aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view/helpers
Commit message (Collapse)AuthorAgeFilesLines
* Label only accepts `:index` and `:namespace` attributes from the inputAndriel Nuernberg2013-12-052-2/+1
|
* Escalate missing error when :raise is trueShota Fukumori (sora_h)2013-12-051-1/+9
| | | | | | | | | | | | | | Before ec16ba75a5493b9da972eea08bae630eba35b62f, ActionView::Helpers::TranslationHelper#translate has raised errors with specifying options[:raise] to true. This should work by this fix: begin t(:"translations.missing", raise: true) rescue I18n::MissingTranslationData p :hello! end
* Fix issue where TextHelper#simple_format was calling missing 'raw' methodMario Visic2013-12-051-0/+2
|
* Fix documentation of number_to_currency helperRafael Mendonça França2013-12-041-4/+4
| | | | | | | | | | Now users have to explicit mark the unit as safe if they trust it. Closes #13161 Conflicts: actionpack/lib/action_view/helpers/number_helper.rb actionpack/test/template/number_helper_i18n_test.rb
* Remove the escaping skipRafael Mendonça França2013-12-031-1/+1
| | | | | We are generating safe strings in the paragraph, so we can escape the tags
* Stop using i18n's built in HTML error handling.Michael Koziarski2013-12-021-13/+9
| | | | | | | | | i18n doesn't depend on active support which means it can't use our html_safe code to do its escaping when generating the spans. Rather than try to sanitize the output from i18n, just revert to our old behaviour of rescuing the error and constructing the tag ourselves. Fixes: CVE-2013-4491
* Ensure simple_format escapes its html attributesMichael Koziarski2013-12-021-1/+1
| | | | | | | | | | The previous behavior equated the sanitize option for simple_format with the escape option of content_tag, however these are two distinct concepts. This fixes CVE-2013-6416 Conflicts: actionview/lib/action_view/helpers/text_helper.rb
* Escape the unit value provided to number_to_currencyMichael Koziarski2013-12-021-0/+1
| | | | | | Previously the unit values were trusted leading to potential XSS vulnerabilities. Fixes: CVE-2013-6415
* Merge pull request #13138 from gsamokovarov/remove-cattr-requiresGuillermo Iguaran2013-12-022-2/+2
|\ | | | | Remove deprecated cattr_* requires
| * Remove deprecated cattr_* requiresGenadi Samokovarov2013-12-032-2/+2
| |
* | Make ActionView::Tags loading tread safeRafael Mendonça França2013-12-022-32/+33
|/
* Typo and grammatical fixes [ci skip]Akshay Vishnoi2013-12-022-2/+2
|
* unnecessary checking of `size` with `second regex` if matched with first oneKuldeep Aggarwal2013-11-271-2/+5
|
* Minor typo fixesAkira Matsuda2013-11-271-1/+1
|
* Revert "Merge pull request #13027 from akshay-vishnoi/f-refactor"Carlos Antonio da Silva2013-11-251-1/+1
| | | | | | | | | | | This reverts commit f4a5a9ea4d183f4102796215d4502c46dbe3e52b, reversing changes made to 7ccb482181ee6c47c765406009018a15172812de. Reason: The logic is different, the first call to #option_value_selected? is for the :selected option (the argument is the "selected" variable), the second call is for the :disabled option (the argument is the "disabled" variable).
* avoiding calling of #option_value_selected? two timesAkshay Vishnoi2013-11-251-1/+1
|
* Allocate one less object using html_safe during content_tag constructionJosh Jordan2013-11-141-1/+1
|
* Revert "Used Yield instead of block.call" -- this causes all of ↵David Heinemeier Hansson2013-11-141-2/+2
| | | | | | atom_feed_helper_test.rb to fail with "SystemStackError: stack level too deep". This reverts commit d3a1ce1cdc60d593de1682c5f4e3230c8db9a0fd.
* Merge pull request #12889 from kuldeepaggarwal/speed_upsRafael Mendonça França2013-11-141-2/+2
|\ | | | | Used Yield instead of block.call
| * Used Yield instead of block.callKuldeep Aggarwal2013-11-151-2/+2
| |
* | Fix syntax error in atom_feed example [ci skip]Saulius Grigaliunas2013-11-131-1/+1
|/ | | | Builder's #tag! takes either String or Symbol as the first parameter
* Make the method name the first argumentRafael Mendonça França2013-11-091-7/+7
| | | | | This is the only argument that changes over the method calls so it is better to it be the first one
* Merge pull request #12760 from pseidemann/masterYves Senn2013-11-091-1/+1
|\ | | | | fix simple_format escapes own output when sanitize is set to true
| * fix simple_format escapes own output when sanitize is set to truepseidemann2013-11-081-1/+1
| |
* | Extract common code from number helpers to new delegator method.Vipul A M2013-11-091-30/+13
| |
* | Merge pull request #12788 from kylefritz/patch-1Rafael Mendonça França2013-11-061-2/+2
|/ | | | | | rdoc: favicon source shouldn't begin with a slash to reference asset pipeline resource [ci skip] Conflicts: actionview/lib/action_view/helpers/asset_tag_helper.rb
* Line up the comments for aestheticsDavid Heinemeier Hansson2013-11-031-5/+5
|
* Convert CDATA input to string before gsub'ingCarsten Zimmermann2013-10-291-1/+1
| | | | | Rails 3.2 API allowed arbitrary input for cdata_section; this change re-introduces the old behaviour.
* Remove warning of shadowing outer local variableRafael Mendonça França2013-10-271-2/+2
|
* Merge pull request #10471 from andyw8/button_to_paramsRafael Mendonça França2013-10-241-0/+7
|\ | | | | | | | | | | | | Add params option for button_to Conflicts: actionpack/CHANGELOG.md
| * Add params option for button_toAndy Waite2013-09-181-0/+7
| | | | | | | | | | | | The parameters are rendered as hidden form fields within the generated form. This is useful for when a record has multiple buttons associated with it, each of which target the same controller method, but which need to submit different attributes.
* | Fix typo in form_helper.rbAdam Jahnke2013-10-161-1/+1
| |
* | Merge pull request #12491 from shamanime/patch-1Rafael Mendonça França2013-10-131-2/+2
|\ \ | | | | | | Fix wrong variable name used in the select_day method documentation
| * | Fix wrong variable name used in the select_day method documentationJefferson Queiroz Venerando2013-10-101-2/+2
| | | | | | | | | The variable name created in the example is `my_date`, the methods were using `my_time` instead.
* | | Change `map` to `map!` to save extra array creation on new arrayVipul A M2013-10-131-1/+1
|/ /
* | Fixed return strings in documentationJoseph Zidell2013-10-031-3/+3
| |
* | Fixed typo in documentationJoseph Zidell2013-10-031-3/+3
| |
* | Use the given name in html_options for the hidden field in ↵Angel N. Sciortino2013-09-241-1/+2
| | | | | | | | collection_check_boxes
* | Merge pull request #10773 from wangjohn/link_and_routing_optionsRafael Mendonça França2013-09-231-2/+3
| | | | | | | | Adding documentation and tests to ``polymorphic_url`` and ``link_to``
* | Fix some edge cases for AV `select` helper with `:selected` optionBogdan Gusiev2013-09-231-1/+2
| |
* | Expand select documentation to tell about the blockRafael Mendonça França2013-09-231-0/+9
| | | | | | | | [ci skip]
* | Ability to pass block to AV#select helperBogdan Gusiev2013-09-232-5/+6
| | | | | | | | | | | | | | | | Example: = select(report, "campaign_ids") do - available_campaigns.each do |c| %option{:data => {:tags => c.tags.to_json}, :value => c.id}= c.name
* | handle `:namespace` form option in collection labelsVasiliy Ermolovich2013-09-222-1/+3
| |
* | Merge pull request #12112 from adamniedzielski/fix-form-for-namespace-and-asRafael Mendonça França2013-09-121-1/+2
|\ \ | | | | | | | | | | | | | | | | | | form_for - fix :namespace and :as options clash Conflicts: actionview/CHANGELOG.md
| * | form_for - fix :namespace and :as options clashAdam Niedzielski2013-09-091-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | :as option should not overwrite :namespace option when generating html id attribute of the form element. id should be prefixed by specified namespace even if :as option is present Add test case showing the issue and code fixing it
* | | Cleanup of excerpt helperPaul Nikitochkin2013-09-061-2/+3
|/ / | | | | | | | | * replaced String concatenation by joining * separator has default value to '', even it is nil
* | Fix a few typos. [ci skip]namusyaka2013-09-041-2/+2
| |
* | fix the typo [ci skip]Rajarshi Das2013-09-021-1/+1
| | | | | | fix the typo newstopics => new topics in action view cache helper
* | Add missing requires inside AVŁukasz Strzałkowski2013-08-251-0/+2
|/
* RDoc tweaksXavier Noria2013-08-071-5/+10
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 18:00:46 +0000