aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view
Commit message (Collapse)AuthorAgeFilesLines
* allow :file to be outside rails root, but anything else must be inside the ↵Aaron Patterson2016-01-226-15/+48
| | | | | | rails view directory CVE-2016-0752
* Merge pull request #22462 from lxsameer/i18n_html_wrapRafael França2015-12-182-0/+11
|\ | | | | wrapping i18n missing keys made optional
| * debug_missing_translation configuration added to action_viewSameer Rahmani2015-12-182-0/+11
| | | | | | | | | | | | | | | | | | `I18n.translate` helper will wrap the missing translation keys in a <span> tag only if `debug_missing_translation` configuration has a truthy value. Default value is `true`. For example in `application.rb`: # in order to turn off missing key wrapping config.action_view.debug_missing_translation = false
* | Change `alpha` to `beta1` to prep for release of Rails 5eileencodes2015-12-181-1/+1
|/ | | | :tada: :beers:
* Remove ActionView::Helpers::CacheHelper#fragment_cache_keySam Stephenson2015-12-141-8/+0
| | | | | | Introduced in e56c63542780fe2fb804636a875f95cae08ab3f4, `CacheHelper#fragment_cache_key` is a duplicate of `ActionController::Caching::Fragments#fragment_cache_key`. We now require the view to provide this method on its own (as with `view_cache_dependencies`); `ActionController::Caching::Fragments` exports its version as a `helper_method`.
* Merge pull request #17013 from gsamokovarov/fix-null-resolverSean Griffin2015-11-231-2/+1
|\ | | | | Fix improper value types used to instantiate a Template in AV::NullResol...
| * Fix improper value types used to instantiate a Template in AV::NullResolverGenadi Samokovarov2014-09-221-2/+1
| | | | | | | | | | | | | | While trying to provide a reproducible test for #17008 I stumbled on this one. Seems to be quite an old piece of code, but its definitely useful in situations like the reproducible test cases like the one above.
* | Example of setting data attributes for image_tagNishant Modak2015-11-201-0/+2
| |
* | Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-11-151-1/+1
|\ \
| * | [ci skip] Use full component name in public API documentyui-knk2015-11-151-1/+1
| | |
* | | Respect value of `:object` if `:object` is false when renderingyui-knk2015-11-131-1/+1
| | | | | | | | | | | | | | | This commit fixes the bug convering `false` to `locals[as]` when `options[:object]` is `false` (close #22260).
* | | Fix week_field returning invalid valueChristoph2015-11-101-1/+1
| | | | | | | | | | | | | | | | | | | | | According to the W3 spec[1] the value should use a 1-based index and not a 0-based index for the week number. [1]: http://www.w3.org/TR/html-markup/datatypes.html#form.data.week
* | | Allow `host` option in javscript and css helpersGrzegorz Witek2015-11-081-2/+2
| | | | | | | | | | | | | | | Now both `javascript_include_tag` and `stylesheet_tag` can accept `host` option to provide custom host for the asset
* | | Require only necessary concurrent-ruby classes.Jerry D'Antonio2015-11-044-4/+4
| | |
* | | Don’t allow arbitrary data in back urlsDamien Burke2015-11-031-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `link_to :back` creates a link to whatever was passed in via the referer header. If an attacker can alter the referer header, that would create a cross-site scripting vulnerability on every page that uses `link_to :back` This commit restricts the back URL to valid non-javascript URLs. https://github.com/rails/rails/issues/14444
* | | Deprecate exception#original_exception in favor of exception#causeYuki Nishijima2015-11-032-7/+14
|/ /
* | Fix style issues with #16252Sean Griffin2015-10-291-8/+5
| |
* | making selected value to accept Hash like the default option. E.g. selected: ↵Lecky Lao2015-10-291-1/+9
| | | | | | | | | | | | | | | | {day: params[:day].to_i, month: params[:month].to_id} Adds in test test_date_select_with_selected_in_hash and change log fixes typo in CHANGELOG
* | Ignore scope in missing translation input.Kasper Timm Hansen2015-10-281-1/+1
| | | | | | | | | | | | It's already represented in the key name. Demonstrate with a test. Also test that the default isn't output.
* | Collection check boxes propagates input's id to the label's for attribute.Vasiliy Ermolovich2015-10-201-0/+2
| |
* | Merge pull request #21894 from abhishekjain16/refactor_with_dryRafael Mendonça França2015-10-081-10/+6
|\ \ | | | | | | Follow DRY principle and remove duplication
| * | Follow DRY principle and remove duplicationAbhishek Jain2015-10-081-10/+6
| | |
* | | [ci skip] fix typoAbhishek Jain2015-10-071-1/+1
|/ /
* | Use `Mime[:foo]` instead of `Mime::Type[:FOO]` for back compatJeremy Daer2015-10-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rails 4.x and earlier didn't support `Mime::Type[:FOO]`, so libraries that support multiple Rails versions would've had to feature-detect whether to use `Mime::Type[:FOO]` or `Mime::FOO`. `Mime[:foo]` has been around for ages to look up registered MIME types by symbol / extension, though, so libraries and plugins can safely switch to that without breaking backward- or forward-compatibility. Note: `Mime::ALL` isn't a real MIME type and isn't registered for lookup by type or extension, so it's not available as `Mime[:all]`. We use it internally as a wildcard for `respond_to` negotiation. If you use this internal constant, continue to reference it with `Mime::ALL`. Ref. efc6dd550ee49e7e443f9d72785caa0f240def53
* | Merge pull request #21887 from abhishekjain16/doc_fixKasper Timm Hansen2015-10-061-1/+1
|\ \ | | | | | | Fix usage of word alternatively in docs [ci skip]
| * | Fix usage of word alternatively in docs [ci skip]Abhishek Jain2015-10-061-1/+1
| | |
* | | [ci skip] Change 'an URL' to 'a URL' as URL doesn't have a vowel soundtanmay30112015-10-061-1/+1
|/ /
* | Improve readability of docs by using code tag [ci skip]Prakash Laxkar2015-09-291-1/+1
| |
* | Merge pull request #21661 from akshay-vishnoi/submit_tag_testsRafael Mendonça França2015-09-291-1/+1
|\ \ | | | | | | Fix - Prevent adding of `data-disable-with` option twice in html.
| * | Fix - Prevent adding of `data-disable-with` option twice in html.Akshay Vishnoi2015-09-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Earlier when `data-disable-with` option is added direclty as in options then ```ruby submit_tag("Save", { "data-disable-with" => "Processing..." }) # => <input type="submit" name="commit" value="Save" data-disable-with="Processing..." data-disable-with="Processing..." /> ``` Now when `data-disable-with` option is added direclty as in options then ```ruby submit_tag("Save", { "data-disable-with" => "Processing..." }) # => <input type="submit" name="commit" value="Save" data-disable-with="Processing..." /> ```
* | | Merge pull request #21790 from yui-knk/fix_doc_date_fieldRafael Mendonça França2015-09-281-1/+1
|\ \ \ | | | | | | | | [ci skip] Fix which method `FormHelper#date_field` try to call
| * | | [ci skip] Fix which method `FormHelper#date_field` try to callyui-knk2015-09-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When this method was implemented (https://github.com/rails/rails/pull/5016/files), `to_date` is called. But this behavior was chagned refactoring (https://github.com/rails/rails/pull/6452/files). In the first commit, there were not test which asserts `to_date` is called. I think trying `to_date` is more useful than trying `strftime`, because we can write `"2015-01-01".to_date`. But first fix comments to match actual behavior.
* | | | minor doc fix [ci skip]Mehmet Emin İNAÇ2015-09-271-3/+3
|/ / /
* | | Merge pull request #21431 from ojab/masterRafael Mendonça França2015-09-261-1/+8
|\ \ \ | | | | | | | | Handle nested fields_for by adding indexes to record_name
| * | | Handle nested fields_for by adding indexes to record_nameojab2015-08-301-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In case of the form with nested fields_for, i. e. <%= form_for :foos, url: root_path do |f| %> <% @foos.each do |foo| %> <%= f.fields_for 'foo[]', foo do |f2| %> <%= f2.text_field :id %> <% foo.bars.each do |bar| %> <%= f2.fields_for 'bar[]', bar do |b| %> <%= b.text_field :id %> <% end %> <% end %> <% end %> <% end %> <%= f.submit %> <% end %> rails doesn't add index for 'foo' in the inner fields_for block, so field names in the outer fields_for looks like "foos[foo][#{foo_index}][id]" and in the inner "foos[foo[]][bar][#{bar_index}][id]". Submitting of such form leads to an error like: >ActionController::BadRequest (Invalid request parameters: expected Array >(got Rack::QueryParser::Params) for param `foo'): This commit adds indexes for the foos in the inner blocks, so field names become "foos[foo][#{foo_index}][bar][#{bar_index}][id]" and submitting of such form works fine as expected. Fixes #15332
* | | | Add a hidden field on the collection_radio_buttonsMauro George2015-09-244-32/+47
| | | | | | | | | | | | | | | | | | | | This will avoid a error be raised when the only input on the form is the `collection_radio_buttons`.
* | | | Merge pull request #21712 from amitsuroliya/html_fixYves Senn2015-09-221-2/+2
|\ \ \ \ | | | | | | | | | | Correcting output of `file_field` with `multiple` attribute option [ci skip]
| * | | | Correcting output of `file_field` with `multiple` attribute option [ci skip]amitkumarsuroliya2015-09-221-2/+2
| | | | |
* | | | | Correcting output of `number_to_percentage` example in `number_helper` [ci skip]amitkumarsuroliya2015-09-221-1/+1
|/ / / / | | | | | | | | Here is correct output of `number_to_percentage(100, format: "%n %”)`
* | | | Merge pull request #21612 from ronakjangir47/remove_unused_paramsSean Griffin2015-09-211-2/+2
|\ \ \ \ | | | | | | | | | | Removed unused parameter `options` for `register_detail` method
| * | | | Removed unused parameter `options` for `register_detail` methodRonak Jangir2015-09-131-2/+2
| | | | | | | | | | | | | | | This method is only called with name & block.
* | | | | :scissors: empty line at the top of filesAkira Matsuda2015-09-211-1/+0
| | | | |
* | | | | Replaced `ThreadSafe::Map` with successor `Concurrent::Map`.Jerry D'Antonio2015-09-195-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The thread_safe gem is being deprecated and all its code has been merged into the concurrent-ruby gem. The new class, Concurrent::Map, is exactly the same as its predecessor except for fixes to two bugs discovered during the merge.
* | | | | Merge pull request #21632 from ↵Kasper Timm Hansen2015-09-181-1/+8
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | kirs/feature/translation-helper-include-interpolation Include interpolation values to translation_missing helper
| * | | | Include interpolation values to translation_missing helperKir Shatrov2015-09-181-1/+8
| | | | |
* | | | | No need the `a`shingo.nakanishi2015-09-171-2/+2
| | | | |
* | | | | Fixed helpers submit button Examples [ci skip]shingo.nakanishi2015-09-171-1/+1
| | | | |
* | | | | fix typo intance -> instance in ActionView [ci skip] amitkumarsuroliya2015-09-131-1/+1
| |/ / / |/| | | | | | | `intance` should be `instance`
* | | | Merge pull request #21502 from ↵Rafael Mendonça França2015-09-081-2/+3
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | bernerdschaefer/bs-polymorphic-url_for-dups-arguments `url_for` does not modify polymorphic options
| * | | | `url_for` does not modify polymorphic optionsBernerd Schaefer2015-09-041-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `url_for` methods in `actionpack` and `actionview` now make a copy of the provided options before generating polymorphic paths or URLs. The bug in the previous behavior is most noticeable in a case like: url_options = [:new, :post, param: 'value'] if current_page?(url_options) css_class = "active" end link_to "New Post", url_options, class: css_class
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 17:45:06 +0000