aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
* `secret_token` is now saved in `Rails.application.secrets.secret_token`Benjamin Fleischer2014-11-021-4/+4
| | | | | | | | | | | | | | | | | | | | | | - `secrets.secret_token` is now used in all places `config.secret_token` was - `secrets.secret_token`, when not present in `config/secrets.yml`, now falls back to the value of `config.secret_token` - when `secrets.secret_token` is set, it over-writes `config.secret_token` so they are the same (for backwards-compatibility) - Update docs to reference app.secrets in all places - Remove references to `config.secret_token`, `config.secret_key_base` - Warn that missing secret_key_base is deprecated - Add tests for secret_token, key_generator, and message_verifier - the legacy key generator is used with the message verifier when secrets.secret_key_base is blank and secret_token is set - app.key_generator raises when neither secrets.secret_key_base nor secret_token are set - app.env_config raises when neither secrets.secret_key_base nor secret_token are set - Add changelog Run focused tests via ruby -w -Itest test/application/configuration_test.rb -n '/secret_|key_/'
* Call gsub with a Regexp instead of a String for better performancePablo Herrero2014-11-011-1/+1
|
* Prepare for 4.2.0.beta4 releaseGodfrey Chan2014-10-301-1/+1
|
* Merge pull request #17440 from claudiob/remove-yet-another-redundant-to-sXavier Noria2014-10-302-3/+3
|\ | | | | Remove redundant `to_s` in interpolation
| * Remove redundant `to_s` in interpolationclaudiob2014-10-302-3/+3
| |
* | Merge branch 'master-sec'Aaron Patterson2014-10-302-4/+32
|\ \ | |/ |/| | | | | * master-sec: FileHandler should not be called for files outside the root
| * FileHandler should not be called for files outside the rootAaron Patterson2014-10-102-4/+32
| | | | | | | | | | FileHandler#matches? should return false for files that are outside the "root" path.
* | edit pass over all warningsXavier Noria2014-10-286-9/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch uniformizes warning messages. I used the most common style already present in the code base: * Capitalize the first word. * End the message with a full stop. * "Rails 5" instead of "Rails 5.0". * Backticks for method names and inline code. Also, converted a few long strings into the new heredoc convention.
* | let's warn with heredocsXavier Noria2014-10-283-16/+28
| | | | | | | | | | | | | | | | | | | | | | | | The current style for warning messages without newlines uses concatenation of string literals with manual trailing spaces where needed. Heredocs have better readability, and with `squish` we can still produce a single line. This is a similar use case to the one that motivated defining `strip_heredoc`, heredocs are super clean.
* | Typos in the deprecation messageGodfrey Chan2014-10-281-2/+2
| |
* | Deprecate the `only_path` option on `*_path` helpers.Godfrey Chan2014-10-283-2/+116
| | | | | | | | | | | | | | | | | | | | | | | | In cases where this option is set to `true`, the option is redundant and can be safely removed; otherwise, the corresponding `*_url` helper should be used instead. Fixes #17294. See also #17363. [Dan Olson, Godfrey Chan]
* | Merge pull request #16229 from byroot/stop-swallowing-url-generation-errorsAndrew White2014-10-271-1/+1
|\ \ | | | | | | UrlGenerationError are not catched as 404 anymore
| * | UrlGenerationError are not catched as 404 anymoreJean Boussier2014-10-271-1/+1
| | |
* | | Merge pull request #17362 from bronzle/fix_debug_exceptions_appRafael Mendonça França2014-10-264-26/+76
|\ \ \ | |/ / |/| | Show the user’s application in the source window and select the correct ...
| * | Show the user’s application in the source window and select the correct ↵Byron Bischoff2014-10-234-26/+76
| | | | | | | | | | | | trace list, closes #17312
* | | give a better error message for misspelled helpersXavier Noria2014-10-253-1/+38
| | | | | | | | | | | | | | | | | | See comment in this patch for the rationale. References #16468
* | | Use AS secure_compare for CSRF token comparisonGuillermo Iguaran2014-10-231-2/+2
|/ /
* | fix small typo in routing testAccessd2014-10-211-1/+1
| |
* | Merge pull request #17313 from accessd/fix-url-generation-error-messageRafael Mendonça França2014-10-212-1/+11
|\ \ | | | | | | Fix url generation error message
| * | fix url generation error messageAccessd2014-10-212-1/+11
| | |
* | | remove duplicate method (_status_code) in action_dispatchAbdelkader Boudih2014-10-192-4/+1
| | |
* | | Make _status_code methods nodocPrathamesh Sonpatki2014-10-192-4/+4
|/ / | | | | | | | | - Also one minor change for documenting url_for method in ActionController::Metal. [ci skip]
* | Replace (slower) block.call with (faster) yieldclaudiob2014-10-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Performance optimization: `yield` with an implicit `block` is faster than `block.call`. See http://youtu.be/fGFM_UrSp70?t=10m35s and the following benchmark: ```ruby require 'benchmark/ips' def fast yield end def slow(&block) block.call end Benchmark.ips do |x| x.report('fast') { fast{} } x.report('slow') { slow{} } end # => fast 154095 i/100ms # => slow 71454 i/100ms # => # => fast 7511067.8 (±5.0%) i/s - 37445085 in 4.999660s # => slow 1227576.9 (±6.8%) i/s - 6145044 in 5.028356s ```
* | Use released rails-dom-testingRafael Mendonça França2014-10-161-1/+1
| |
* | some changelog formatting. [ci skip]Yves Senn2014-10-161-2/+2
| |
* | Fix typo in actionpack/lib/action_dispatch/routing/mapper.rbYuutetu2014-10-161-1/+1
| |
* | Merge pull request #17255 from printercu/cors_exception_wrapperRafael Mendonça França2014-10-151-10/+11
|\ \ | | | | | | ActionController::InvalidCrossOriginRequest fails with 422 instead of 500
| * | ActionController::InvalidCrossOriginRequest fails with 422 instead of 500Max Melentiev2014-10-141-10/+11
| | | | | | | | | | | | Fixes #15967
* | | Use `#tr` instead of `#gsub`Nicolas Cavigneaux2014-10-141-1/+1
| | | | | | | | | | | | | | | `#tr` is more efficient than `#gsub` and can be used as a drop in replacement in this context.
* | | Improve Journey compliance to RFC 3986Nicolas Cavigneaux2014-10-143-11/+34
|/ / | | | | | | | | | | | | | | | | | | The scanner in Journey fails to recognize routes that use literals from the sub-delims section of RFC 3986. This commit enhance the compatibility of Journey with the RFC by adding support of authorized delimiters to the scanner. Fix #17212
* | Merge pull request #17234 from arthurnn/add_regression_for_path_and_cascadeRafael Mendonça França2014-10-131-0/+8
|\ \ | | | | | | Add regression test for router was overwriting PATH_INFO
| * | Add regression test for router was overwriting PATH_INFOArthur Neves2014-10-101-0/+8
| |/ | | | | | | [related #17233]
* / Replace Array#shuffle.first with Array#sampleErik Michaels-Ober2014-10-131-2/+2
|/
* Request#check_method no longer breaks when :en is not available localeStefan Henzen2014-10-092-1/+17
| | | | | | | | Request#check_method would use to_sentence(locale: :en), which breaks when I18n.available_locales does not include :en and I18n.enforce_available_locales is true (default). Inlined to_sentence functionality to solve this.
* Rephrasing sentencesNeeraj Singh2014-10-071-2/+2
|
* Merge pull request #17088 from robin850/jruby-devRafael Mendonça França2014-10-011-0/+1
|\ | | | | Follow up to #16613
| * Follow up to #16613Robin Dupret2014-09-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Since we want this flag to be enabled anytime we are running the tests under JRuby, let's enable this at the Rakefile level so people get the performance boost on their local checkout. Moreover, we avoid having to update this particular line anytime the option changes on the JRuby side. The only drawback is that we have to define it in every Rakefile but there's no big deal, this is already the case for other options.
* | Remove RUNNING UNIT TESTS from ActionPackclaudiob2014-09-301-17/+0
| | | | | | | | | | | | | | | | [ci skip] Following discussion with @senny https://github.com/rails/rails/pull/17100#issuecomment-57285273 it only makes sense to keep this file form projects that require extra instructions.
* | Responder was removed at ee77770d57de9da87b05a2fe84b9d46ec6852c62Akira Matsuda2014-09-301-1/+0
| |
* | Parse HTML as document fragment.Kasper Timm Hansen2014-09-294-6/+6
| | | | | | | | This is to match the changes in Rails Dom Testing rails/rails-dom-testing#20.
* | Use Hash#each_key instead of Hash#keys.eachErik Michaels-Ober2014-09-294-9/+9
| | | | | | | | | | | | Hash#keys.each allocates an array of keys; Hash#each_key iterates through the keys without allocating a new array. This is the reason why Hash#each_key exists.
* | Merge branch 'master' of github.com:rails/docrailsVijay Dev2014-09-281-6/+6
|\ \ | |/ |/|
| * Consistently markup etag options.Steven Harman2014-09-161-3/+3
| |
| * Consistently capitalize ETag.Steven Harman2014-09-161-3/+3
| |
* | Preparing for 4.2.0.beta2 releaseRafael Mendonça França2014-09-261-1/+1
| |
* | Revert "Merge pull request #16966 from why-el/symbolize-path-params"Rafael Mendonça França2014-09-252-9/+0
| | | | | | | | | | | | | | | | This reverts commit 9d05d6de52871e57bfbf54a60de005e8a5f5b0e4, reversing changes made to 0863c9248fd47a15e88e05ce4fcd80966684c0e3. The change in the behaviour reported at #16958 doesn't exist since 4.0 and 4.1 works in the same way
* | Ensure named path params are symbols (Fixes #16958)Mohamed Wael Khobalatte2014-09-252-0/+9
| |
* | No need CHANGLOG entry for a bug in a non released versionRafael Mendonça França2014-09-251-7/+0
| | | | | | | | [ci skip]
* | Keep the original implementation to not having to allocate new objectsRafael Mendonça França2014-09-251-2/+15
| |
* | Merge pull request #17058 from eval/issue-17057Rafael Mendonça França2014-09-252-18/+10
|\ \ | | | | | | | | | Remove internal options from query string of paths