aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view/helpers/javascript_helper.rb
Commit message (Collapse)AuthorAgeFilesLines
* Add `Style/RedundantFreeze` to remove redudant `.freeze`Yasuo Honda2018-09-291-1/+1
| | | | | | | | | | | | | | | | | | | | | Since Rails 6.0 will support Ruby 2.4.1 or higher `# frozen_string_literal: true` magic comment is enough to make string object frozen. This magic comment is enabled by `Style/FrozenStringLiteralComment` cop. * Exclude these files not to auto correct false positive `Regexp#freeze` - 'actionpack/lib/action_dispatch/journey/router/utils.rb' - 'activerecord/lib/active_record/connection_adapters/sqlite3_adapter.rb' It has been fixed by https://github.com/rubocop-hq/rubocop/pull/6333 Once the newer version of RuboCop released and available at Code Climate these exclude entries should be removed. * Replace `String#freeze` with `String#-@` manually if explicit frozen string objects are required - 'actionpack/test/controller/test_case_test.rb' - 'activemodel/test/cases/type/string_test.rb' - 'activesupport/lib/active_support/core_ext/string/strip.rb' - 'activesupport/test/core_ext/string_ext_test.rb' - 'railties/test/generators/actions_test.rb'
* Enable `Performance/UnfreezeString` copyuuji.yaginuma2018-09-231-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In Ruby 2.3 or later, `String#+@` is available and `+@` is faster than `dup`. ```ruby # frozen_string_literal: true require "bundler/inline" gemfile(true) do source "https://rubygems.org" gem "benchmark-ips" end Benchmark.ips do |x| x.report('+@') { +"" } x.report('dup') { "".dup } x.compare! end ``` ``` $ ruby -v benchmark.rb ruby 2.5.1p57 (2018-03-29 revision 63029) [x86_64-linux] Warming up -------------------------------------- +@ 282.289k i/100ms dup 187.638k i/100ms Calculating ------------------------------------- +@ 6.775M (± 3.6%) i/s - 33.875M in 5.006253s dup 3.320M (± 2.2%) i/s - 16.700M in 5.032125s Comparison: +@: 6775299.3 i/s dup: 3320400.7 i/s - 2.04x slower ```
* Let escape_javascript handle conversion to stringAndrew Vit2018-09-211-4/+5
| | | | | | | | | | | | This brings `escape_javascript` in line with the behavior of `json_escape` and allows other value types to be output without needing explicit casting in the view template. Example: <%= javascript_tag do %> var locale = '<%== j I18n.locale %>'; // locale is a symbol <% end %>
* Fix RDoc formatting [ci skip]yuuji.yaginuma2018-03-031-1/+1
| | | | The `+` does not work if the string contains spaces.
* Add support for automatic nonce generation for Rails UJSAndrew White2018-02-191-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | Because the UJS library creates a script tag to process responses it normally requires the script-src attribute of the content security policy to include 'unsafe-inline'. To work around this we generate a per-request nonce value that is embedded in a meta tag in a similar fashion to how CSRF protection embeds its token in a meta tag. The UJS library can then read the nonce value and set it on the dynamically generated script tag to enable it to execute without needing 'unsafe-inline' enabled. Nonce generation isn't 100% safe - if your script tag is including user generated content in someway then it may be possible to exploit an XSS vulnerability which can take advantage of the nonce. It is however an improvement on a blanket permission for inline scripts. It is also possible to use the nonce within your own script tags by using `nonce: true` to set the nonce value on the tag, e.g <%= javascript_tag nonce: true do %> alert('Hello, World!'); <% end %> Fixes #31689.
* [Action View] require_relative => requireAkira Matsuda2017-10-211-1/+1
| | | | This basically reverts c4d1a4efeec6f0b5b58222993aa0bec85a19b6a8
* Fix broken doc layout for action_view [ci skip]Yoshiyuki Hirano2017-08-271-1/+1
|
* Use frozen string literal in actionview/Kir Shatrov2017-07-241-0/+2
|
* Merge branch 'master' into require_relative_2017Xavier Noria2017-07-021-2/+2
|\
| * Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-021-1/+0
| | | | | | | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
| * Merge pull request #29540 from kirs/rubocop-frozen-stringMatthew Draper2017-07-021-0/+1
| |\ | | | | | | | | | Enforce frozen string in Rubocop
| | * Enforce frozen string in RubocopKir Shatrov2017-07-011-0/+1
| | |
| * | Make ActiveModel frozen string literal friendly.Pat Allan2017-06-201-2/+2
| |/ | | | | | | Includes two external changes because they're referenced within the ActiveModel test suite.
* / [Action View] require => require_relativeAkira Matsuda2017-07-011-1/+1
|/
* Add three new rubocop rulesRafael Mendonça França2016-08-161-1/+1
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* applies new string literal convention in actionview/libXavier Noria2016-08-061-5/+5
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Cut string allocations in content_tag_stringschneems2015-07-291-3/+3
| | | | | | content_tag's first argument is will generate a string with an html tag so `:a` will generate: `<a></a>`. When this happens, the symbol is implicitly `to_s`-d so a new string is allocated. We can get around that by using a frozen string instead which This change buys us 74,236 bytes of memory and 1,855 fewer objects per request.
* [ci skip] Add space after erb block.yui-knk2015-03-121-1/+1
|
* [ci skip] Fix doc for javascript_helperAditya Kapoor2014-06-111-1/+7
|
* Move actionpack/lib/action_view* into actionview/libPiotr Sarnacki2013-06-201-0/+75
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-20 04:52:05 +0000