aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
...
| * | | | Merge branch 'master' into bug/filtered_parameters_classLeonel Galán2017-04-0379-524/+1645
| |\ \ \ \
| * | | | | Fixes CodeClimate warningsLeonel Galan2017-02-131-2/+2
| | | | | |
| * | | | | Use of ParameterFilter no longer forces `request.filtered_parameters' class ↵Leonel Galan2017-02-133-2/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to be Hash - Fixes issue described on #27944 - `filtered_query_string` used an Array representation of what semantically is a key value pair: better suited for a Hash. Without this change `filtered_params = original_params.class.new` returns an Array with unintended consequences.
* | | | | | Fix examples for `AC::Parameters#to_query` [ci skip]yuuji.yaginuma2017-06-191-1/+6
| |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Without `permit`, `AC::Parameters#to_query` raise `AC::UnfilteredParameters`. ```ruby params = ActionController::Parameters.new({ name: "David", nationality: "Danish" }) params.to_query # => ActionController::UnfilteredParameters: unable to convert unpermitted parameters to hash ```
* | | | | Merge pull request #29451 from vipulnsward/29441-flatten-defaultRafael França2017-06-142-1/+2
|\ \ \ \ \ | | | | | | | | | | | | Allow translate default option to accept an array similar to i18n.t
| * | | | | Allow translate default option to accept an array similar to i18n.t. Fixes ↵Vipul A M2017-06-152-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | #29441
* | | | | | Use `require_relative` instead of `require` with full pathbogdanvlviv2017-06-141-1/+1
|/ / / / /
* | | | | Fix formatting of AD::FileHandler and AD::Static doc [ci skip]yuuji.yaginuma2017-06-131-7/+7
| | | | |
* | | | | Merge pull request #29263 from assain/default_message_encryptor_to_gcmKasper Timm Hansen2017-06-111-1/+1
|\ \ \ \ \ | | | | | | | | | | | | Default Message Encryptor Cipher to AES-256-GCM From AES-256-CBC
| * | | | | set message_encryptor default cipher to aes-256-gcmAssain2017-06-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | - Introduce a method to select default cipher, and maintain backward compatibility
* | | | | | Tiny documentation fixes [ci skip]Robin Dupret2017-06-061-3/+3
|/ / / / /
* | | | | Merge pull request #29294 from gsamokovarov/attributes-defaultKasper Timm Hansen2017-06-047-20/+10
|\ \ \ \ \ | | | | | | | | | | | | Introduce mattr_accessor default option
| * | | | | Use mattr_accessor default: option throughout the projectGenadi Samokovarov2017-06-037-20/+10
| | | | | |
* | | | | | Fix typo on error message when route definition is ambiguous.André Luis Leal Cardoso Junior2017-06-031-1/+1
| | | | | |
* | | | | | [ci skip] Fix typo in the system tests docsPrathamesh Sonpatki2017-06-031-1/+1
| | | | | |
* | | | | | Fix formatting of `direct` and `resolve` doc [ci skip]yuuji.yaginuma2017-06-031-14/+14
|/ / / / /
* | | | | SystemTesting::Driver can register capybara-webkit and poltergeistMario Alberto Chávez2017-06-024-9/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | drivers. When using `driver_by` with capybara-webkit or poltergeist, SystemTesting::Driver will register the driver while passing `screen_size` and `options` parameteres. `options` could contain any option supported by the underlying driver.
* | | | | Merge pull request #29191 from ↵Kasper Timm Hansen2017-05-291-5/+5
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | bogdanvlviv/pass_params_filename_lineno_to_class_eval Pass params __FILE__ and __LINE__ + 1 if class_eval with <<
| * | | | | Pass params __FILE__ and __LINE__ + 1 if class_eval with <<bogdanvlviv2017-05-291-5/+5
| | | | | |
* | | | | | Add option for class_attribute default (#29270)David Heinemeier Hansson2017-05-299-22/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Allow a default value to be declared for class_attribute * Convert to using class_attribute default rather than explicit setter * Removed instance_accessor option by mistake * False is a valid default value * Documentation
* | | | | | Merge pull request #28132 from mikeycgto/aead-encrypted-cookiesKasper Timm Hansen2017-05-284-89/+181
|\ \ \ \ \ \ | | | | | | | | | | | | | | AEAD encrypted cookies and sessions
| * | | | | | AEAD encrypted cookies and sessionsMichael Coyne2017-05-224-89/+181
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit changes encrypted cookies from AES in CBC HMAC mode to Authenticated Encryption using AES-GCM. It also provides a cookie jar to transparently upgrade encrypted cookies to this new scheme. Some other notable changes include: - There is a new application configuration value: +use_authenticated_cookie_encryption+. When enabled, AEAD encrypted cookies will be used. - +cookies.signed+ does not raise a +TypeError+ now if the name of an encrypted cookie is used. Encrypted cookies using the same key as signed cookies would be verified and serialization would then fail due the message still be encrypted.
* | | | | | | Merge pull request #28895 from codeforkjeff/fix-session-keys-and-values-methodsMatthew Draper2017-05-282-0/+20
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add lazy loading to #keys and #values methods in Session
| * | | | | | | Add lazy loading to #keys and #values methods in Sessioncodeforkjeff2017-04-262-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a bug where session.keys and session.values return an empty array unless one of the other methods that does lazy loading from the underlying store is called first. #keys and #values should also call #load_for_read!
* | | | | | | | Merge pull request #29176 from bogdanvlviv/define-path-with__dir__Matthew Draper2017-05-2619-38/+38
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Define path with __dir__
| * | | | | | | | Define path with __dir__bogdanvlviv2017-05-2319-38/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ".. with __dir__ we can restore order in the Universe." - by @fxn Related to 5b8738c2df003a96f0e490c43559747618d10f5f
* | | | | | | | | Merge pull request #28644 from mtsmfm/set-capybara-app-hostMatthew Draper2017-05-242-1/+18
|\ \ \ \ \ \ \ \ \ | |_|_|_|/ / / / / |/| | | | | | | | Set `Capybara.app_host` through `host!`
| * | | | | | | | Set `Capybara.app_host` through `host!`Fumiaki MATSUSHIMA2017-04-022-1/+18
| | |_|_|_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `visit "/"` will visit always "http://127.0.0.1" even when we call `host!`: ```ruby class SomeTest < ApplicationSystemTest def setup host! "http://example.com" end def test_visit visit root_url # => visit "http://example.com/" visit "/" # => visit "http://127.0.0.1/" end end ``` Because Capybara assumes that host is same as the server if we don't set `Capybara.app_host`: https://github.com/teamcapybara/capybara/blob/866c975076f92b5d064ee8998be638dd213f0724/lib/capybara/session.rb#L239
* | | | | | | | Remove unused simulate methodeileencodes2017-05-222-21/+21
| |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This method was only used in the Rails tests and not by other methods in the Rails simulator. Because it's a no-doc'd class it should be safe to remove without deprecation.
* | | | | | | Merge pull request #29072 from ↵Robin Dupret2017-05-211-0/+20
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | dixpac/dixpac/add_documentation_for_validate_and_callback_order_of_execution Improving docs for callbacks execution order [ci skip]
| * | | | | | Improving docs for callbacks execution order [ci skip]dixpac2017-05-211-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When define callbacks latest definition on the same callback/method overwrites previous ones.
* | | | | | | Merge pull request #29134 from joshaidan/document-action-nameAlex Kitchens2017-05-191-0/+8
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add documentation to accessors in AbstractController::Base
| * | | | | | | Clarified description of formats [ci skip]Brian Jones2017-05-191-1/+1
| | | | | | | |
| * | | | | | | Added missing punctuation [ci skip]Brian Jones2017-05-181-3/+3
| | | | | | | |
| * | | | | | | Specify only the body of the response is returned [ci skip]Brian Jones2017-05-181-1/+1
| | | | | | | |
| * | | | | | | Document accessors response_body, action_name, formats [ci skip]Brian Jones2017-05-171-0/+8
| | |_|_|_|_|/ | |/| | | | |
* | | | | | | Cleanup CHANGELOGs [ci skip]Ryuta Kamizono2017-05-191-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix indentation. * Add backticks.
* | | | | | | Use recyclable cache keys (#29092)David Heinemeier Hansson2017-05-189-37/+96
|/ / / / / /
* | | | | | Fixed string being modified in place causing frozen string errors in Ruby 2.3sepehr5002017-05-152-2/+12
| | | | | |
* | | | | | Fix `TestInvalidUrls` with rack 2.0.3yuuji.yaginuma2017-05-161-6/+6
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, raise `BadRequest` if params encoding is invalid. https://github.com/rails/rails/blob/5-1-stable/actionpack/lib/action_dispatch/http/parameters.rb#L64..L74 https://github.com/rails/rails/blob/5-1-stable/actionpack/lib/action_dispatch/request/utils.rb#L26..L39 However, env values are ensure encoded in ASCII 8 BIT at rack 2.0.3. https://github.com/rack/rack/commit/68db9aa99e3e2775a58621f658b2a7a0f67db459 Therefore, even if specify an invalid urls, it will not cause an error.
* | | | | Merge pull request #29062 from ↵Eileen M. Uchitelle2017-05-122-0/+7
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | eileencodes/force-encoding-to-original-string-encoding Maintain original encoding from path
| * | | | | Maintain original encoding from patheileencodes2017-05-122-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the path info is read from the socket it's encoded as ASCII 8BIT. The unescape method changes the encoding to UTF8 but it should maintain the encoding of the string that's passed in. This causes parameters to be force encoded to UTF8 when we don't actually know what the encoding of the parameter should be.
* | | | | | Pass block in ActionController::Parameters#deleteEugene Kenny2017-05-102-2/+23
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to fully support the same interface as `Hash#delete`, we need to pass the block through to the underlying method, not just the key. This used to work correctly, but it regressed when `ActionController::Parameters` stopped inheriting from `Hash` in 5.0.
* | | | | Should escape meta characters in regexpRyuta Kamizono2017-05-071-2/+2
| | | | |
* | | | | Remove `:doc:` in `:nodoc:` class [ci skip]Ryuta Kamizono2017-05-011-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | The `:doc:` was added in bc478158 but originally `UriEncoder` is a `:nodoc:` class.
* | | | | Add periodJon Moss2017-04-301-1/+1
| | | | | | | | | | | | | | | | | | | | [ci skip]
* | | | | Add docs for Router::Utils.unescape_uri methoddixpac2017-04-301-0/+4
| | | | |
* | | | | Cleanup CHANGELOGs [ci skip]Ryuta Kamizono2017-04-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove trailing spaces. * Add backticks around method and command. * Fix indentation.
* | | | | Do not try to encoding the parameters when the controller is not definedRafael Mendonça França2017-04-261-1/+7
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you have a route that points to an nonexistent controller we raise an exception. This exception was being caught by the DebugExceptions middleware in development, but when trying to render the error page, we are reading the request format[[1][]]. To determine the request format we are reading the format parameters[[2][]], and to be able to read the parameters we need to encode them[[3][]]. This was raising another exception that to encode the parameter we try to load the controller to determine if we need to encode the parameters are binary[[4][]]. This new exception inside the DebugExceptions middleware makes Rails to render a generic error page. To avoid this new exception now we only encode the parameters when the controller can be loaded. Fixes #28892 [1]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb#L80 [2]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/mime_negotiation.rb#L63 [3]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/parameters.rb#L58 [4]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/parameters.rb#L88
* | | | `respond_to_missing?` should be privateRyuta Kamizono2017-04-223-11/+13
| |_|/ |/| | | | | | | | | | | | | | | | | Follow up of 03d3f036. Some of `respond_to?` were replaced to `respond_to_missing?` in 03d3f036. But the visibility is still public. It should be private.