira Matsuda2013-01-065-6/+0
* | Rename route_wrapper partial layout to tableCarlos Antonio da Silva2013-01-062-1/+1
* | Move table routes formatter class to the inspector and rename itCarlos Antonio da Silva2013-01-063-19/+19
* | Merge pull request #8777 from goshakkk/delegate-classAndrew White2013-01-062-2/+2
|\ \
| * | delegate to :class rather than 'self.class'Gosha Arinich2013-01-062-2/+2
* | | Refactor the logic that checks whether or not to emit the hidden id fieldCarlos Antonio da Silva2013-01-061-7/+6
* | | Move the hidden :id field logic to where it belongs toCarlos Antonio da Silva2013-01-061-6/+9