aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view/helpers/url_helper.rb
Commit message (Collapse)AuthorAgeFilesLines
* [Action View] require => require_relativeAkira Matsuda2017-07-011-1/+1
|
* Fix current_page? helper issue with engine root pathsavroff2017-06-191-1/+4
|
* Fix `current_page?` regression:Edouard CHIN2017-04-261-1/+1
| | | | | | - `check_parameters` kwargs was added to the `current_page?` method, the implementation was assuming only hashes responds to `delete`. This was causing issues when `current_page?` was called with a Active Model object - ref https://github.com/rails/rails/pull/27549 - Fixes #28846
* Reuse the Parameters#to_h check in the routing helpersRafael Mendonça França2017-04-181-5/+0
| | | | | Since this protection is now in Parameters we can use it instead of reimplementing again.
* Fix typo in actionview error messageadamgamble2017-03-171-1/+1
|
* Reduce string objects by using \ instead of + or << for concatenating stringsAkira Matsuda2017-01-121-1/+1
| | | | (I personally prefer writing one string in one line no matter how long it is, though)
* Add `check_parameters` option to `current_page?`Maksym Pugach2017-01-041-2/+7
| | | | | | | | | | | | | | | Example: For "http://www.example.com/shop/checkout?order=desc&page=1" current_page?('http://www.example.com/shop/checkout') => true current_page?( 'http://www.example.com/shop/checkout', check_parameters: true ) => false
* No need to nodoc private methodsAkira Matsuda2016-12-241-1/+1
|
* Update url_helper.rb, adjust link_to api docAndreas Maierhofer2016-12-051-4/+3
| | | | | Removed references to `button` in the `link_to` `disable_with` api description.
* Add more rubocop rules about whitespacesRafael Mendonça França2016-10-291-2/+2
|
* let Regexp#match? be globally availableXavier Noria2016-10-271-1/+0
| | | | | | Regexp#match? should be considered to be part of the Ruby core library. We are emulating it for < 2.4, but not having to require the extension is part of the illusion of the emulation.
* Merge pull request #26810 from maclover7/jm-fix-26802Rafael Mendonça França2016-10-221-0/+11
|\ | | | | | | Convert ActionController::Parameters to a hash in button_to
| * Convert ActionController::Parameters to a hash in button_toJon Moss2016-10-171-0/+6
|/ | | | | | | | | | | Before, an error would be raised saying that the method `to_param` was undefined on the instance of `ActionController::Parameters`. Now, we are checking to see if the `params` object being passed to `button_to` responds to the `permitted?` method, and if so, we will call `to_h` on it. If it does not respond to `permitted?`, then the `params` will remain unchanged. [Jon Moss, Rafael Mendonça França]
* Add three new rubocop rulesRafael Mendonça França2016-08-161-1/+1
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* applies new string literal convention in actionview/libXavier Noria2016-08-061-29/+29
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* systematic revision of =~ usage in AVXavier Noria2016-07-251-1/+2
| | | | | Where appropriate, prefer the more concise Regexp#match?, String#include?, String#start_with?, or String#end_with?
* Fix ActionView::Helpers#current_page? with issue in ↵Stan Lo2016-07-201-0/+2
| | | | https://github.com/rails/rails/issues/19472
* - Freeze strings in frequent used private methodStan Lo2016-03-081-11/+11
| | | | | reduce string allocation. - Use freezed empty string instead of create one every time we need to return it
* Make per form token work when method is not providedRafael Mendonça França2016-02-221-1/+2
| | | | | | When `button_to 'Botton', url` form was being used the per form token was not correct because the method that is was being used to generate it was an empty string.
* Do not pass more options that are needed.Rafael Mendonça França2016-02-221-1/+1
| | | | | We only need action and method so pass them explicitly instead of merging the hash with HTML options.
* Refactored Request Forgery CSRF PerFormTokensController tests and DRY'ed ↵Vipul A M2016-02-221-1/+1
| | | | them up.
* Fixed passing of delete method on button_to tag, creating wrong form csrf tokenVipul A M2016-02-211-2/+2
| | | | Fixes #23524
* Fix button_to's params option to support nested names.James Coleman2016-02-191-2/+38
| | | | | | In e6e0579defcfcf94ef1c4c1c7659f374a5335cdb the `params` option was added to the `button_to` helper. However, the patch doesn't support nested hashes so `{a: {b: 'c'}}` for example gets turned into a hidden form input with the name 'a' and the value being the string representation of the `{b: 'c'}` nested hash. Since Rails supports nested hashes everywhere else (and even in the URL params of link_to and button_to), I believe this to be a bug/unfinished feature.
* add option for per-form CSRF tokensBen Toews2016-01-041-3/+7
|
* Don’t allow arbitrary data in back urlsDamien Burke2015-11-031-2/+12
| | | | | | | | | | | | | `link_to :back` creates a link to whatever was passed in via the referer header. If an attacker can alter the referer header, that would create a cross-site scripting vulnerability on every page that uses `link_to :back` This commit restricts the back URL to valid non-javascript URLs. https://github.com/rails/rails/issues/14444
* Use ERB::Utils to percent encode `hfvalue` parts of mailtoAaron Patterson2015-09-051-2/+2
| | | | | | | | `hfvalue` parts should always be percent encoded, so lets do that! Revert "use path escaping for email addresses" This reverts commit 21ffef38a5dc5a6a21f7e841aecab5b51f4fd185.
* use path escaping for email addressesAaron Patterson2015-09-041-1/+1
| | | | | | Due to e25fdad2f147e6f368958f9a06a5ac9d10288408, we are correctly using path escaping for email addresses. This commit fixes the tests to expect path escaping.
* Cut string allocations in content_tag_stringschneems2015-07-291-2/+2
| | | | | | content_tag's first argument is will generate a string with an html tag so `:a` will generate: `<a></a>`. When this happens, the symbol is implicitly `to_s`-d so a new string is allocated. We can get around that by using a frozen string instead which This change buys us 74,236 bytes of memory and 1,855 fewer objects per request.
* Optimize hash keyschneems2015-07-291-1/+1
| | | | | | No idea why on earth this hash key isn't already optimized by MRI, but it isn't. :shit: This change buys us 74,077 bytes of memory and 1,852 fewer objects per request.
* Encode the email address as prescribed in RFC 6068 section 2.Clayton Smith2015-07-231-1/+2
|
* Revert "Merge pull request #19844 from ↵Yves Senn2015-05-011-1/+1
| | | | | | | | | | | | | | | | | | | | | stevenspiel/link_to_if_block_helper_addition" This reverts commit d459b001b43d25053e7982e96eb8383538a6e358, reversing changes made to 4d4950fae9e2a6970b5f1793aadc56a0b44e28a3. :sweat: The block is not supposed to be passed to `link_to`. It's used for a customized behavior of the `condtion = false` case. The docs illustrate that like so: ``` <%= link_to_if(@current_user.nil?, "Login", { controller: "sessions", action: "new" }) do link_to(@current_user.login, { controller: "accounts", action: "show", id: @current_user }) end %> ```
* Update url_helper.rbSteven Spiel2015-04-211-1/+1
| | | add block to link_to_if when condition is true
* Merge pull request #19566 from aditya-kapoor/remove-dup-docRichard Schneeman2015-04-111-22/+10
|\ | | | | [ci skip] remove duplicate doc for current_page?
| * [ci skip] remove duplicate doc for current_page?Aditya Kapoor2015-04-091-22/+10
| |
* | [skip ci] Update information about #link_to attributesAnton Davydov2015-04-041-4/+3
| |
* | [skip ci] Add information about #link_to target optionAnton Davydov2015-04-011-0/+6
|/
* Simplify setting button form optionsCarlos Antonio da Silva2015-03-221-2/+3
| | | | No need to merge hashes when simply setting options does the job.
* Remove additional handling of boolean attributes on button to helperCarlos Antonio da Silva2015-03-181-30/+0
| | | | | | | | This logic was just doing duplicated work, since the button_to helper relies on tag/content_tag to generate the button html, which already handles all boolean attributes it knows about. The code dates back to 2005: 43c470fae468ef63e0d5c3dc1e202925685fd47b.
* Merge pull request #17143 from kuldeepaggarwal/fix-mailToRafael Mendonça França2015-02-201-1/+1
|\ | | | | | | mail_to helper method fix
| * do not generate blank options in mailToKuldeep Aggarwal2014-10-021-2/+3
| | | | | | | | | | when mail_to generate blank options for any passed options(cc, bcc, body, subject) then MICROSOFT OUTLOOK treats it differently and set wrong values in different options.
* | Indicate link_to creates an anchor elementColin Rymer2015-02-061-2/+2
| | | | | | | | | | | | The `link_to` helper generates an HTML anchor element (consisting of opening and closing anchor tags and an element body). The docs currently state the a link tag is generated (which would indicate a tag like `<link>`, which is another valid HTML tag), so this change clarifies that an anchor element is actually generated. [ci skip]
* | Add support for Reply-To field in mail_to helperMark Dodwell2014-12-201-2/+3
|/
* Remove wrapping <div> in form helpers from docclaudiob2014-09-221-22/+14
| | | | | | | | | | [ci skip] 89ff1f8 and 1de258e6 removed from the HTML generated by the form helpers the <div> that was wrapping the field elements inside the <form>. This commit updates the documentation of the methods to reflect the two commits above.
* In actionview, eliminate calls to tag that use html_safe parameter values. ↵Paul Grayson2014-06-131-5/+3
| | | | This is generally unnecessary, since tag handles string quoting, except in one case (utf8_enforcer_tag) where we want to specify the encoding ourselves.
* eliminate more wasteful allocationsAaron Patterson2014-06-061-2/+2
|
* Remove wrapper div for inputs in button_toRafael Mendonça França2014-04-171-1/+1
| | | | Related with cbb917455f306cf5818644b162f22be09f77d4b2
* Reorder conditional logicDavid Pedersen2014-03-181-10/+10
| | | | | | According to the best practice that "unless not" and "unless else" is hard to follow logically the link_to_unless and link_to_if were reversed.
* [skip ci] Fix typo in link_to :method option descriptionMatt Campbell2014-02-241-1/+1
|
* Adding an documentation example and a test to button_to with pathAttila Domokos2014-02-021-0/+5
| | | I did not see in the docs that `button_to` supports not only URLs but paths as well. I documented this functionality with a unit tests and added an example to the docs as well.
* Remove warning of shadowing outer local variableRafael Mendonça França2013-10-271-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 06:56:55 +0000