aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #22275 from mastahyeti/per-form-csrfRafael França2016-01-062-5/+15
|\ | | | | Per-form CSRF tokens
| * add option for per-form CSRF tokensBen Toews2016-01-042-5/+15
| |
* | Prefer inspect over escaping and sorround by quote marksSantiago Pastorino2016-01-051-3/+1
| |
* | Add Html template handler that wraps Raw output in an OutputBufferSantiago Pastorino2016-01-052-1/+12
|/ | | | | | | This fixes the case when you try to render an html you know safe and the file is named something.html. With this commit the content of the html won't be escaped anymore because AV won't use Raw handler and choose Html handler instead.
* Merge pull request #22764 from ↵Rafael França2016-01-041-0/+2
|\ | | | | | | | | stevenspiel/titleize_model_name_for_default_submit_button_value titleize the model name on default submit buttons
| * downcase default submit button value's model nameSteven Spiel2016-01-011-0/+2
| |
* | Update copyright notices to 2016 [ci skip]Rashmi Yadav2015-12-311-1/+1
| |
* | Fix collection_radio_buttons' hidden_field name and make it appear before ↵Santiago Pastorino2015-12-312-2/+10
| | | | | | | | | | | | the radios Fixes #22773
* | TestController#parameters returns AC::ParametersJustin Coyne2015-12-291-1/+1
| | | | | | | | | | | | | | Fixes #22827 ActionView::TestCase::TestController#parameters should return an instance of ActionController::Parameters rather than a hash. This enables helper methods to use the correct interface.
* | Merge pull request #22759 from akshay-vishnoi/human-size-helperEileen M. Uchitelle2015-12-271-0/+2
|\ \ | | | | | | Add support for Petabyte and Exabyte in number to human size
| * | Add support for Petabyte and Exabyte in number to human sizeAkshay Vishnoi2015-12-221-0/+2
| |/
* | fix TypeError when using submit_tag with Symbol valueyuuji.yaginuma2015-12-241-1/+1
| |
* | Add caveat to number_to_currency docs [ci skip]Derek Prior2015-12-231-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | I've worked on a few applications that have gone through the internationalization process and had issues because they were using `number_to_currency`. The minute a user is allowed to change their locale, they can change the price displayed on a page from 10 US dollars to 10 Mexican Pesos, which is far from the same amount of money. Unlike other helpers that rely on i18n, `number_to_currency` does not produce equivalent results when the locale is changed. As I've explained this to a few groups of developers now, I thought it might make for a good caveat in the docs.
* | Require only the concurrent/map featureRafael Mendonça França2015-12-231-1/+1
|/
* do not use `div_for` in example [ci skip]yuuji.yaginuma2015-12-221-8/+9
| | | | `div_for` removed in 01e94ef
* Merge pull request #22462 from lxsameer/i18n_html_wrapRafael França2015-12-182-0/+11
|\ | | | | wrapping i18n missing keys made optional
| * debug_missing_translation configuration added to action_viewSameer Rahmani2015-12-182-0/+11
| | | | | | | | | | | | | | | | | | `I18n.translate` helper will wrap the missing translation keys in a <span> tag only if `debug_missing_translation` configuration has a truthy value. Default value is `true`. For example in `application.rb`: # in order to turn off missing key wrapping config.action_view.debug_missing_translation = false
* | Change `alpha` to `beta1` to prep for release of Rails 5eileencodes2015-12-181-1/+1
|/ | | | :tada: :beers:
* Remove ActionView::Helpers::CacheHelper#fragment_cache_keySam Stephenson2015-12-141-8/+0
| | | | | | Introduced in e56c63542780fe2fb804636a875f95cae08ab3f4, `CacheHelper#fragment_cache_key` is a duplicate of `ActionController::Caching::Fragments#fragment_cache_key`. We now require the view to provide this method on its own (as with `view_cache_dependencies`); `ActionController::Caching::Fragments` exports its version as a `helper_method`.
* Merge pull request #17013 from gsamokovarov/fix-null-resolverSean Griffin2015-11-231-2/+1
|\ | | | | Fix improper value types used to instantiate a Template in AV::NullResol...
| * Fix improper value types used to instantiate a Template in AV::NullResolverGenadi Samokovarov2014-09-221-2/+1
| | | | | | | | | | | | | | While trying to provide a reproducible test for #17008 I stumbled on this one. Seems to be quite an old piece of code, but its definitely useful in situations like the reproducible test cases like the one above.
* | Example of setting data attributes for image_tagNishant Modak2015-11-201-0/+2
| |
* | Merge branch 'master' of github.com:rails/docrailsVijay Dev2015-11-151-1/+1
|\ \
| * | [ci skip] Use full component name in public API documentyui-knk2015-11-151-1/+1
| | |
* | | Respect value of `:object` if `:object` is false when renderingyui-knk2015-11-131-1/+1
| | | | | | | | | | | | | | | This commit fixes the bug convering `false` to `locals[as]` when `options[:object]` is `false` (close #22260).
* | | Fix week_field returning invalid valueChristoph2015-11-101-1/+1
| | | | | | | | | | | | | | | | | | | | | According to the W3 spec[1] the value should use a 1-based index and not a 0-based index for the week number. [1]: http://www.w3.org/TR/html-markup/datatypes.html#form.data.week
* | | Allow `host` option in javscript and css helpersGrzegorz Witek2015-11-081-2/+2
| | | | | | | | | | | | | | | Now both `javascript_include_tag` and `stylesheet_tag` can accept `host` option to provide custom host for the asset
* | | Require only necessary concurrent-ruby classes.Jerry D'Antonio2015-11-044-4/+4
| | |
* | | Don’t allow arbitrary data in back urlsDamien Burke2015-11-031-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `link_to :back` creates a link to whatever was passed in via the referer header. If an attacker can alter the referer header, that would create a cross-site scripting vulnerability on every page that uses `link_to :back` This commit restricts the back URL to valid non-javascript URLs. https://github.com/rails/rails/issues/14444
* | | Deprecate exception#original_exception in favor of exception#causeYuki Nishijima2015-11-032-7/+14
|/ /
* | Fix style issues with #16252Sean Griffin2015-10-291-8/+5
| |
* | making selected value to accept Hash like the default option. E.g. selected: ↵Lecky Lao2015-10-291-1/+9
| | | | | | | | | | | | | | | | {day: params[:day].to_i, month: params[:month].to_id} Adds in test test_date_select_with_selected_in_hash and change log fixes typo in CHANGELOG
* | Ignore scope in missing translation input.Kasper Timm Hansen2015-10-281-1/+1
| | | | | | | | | | | | It's already represented in the key name. Demonstrate with a test. Also test that the default isn't output.
* | Collection check boxes propagates input's id to the label's for attribute.Vasiliy Ermolovich2015-10-201-0/+2
| |
* | Merge pull request #21894 from abhishekjain16/refactor_with_dryRafael Mendonça França2015-10-081-10/+6
|\ \ | | | | | | Follow DRY principle and remove duplication
| * | Follow DRY principle and remove duplicationAbhishek Jain2015-10-081-10/+6
| | |
* | | [ci skip] fix typoAbhishek Jain2015-10-071-1/+1
|/ /
* | Use `Mime[:foo]` instead of `Mime::Type[:FOO]` for back compatJeremy Daer2015-10-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rails 4.x and earlier didn't support `Mime::Type[:FOO]`, so libraries that support multiple Rails versions would've had to feature-detect whether to use `Mime::Type[:FOO]` or `Mime::FOO`. `Mime[:foo]` has been around for ages to look up registered MIME types by symbol / extension, though, so libraries and plugins can safely switch to that without breaking backward- or forward-compatibility. Note: `Mime::ALL` isn't a real MIME type and isn't registered for lookup by type or extension, so it's not available as `Mime[:all]`. We use it internally as a wildcard for `respond_to` negotiation. If you use this internal constant, continue to reference it with `Mime::ALL`. Ref. efc6dd550ee49e7e443f9d72785caa0f240def53
* | Merge pull request #21887 from abhishekjain16/doc_fixKasper Timm Hansen2015-10-061-1/+1
|\ \ | | | | | | Fix usage of word alternatively in docs [ci skip]
| * | Fix usage of word alternatively in docs [ci skip]Abhishek Jain2015-10-061-1/+1
| | |
* | | [ci skip] Change 'an URL' to 'a URL' as URL doesn't have a vowel soundtanmay30112015-10-061-1/+1
|/ /
* | Improve readability of docs by using code tag [ci skip]Prakash Laxkar2015-09-291-1/+1
| |
* | Merge pull request #21661 from akshay-vishnoi/submit_tag_testsRafael Mendonça França2015-09-291-1/+1
|\ \ | | | | | | Fix - Prevent adding of `data-disable-with` option twice in html.
| * | Fix - Prevent adding of `data-disable-with` option twice in html.Akshay Vishnoi2015-09-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Earlier when `data-disable-with` option is added direclty as in options then ```ruby submit_tag("Save", { "data-disable-with" => "Processing..." }) # => <input type="submit" name="commit" value="Save" data-disable-with="Processing..." data-disable-with="Processing..." /> ``` Now when `data-disable-with` option is added direclty as in options then ```ruby submit_tag("Save", { "data-disable-with" => "Processing..." }) # => <input type="submit" name="commit" value="Save" data-disable-with="Processing..." /> ```
* | | Merge pull request #21790 from yui-knk/fix_doc_date_fieldRafael Mendonça França2015-09-281-1/+1
|\ \ \ | | | | | | | | [ci skip] Fix which method `FormHelper#date_field` try to call
| * | | [ci skip] Fix which method `FormHelper#date_field` try to callyui-knk2015-09-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When this method was implemented (https://github.com/rails/rails/pull/5016/files), `to_date` is called. But this behavior was chagned refactoring (https://github.com/rails/rails/pull/6452/files). In the first commit, there were not test which asserts `to_date` is called. I think trying `to_date` is more useful than trying `strftime`, because we can write `"2015-01-01".to_date`. But first fix comments to match actual behavior.
* | | | minor doc fix [ci skip]Mehmet Emin İNAÇ2015-09-271-3/+3
|/ / /
* | | Merge pull request #21431 from ojab/masterRafael Mendonça França2015-09-261-1/+8
|\ \ \ | | | | | | | | Handle nested fields_for by adding indexes to record_name
| * | | Handle nested fields_for by adding indexes to record_nameojab2015-08-301-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In case of the form with nested fields_for, i. e. <%= form_for :foos, url: root_path do |f| %> <% @foos.each do |foo| %> <%= f.fields_for 'foo[]', foo do |f2| %> <%= f2.text_field :id %> <% foo.bars.each do |bar| %> <%= f2.fields_for 'bar[]', bar do |b| %> <%= b.text_field :id %> <% end %> <% end %> <% end %> <% end %> <%= f.submit %> <% end %> rails doesn't add index for 'foo' in the inner fields_for block, so field names in the outer fields_for looks like "foos[foo][#{foo_index}][id]" and in the inner "foos[foo[]][bar][#{bar_index}][id]". Submitting of such form leads to an error like: >ActionController::BadRequest (Invalid request parameters: expected Array >(got Rack::QueryParser::Params) for param `foo'): This commit adds indexes for the foos in the inner blocks, so field names become "foos[foo][#{foo_index}][bar][#{bar_index}][id]" and submitting of such form works fine as expected. Fixes #15332
* | | | Add a hidden field on the collection_radio_buttonsMauro George2015-09-244-32/+47
| | | | | | | | | | | | | | | | | | | | This will avoid a error be raised when the only input on the form is the `collection_radio_buttons`.