aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view/helpers
Commit message (Collapse)AuthorAgeFilesLines
* Make per form token work when method is not providedRafael Mendonça França2016-02-221-1/+2
| | | | | | When `button_to 'Botton', url` form was being used the per form token was not correct because the method that is was being used to generate it was an empty string.
* Do not pass more options that are needed.Rafael Mendonça França2016-02-221-1/+1
| | | | | We only need action and method so pass them explicitly instead of merging the hash with HTML options.
* Merge pull request #23752 from vipulnsward/23524-fix-button_to_deleteRafael Mendonça França2016-02-221-1/+1
|\ | | | | | | Fixed passing of delete method on button_to tag, creating wrong form csrf token
| * Refactored Request Forgery CSRF PerFormTokensController tests and DRY'ed ↵Vipul A M2016-02-221-1/+1
| | | | | | | | them up.
| * Fixed passing of delete method on button_to tag, creating wrong form csrf tokenVipul A M2016-02-211-2/+2
| | | | | | | | Fixes #23524
* | [ci skip] Document collection caching better.Kasper Timm Hansen2016-02-211-2/+15
| | | | | | | | | | | | | | | | Why are we here? Where did we come from? Where are we going... in 5 minutes? These questions are not answered in this documentation. Instead collection caching is better clarified. How it works, how it can share caches with individual templates.
* | Merge pull request #23695 from kaspth/remove-automatic-collection-cachingKasper Timm Hansen2016-02-201-35/+7
|\ \ | |/ |/| Make collection caching explicit.
| * Make collection caching explicit.Kasper Timm Hansen2016-02-201-35/+7
| | | | | | | | | | | | | | | | | | | | | | | | Having collection caching that wraps templates and automatically tries to infer if they are cachable proved to be too much of a hassle. We'd rather have it be something you explicitly turn on. This removes much of the code and docs to explain the previous automatic behavior. This change also removes scoped cache keys and passing cache_options.
* | Merge pull request #17043 from jcoleman/fix-nested-params-in-button-toRafael França2016-02-191-2/+38
|\ \ | |/ |/| Fix button_to's params option to support nested names.
| * Fix button_to's params option to support nested names.James Coleman2016-02-191-2/+38
| | | | | | | | | | | | In e6e0579defcfcf94ef1c4c1c7659f374a5335cdb the `params` option was added to the `button_to` helper. However, the patch doesn't support nested hashes so `{a: {b: 'c'}}` for example gets turned into a hidden form input with the name 'a' and the value being the string representation of the `{b: 'c'}` nested hash. Since Rails supports nested hashes everywhere else (and even in the URL params of link_to and button_to), I believe this to be a bug/unfinished feature.
* | Test to check if the data-attr if nil is same or notSourav Moitra2016-02-141-0/+1
|/ | | | | | | | | | if data attribute is nil it is ignored if value is nil the pair is ignored if value is nil it is skipped Improved test for data attr nil
* Slice out options for cache_fragment_name explicitlyRyan Bigg2016-01-281-1/+2
| | | | This allows expire_in (and other options) to be passed to the cache method
* Fix img alt attribute generation when using Sprockets >= 3.0Bart de Water2016-01-271-1/+1
|
* Fix doc [ci skip]Daniel Gomez de Souza2016-01-271-1/+1
|
* html_safe is not supposed to be public API for AV. This change removes usage ↵Vipul A M2016-01-203-10/+10
| | | | | | of html_safe in favour of raw() in AV helpers. Also changed usage of html_safe to make use of raw() instead so that the intended behaviour is verified with raw()
* Remove ActionView dependence on ActionPack's Mime implementationJon Moss2016-01-171-1/+1
|
* Merge pull request #20638 from jaimeiniesta/locale-aware-pluralize-helperKasper Timm Hansen2016-01-101-7/+14
|\ | | | | Pass the current locale to Inflector from the pluralize text helper.
| * Pass the current locale to Inflector from the pluralize text helper.Jaime Iniesta2016-01-101-7/+14
| | | | | | | | | | | | | | | | | | | | | | The pluralize text helper uses the Inflector to determine the plural form. The inflector accepts an optional parameter for the locale, so we can pass it from the text helper to have locale-aware pluralizations on the text helpers level. The pluralize text helper now only accepts 2 positional arguments: `count` and `singular`. Passing `plural` as a positional argument is now deprecated.
* | [ci skip] fix typoAkshay Vishnoi2016-01-101-1/+1
| |
* | [doc] The capture method isn't always used inside views to create a variableAkira Matsuda & saya2016-01-081-2/+2
| | | | | | | | | | but rather very often used inside helpers to directly return a String value. [ci skip]
* | add option for per-form CSRF tokensBen Toews2016-01-042-5/+15
| |
* | Merge pull request #22764 from ↵Rafael França2016-01-041-0/+2
|\ \ | | | | | | | | | | | | stevenspiel/titleize_model_name_for_default_submit_button_value titleize the model name on default submit buttons
| * | downcase default submit button value's model nameSteven Spiel2016-01-011-0/+2
| | |
* | | Fix collection_radio_buttons' hidden_field name and make it appear before ↵Santiago Pastorino2015-12-312-2/+10
| | | | | | | | | | | | | | | | | | the radios Fixes #22773
* | | Merge pull request #22759 from akshay-vishnoi/human-size-helperEileen M. Uchitelle2015-12-271-0/+2
|\ \ \ | | | | | | | | Add support for Petabyte and Exabyte in number to human size
| * | | Add support for Petabyte and Exabyte in number to human sizeAkshay Vishnoi2015-12-221-0/+2
| |/ /
* | | fix TypeError when using submit_tag with Symbol valueyuuji.yaginuma2015-12-241-1/+1
| | |
* | | Add caveat to number_to_currency docs [ci skip]Derek Prior2015-12-231-0/+8
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | I've worked on a few applications that have gone through the internationalization process and had issues because they were using `number_to_currency`. The minute a user is allowed to change their locale, they can change the price displayed on a page from 10 US dollars to 10 Mexican Pesos, which is far from the same amount of money. Unlike other helpers that rely on i18n, `number_to_currency` does not produce equivalent results when the locale is changed. As I've explained this to a few groups of developers now, I thought it might make for a good caveat in the docs.
* | debug_missing_translation configuration added to action_viewSameer Rahmani2015-12-181-0/+10
| | | | | | | | | | | | | | | | | | `I18n.translate` helper will wrap the missing translation keys in a <span> tag only if `debug_missing_translation` configuration has a truthy value. Default value is `true`. For example in `application.rb`: # in order to turn off missing key wrapping config.action_view.debug_missing_translation = false
* | Remove ActionView::Helpers::CacheHelper#fragment_cache_keySam Stephenson2015-12-141-8/+0
| | | | | | | | | | | | Introduced in e56c63542780fe2fb804636a875f95cae08ab3f4, `CacheHelper#fragment_cache_key` is a duplicate of `ActionController::Caching::Fragments#fragment_cache_key`. We now require the view to provide this method on its own (as with `view_cache_dependencies`); `ActionController::Caching::Fragments` exports its version as a `helper_method`.
* | Example of setting data attributes for image_tagNishant Modak2015-11-201-0/+2
| |
* | Fix week_field returning invalid valueChristoph2015-11-101-1/+1
| | | | | | | | | | | | | | According to the W3 spec[1] the value should use a 1-based index and not a 0-based index for the week number. [1]: http://www.w3.org/TR/html-markup/datatypes.html#form.data.week
* | Allow `host` option in javscript and css helpersGrzegorz Witek2015-11-081-2/+2
| | | | | | | | | | Now both `javascript_include_tag` and `stylesheet_tag` can accept `host` option to provide custom host for the asset
* | Don’t allow arbitrary data in back urlsDamien Burke2015-11-031-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | `link_to :back` creates a link to whatever was passed in via the referer header. If an attacker can alter the referer header, that would create a cross-site scripting vulnerability on every page that uses `link_to :back` This commit restricts the back URL to valid non-javascript URLs. https://github.com/rails/rails/issues/14444
* | Fix style issues with #16252Sean Griffin2015-10-291-8/+5
| |
* | making selected value to accept Hash like the default option. E.g. selected: ↵Lecky Lao2015-10-291-1/+9
| | | | | | | | | | | | | | | | {day: params[:day].to_i, month: params[:month].to_id} Adds in test test_date_select_with_selected_in_hash and change log fixes typo in CHANGELOG
* | Ignore scope in missing translation input.Kasper Timm Hansen2015-10-281-1/+1
|/ | | | | | It's already represented in the key name. Demonstrate with a test. Also test that the default isn't output.
* Collection check boxes propagates input's id to the label's for attribute.Vasiliy Ermolovich2015-10-201-0/+2
|
* Use `Mime[:foo]` instead of `Mime::Type[:FOO]` for back compatJeremy Daer2015-10-061-1/+1
| | | | | | | | | | | | | | | | | Rails 4.x and earlier didn't support `Mime::Type[:FOO]`, so libraries that support multiple Rails versions would've had to feature-detect whether to use `Mime::Type[:FOO]` or `Mime::FOO`. `Mime[:foo]` has been around for ages to look up registered MIME types by symbol / extension, though, so libraries and plugins can safely switch to that without breaking backward- or forward-compatibility. Note: `Mime::ALL` isn't a real MIME type and isn't registered for lookup by type or extension, so it's not available as `Mime[:all]`. We use it internally as a wildcard for `respond_to` negotiation. If you use this internal constant, continue to reference it with `Mime::ALL`. Ref. efc6dd550ee49e7e443f9d72785caa0f240def53
* [ci skip] Change 'an URL' to 'a URL' as URL doesn't have a vowel soundtanmay30112015-10-061-1/+1
|
* Merge pull request #21661 from akshay-vishnoi/submit_tag_testsRafael Mendonça França2015-09-291-1/+1
|\ | | | | Fix - Prevent adding of `data-disable-with` option twice in html.
| * Fix - Prevent adding of `data-disable-with` option twice in html.Akshay Vishnoi2015-09-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Earlier when `data-disable-with` option is added direclty as in options then ```ruby submit_tag("Save", { "data-disable-with" => "Processing..." }) # => <input type="submit" name="commit" value="Save" data-disable-with="Processing..." data-disable-with="Processing..." /> ``` Now when `data-disable-with` option is added direclty as in options then ```ruby submit_tag("Save", { "data-disable-with" => "Processing..." }) # => <input type="submit" name="commit" value="Save" data-disable-with="Processing..." /> ```
* | Merge pull request #21790 from yui-knk/fix_doc_date_fieldRafael Mendonça França2015-09-281-1/+1
|\ \ | | | | | | [ci skip] Fix which method `FormHelper#date_field` try to call
| * | [ci skip] Fix which method `FormHelper#date_field` try to callyui-knk2015-09-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When this method was implemented (https://github.com/rails/rails/pull/5016/files), `to_date` is called. But this behavior was chagned refactoring (https://github.com/rails/rails/pull/6452/files). In the first commit, there were not test which asserts `to_date` is called. I think trying `to_date` is more useful than trying `strftime`, because we can write `"2015-01-01".to_date`. But first fix comments to match actual behavior.
* | | minor doc fix [ci skip]Mehmet Emin İNAÇ2015-09-271-3/+3
|/ /
* | Merge pull request #21431 from ojab/masterRafael Mendonça França2015-09-261-1/+8
|\ \ | | | | | | Handle nested fields_for by adding indexes to record_name
| * | Handle nested fields_for by adding indexes to record_nameojab2015-08-301-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In case of the form with nested fields_for, i. e. <%= form_for :foos, url: root_path do |f| %> <% @foos.each do |foo| %> <%= f.fields_for 'foo[]', foo do |f2| %> <%= f2.text_field :id %> <% foo.bars.each do |bar| %> <%= f2.fields_for 'bar[]', bar do |b| %> <%= b.text_field :id %> <% end %> <% end %> <% end %> <% end %> <%= f.submit %> <% end %> rails doesn't add index for 'foo' in the inner fields_for block, so field names in the outer fields_for looks like "foos[foo][#{foo_index}][id]" and in the inner "foos[foo[]][bar][#{bar_index}][id]". Submitting of such form leads to an error like: >ActionController::BadRequest (Invalid request parameters: expected Array >(got Rack::QueryParser::Params) for param `foo'): This commit adds indexes for the foos in the inner blocks, so field names become "foos[foo][#{foo_index}][bar][#{bar_index}][id]" and submitting of such form works fine as expected. Fixes #15332
* | | Add a hidden field on the collection_radio_buttonsMauro George2015-09-244-32/+47
| | | | | | | | | | | | | | | This will avoid a error be raised when the only input on the form is the `collection_radio_buttons`.
* | | Merge pull request #21712 from amitsuroliya/html_fixYves Senn2015-09-221-2/+2
|\ \ \ | | | | | | | | Correcting output of `file_field` with `multiple` attribute option [ci skip]
| * | | Correcting output of `file_field` with `multiple` attribute option [ci skip]amitkumarsuroliya2015-09-221-2/+2
| | | |