aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #31713 from aellispierce/refactor-browser-optionsEileen M. Uchitelle2018-01-174-29/+57
|\ | | | | Move browser config to its own class
| * Move browser checking to its own classAshley Ellis Pierce2018-01-154-29/+57
| |
* | Fix typos, update documentationJames Lovejoy2018-01-111-2/+2
| | | | | | | | [ci skip]
* | Merge pull request #31534 from claudiob/kaspth-approachKasper Timm Hansen2018-01-093-0/+35
|\ \ | | | | | | Don't include Active Storage migrations in new apps
| * | Help if Active Storage tables are missingClaudio B2017-12-213-0/+35
| |/ | | | | | | | | | | When a user tries to create a new attachment or blog and the matching table is missing from the database (`active_storage_attachments` and `active_storage_blobs` by default), an informative error is displayed that invites users to run the `active_storage:install` task.
* | Add 'Referrer-Policy' header to default headers setGuillermo Iguaran2018-01-083-3/+10
| |
* | Added deprecations and removals notes for Action Pack [ci skip]Prathamesh Sonpatki2018-01-071-1/+1
| |
* | Add missing require for `strip_heredoc`Peter Wagenet2018-01-041-0/+1
| |
* | Merge pull request #31594 from yuki24/refactor-request-testEileen M. Uchitelle2018-01-041-89/+75
|\ \ | | | | | | Refactor tests for request parameters to use more realistic setup
| * | Use more realistic setup rather than stubbingYuki Nishijima2017-12-291-89/+75
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These assertions did matter due to the inconsistent behavior of [the #parameters method][1]. Today, it behaves consistently and they could be removed. Also, one of the methods was stubbed somewhat incorrectly, so it is better not to stub and instead, make them close to more realistic use cases. [1]: https://github.com/rails/rails/pull/13999#issuecomment-34601746
* | | Bump license years for 2018Yoshiyuki Hirano2017-12-313-3/+3
| | |
* | | let drb make temprary serverNobuyoshi Nakada2017-12-291-8/+1
|/ /
* | Merge pull request #31449 from PHedkvist/headless_api_docEileen M. Uchitelle2017-12-181-0/+3
|\ \ | | | | | | Add headless browser support in api docs [ci skip]
| * | Add headless browser support in api docs [ci skip]Pierre Hedkvist2017-12-181-0/+3
| | |
* | | Minor cleanup of CHANGELOG of PR #30850 [ci skip]Prathamesh Sonpatki2017-12-171-3/+3
| | |
* | | Added reference to default value of `allow_other_host` [ci skip]Prathamesh Sonpatki2017-12-171-1/+1
| |/ |/|
* | [ci skip] update linkDixit Patel2017-12-151-1/+1
| |
* | Generate tmpname on its ownyuuji.yaginuma2017-12-151-1/+6
| | | | | | | | | | | | | | `make_tmpname` was removed by https://github.com/ruby/ruby/commit/25d56ea7b7b52dc81af30c92a9a0e2d2dab6ff27. In this case, we want a file name, not a `File`. So cannot use `Tempfile`. Fixes #31458
* | Suppress `warning: BigDecimal.new is deprecated`Yasuo Honda2017-12-151-1/+1
|/ | | | | | | | | | | | | | | | | | | | `BigDecimal.new` has been deprecated in BigDecimal 1.3.3 which will be a default for Ruby 2.5. Refer https://github.com/ruby/bigdecimal/commit/533737338db915b00dc7168c3602e4b462b23503 * This commit has been made as follows: ``` cd rails git grep -l BigDecimal.new | grep -v guides/source/5_0_release_notes.md | grep -v activesupport/test/xml_mini_test.rb | xargs sed -i -e "s/BigDecimal.new/BigDecimal/g" ``` - `activesupport/test/xml_mini_test.rb` Editmanually to remove `.new` and `::` - guides/source/5_0_release_notes.md This is a Rails 5.0 release notes.
* Merge pull request #31289 from witlessbird/fips-compatibilityEileen M. Uchitelle2017-12-143-3/+3
|\ | | | | Initial support for running Rails on FIPS-certified systems
| * Introduced `ActiveSupport::Digest` that allows to specify hash function ↵Dmitri Dolguikh2017-12-123-3/+3
| | | | | | | | | | | | | | | | implementation and defaults to `Digest::MD5`. Replaced calls to `::Digest::MD5.hexdigest` with calls to `ActiveSupport::Digest.hexdigest`.
* | Enable `Layout/LeadingCommentSpace` to not allow cosmetic changes in the futureRyuta Kamizono2017-12-145-14/+13
| | | | | | | | Follow up of #31432.
* | Enable `Layout/SpaceBeforeComma` rubocop rule, and fixed moreRyuta Kamizono2017-12-123-4/+4
| | | | | | | | Follow up of #31390.
* | Change the system tests to set Puma as default server only when the user ↵Guillermo Iguaran2017-12-093-2/+24
| | | | | | | | haven't specified manually another server.
* | Add secure `X-Download-Options` and `X-Permitted-Cross-Domain-Policies` to ↵Guillermo Iguaran2017-12-094-4/+15
| | | | | | | | default headers set.
* | Merge pull request #30780 from ↵Sean Griffin2017-12-072-0/+23
|\ \ | | | | | | | | | | | | JackMc/fix-chrome-referrer-invalidauthenticitytoken Fix issue #30658 by checking explicitly for 'null' referrer
| * | Add a better error message when a "null" Origin header occursJack McCracken2017-11-032-0/+23
| | |
* | | Add headless firefox driver to System Testsbogdanvlviv2017-12-076-3/+40
| | |
* | | Correct routing test spelling mistake.Philip Tolton2017-12-061-1/+1
| | |
* | | Yield array from AC::Parameters#each for block with one argDominic Cleal2017-12-062-1/+17
| | | | | | | | | | | | Matches Hash#each behaviour as used in Rails 4.
* | | Add missing requireyuuji.yaginuma2017-12-051-0/+2
| | | | | | | | | | | | | | | | | | | | | Follow up of 3c442b6df91e291ebbf17f37444414bf5f10fbe6 Without this require, it will fail when run CSP test alone. Ref: https://travis-ci.org/rails/rails/jobs/311715758#L2976
* | | Fix CSP copy boolean directives (#31326)Simon Dawson2017-12-052-5/+10
| | | | | | | | | Use Object#deep_dup to safely duplicate policy values
* | | Embrace the instantiation in loving parens <3Kasper Timm Hansen2017-12-031-1/+2
| | |
* | | Merge pull request #31146 from ↵Kasper Timm Hansen2017-12-031-41/+83
|\ \ \ | | | | | | | | | | | | | | | | mikeycgto/actiondispatch-cookie-store-test-updates Update cookie_store_test to use encrypted cookies
| * | | Update cookie_store_test to use encrypted cookiesMichael Coyne2017-11-271-41/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This now modernizes these tests to use encrypted cookies instead of using secret_token HMACs. This commit also adds a tests to ensure session cookies with :expires_after set are invalidated and no longer accepted when the time has elapsed.
* | | | Add changelog entry for 9d6e28eileencodes2017-11-301-0/+12
| |_|/ |/| | | | | | | | Since this changes a default setting a changelog entry is important.
* | | Make screenshots default to "simple" formateileencodes2017-11-292-10/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | Not everyone uses iTerm2 and whereas Terminal.app on a mac just ignores that and outputs the path, other terminals like those on Ubuntu do not. A friendlier default is one that works by default. Closes #31159 Closes #30957
* | | Fix tests: Remove ogx mime type from testsGuillermo Iguaran2017-11-291-1/+1
| | |
* | | Fix typo in mime type registeringGuillermo Iguaran2017-11-291-1/+1
| | |
* | | Restore mpeg mime type, delete less common mime typesGuillermo Iguaran2017-11-291-9/+4
| | | | | | | | | | | | See discussion in #31251
* | | Register "audio/mp4" mime type with :m4a symbolGuillermo Iguaran2017-11-291-1/+1
| | |
* | | Update send_file headers test to use mp4 as example instead of mpgGuillermo Iguaran2017-11-281-1/+1
| | |
* | | Register most popular audio/video/font mime types supported by modern browsersGuillermo Iguaran2017-11-283-7/+29
| | |
* | | Preparing for 5.2.0.beta2 releaseRafael Mendonça França2017-11-282-1/+6
| | |
* | | Fix typos and add a few suggestionsFatos Morina2017-11-281-3/+3
| | |
* | | Fix optimized url helpers when using relative url rootAndrew White2017-11-283-0/+54
|/ / | | | | | | Fixes #31220.
* | Preparing for 5.2.0.beta1 releaseRafael Mendonça França2017-11-272-1/+3
| |
* | Fix CHANGELOG for CSP PR #31162 [ci skip]Prathamesh Sonpatki2017-11-271-10/+10
| |
* | Add CHANGELOG.md entry for #31162 [ci skip]Andrew White2017-11-271-0/+60
| |
* | Add DSL for configuring Content-Security-Policy headerAndrew White2017-11-277-0/+622
| | | | | | | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy