aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/test/template/url_helper_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* Use assert_predicate and assert_not_predicateDaniel Colson2018-01-251-1/+1
|
* Use frozen string literal in actionview/Kir Shatrov2017-07-241-0/+2
|
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-021-1/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Merge pull request #29540 from kirs/rubocop-frozen-stringMatthew Draper2017-07-021-0/+1
|\ | | | | | | Enforce frozen string in Rubocop
| * Enforce frozen string in RubocopKir Shatrov2017-07-011-0/+1
| |
* | Merge pull request #29506 from pat/frozen-string-literalsMatthew Draper2017-07-021-1/+1
|\ \ | |/ |/| | | Make ActiveSupport frozen-string-literal friendly.
| * Make ActionView frozen string literal friendly.Pat Allan2017-06-201-1/+1
| | | | | | | | Plus a couple of related ActionPack patches.
* | Fix current_page? helper issue with engine root pathsavroff2017-06-191-3/+13
|/
* Use mattr_accessor default: option throughout the projectGenadi Samokovarov2017-06-031-2/+1
|
* ERB::Util.url_encode no longer escapes ~ since ruby 2.5Akira Matsuda2017-05-191-2/+2
| | | | see: https://bugs.ruby-lang.org/issues/6696
* Merge pull request #28848 from Edouard-chin/ec-remove-unused-methodRafael França2017-04-261-7/+0
|\ | | | | `sort_query_string_params` method is no more used
| * `sort_query_string_params` method is no more usedEdouard CHIN2017-04-231-7/+0
| | | | | | | | | | - This method was added in this commit https://github.com/rails/rails/commit/33258d713a4bc20b71e92fd656c923a7b189cd33 - The last caller got removed there https://github.com/rails/rails/commit/0b6ce3422370647cad3e91263a291f69b313d65b
* | Fix `current_page?` regression:Edouard CHIN2017-04-261-0/+18
|/ | | | | | - `check_parameters` kwargs was added to the `current_page?` method, the implementation was assuming only hashes responds to `delete`. This was causing issues when `current_page?` was called with a Active Model object - ref https://github.com/rails/rails/pull/27549 - Fixes #28846
* Reuse the Parameters#to_h check in the routing helpersRafael Mendonça França2017-04-181-1/+5
| | | | | Since this protection is now in Parameters we can use it instead of reimplementing again.
* Reduce string objects by using \ instead of + or << for concatenating stringsAkira Matsuda2017-01-121-1/+1
| | | | (I personally prefer writing one string in one line no matter how long it is, though)
* Merge pull request #27549 from mpugach/consider_params_in_current_pageRafael França2017-01-041-0/+9
|\ | | | | Add "check_parameters" option to "current_page?"
| * Add `check_parameters` option to `current_page?`Maksym Pugach2017-01-041-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Example: For "http://www.example.com/shop/checkout?order=desc&page=1" current_page?('http://www.example.com/shop/checkout') => true current_page?( 'http://www.example.com/shop/checkout', check_parameters: true ) => false
* | Fix typo s/permited/permitted/Ryuta Kamizono2017-01-041-2/+2
|/ | | | | | | | | ``` % git grep -n permited actionview/test/template/url_helper_test.rb:238: def test_button_to_with_permited_strong_params actionview/test/template/url_helper_test.rb:245: def test_button_to_with_unpermited_strong_params activerecord/test/cases/relations_test.rb:1620: def test_update_on_relation_passing_active_record_object_is_not_permited ```
* Privatize unneededly protected methods in Action View testsAkira Matsuda2016-12-231-1/+1
|
* Merge pull request #26810 from maclover7/jm-fix-26802Rafael Mendonça França2016-10-221-0/+27
|\ | | | | | | Convert ActionController::Parameters to a hash in button_to
| * Convert ActionController::Parameters to a hash in button_toJon Moss2016-10-171-0/+16
|/ | | | | | | | | | | Before, an error would be raised saying that the method `to_param` was undefined on the instance of `ActionController::Parameters`. Now, we are checking to see if the `params` object being passed to `button_to` responds to the `permitted?` method, and if so, we will call `to_h` on it. If it does not respond to `permitted?`, then the `params` will remain unchanged. [Jon Moss, Rafael Mendonça França]
* Add three new rubocop rulesRafael Mendonça França2016-08-161-2/+2
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* code gardening: removes redundant selfsXavier Noria2016-08-081-1/+1
| | | | | | | | | A few have been left for aesthetic reasons, but have made a pass and removed most of them. Note that if the method `foo` returns an array, `foo << 1` is a regular push, nothing to do with assignments, so no self required.
* applies remaining conventions across the projectXavier Noria2016-08-061-1/+0
|
* modernizes hash syntax in actionviewXavier Noria2016-08-061-2/+2
|
* applies new string literal convention in actionview/testXavier Noria2016-08-061-78/+78
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Fix ActionView::Helpers#current_page? with issue in ↵Stan Lo2016-07-201-0/+6
| | | | https://github.com/rails/rails/issues/19472
* silence deprecation message for dynamic controller and actions on Action ↵yuuji.yaginuma2016-03-131-1/+3
| | | | | | View test Follow up to #23980.
* Fix button_to's params option to support nested names.James Coleman2016-02-191-2/+44
| | | | | | In e6e0579defcfcf94ef1c4c1c7659f374a5335cdb the `params` option was added to the `button_to` helper. However, the patch doesn't support nested hashes so `{a: {b: 'c'}}` for example gets turned into a hidden form input with the name 'a' and the value being the string representation of the `{b: 'c'}` nested hash. Since Rails supports nested hashes everywhere else (and even in the URL params of link_to and button_to), I believe this to be a bug/unfinished feature.
* html_safe is not supposed to be public API for AV. This change removes usage ↵Vipul A M2016-01-201-10/+10
| | | | | | of html_safe in favour of raw() in AV helpers. Also changed usage of html_safe to make use of raw() instead so that the intended behaviour is verified with raw()
* add option for per-form CSRF tokensBen Toews2016-01-041-1/+1
|
* Prevent ActionController::Parameters from being passed to url_for directlyJean Boussier2015-12-151-9/+0
|
* Merge pull request #21241 from pdg137/masterArthur Nogueira Neves2015-11-261-0/+4
|\ | | | | In url_for, never append ? when the query string is empty anyway.
| * In url_for, never append ? when the query string is empty anyway.Paul Grayson2015-10-291-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It used to behave like this: url_for(controller: 'x', action: 'y', q: {}) # -> "/x/y?" We previously avoided empty query strings in most cases by removing nil values, then checking whether params was empty. But as you can see above, even non-empty params can yield an empty query string. So I changed the code to just directly check whether the query string ended up empty. (To make everything more consistent, the "removing nil values" functionality should probably move to ActionPack's Hash#to_query, the place where empty hashes and arrays get removed. However, this would change a lot more behavior.)
* | Don’t allow arbitrary data in back urlsDamien Burke2015-11-031-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | `link_to :back` creates a link to whatever was passed in via the referer header. If an attacker can alter the referer header, that would create a cross-site scripting vulnerability on every page that uses `link_to :back` This commit restricts the back URL to valid non-javascript URLs. https://github.com/rails/rails/issues/14444
* | Add tests to make sure mail_to work with nil and SafeBufferRafael Mendonça França2015-11-031-0/+14
|/
* `url_for` does not modify polymorphic optionsBernerd Schaefer2015-09-041-0/+14
| | | | | | | | | | | | | | | | | The `url_for` methods in `actionpack` and `actionview` now make a copy of the provided options before generating polymorphic paths or URLs. The bug in the previous behavior is most noticeable in a case like: url_options = [:new, :post, param: 'value'] if current_page?(url_options) css_class = "active" end link_to "New Post", url_options, class: css_class
* no more require minitest mockGaurav Sharma2015-08-271-1/+0
|
* Encode the email address as prescribed in RFC 6068 section 2.Clayton Smith2015-07-231-0/+7
|
* use the right assertions.Yves Senn2015-05-051-2/+2
| | | | | | | Prompted by: https://github.com/rails/rails/commit/e38dd7bfa4360e241eadf0cf44abdf86ea33a393#commitcomment-11011496 /cc @kuldeepaggarwal
* add test-case for `link_to_if` behavior with a block.Yves Senn2015-05-011-0/+10
| | | | | | | This illustrates the purpose of the block for `link_to_if` and `link_to_unless` helper methods. It should help to prevent further mistakes like #19844.
* Revert "Merge pull request #19844 from ↵Yves Senn2015-05-011-5/+0
| | | | | | | | | | | | | | | | | | | | | stevenspiel/link_to_if_block_helper_addition" This reverts commit d459b001b43d25053e7982e96eb8383538a6e358, reversing changes made to 4d4950fae9e2a6970b5f1793aadc56a0b44e28a3. :sweat: The block is not supposed to be passed to `link_to`. It's used for a customized behavior of the `condtion = false` case. The docs illustrate that like so: ``` <%= link_to_if(@current_user.nil?, "Login", { controller: "sessions", action: "new" }) do link_to(@current_user.login, { controller: "accounts", action: "show", id: @current_user }) end %> ```
* Merge pull request #19844 from stevenspiel/link_to_if_block_helper_additionYves Senn2015-05-011-0/+5
| | | | Update url_helper.rb
* Merge pull request #17143 from kuldeepaggarwal/fix-mailToRafael Mendonça França2015-02-201-0/+5
|\ | | | | | | mail_to helper method fix
| * do not generate blank options in mailToKuldeep Aggarwal2014-10-021-0/+5
| | | | | | | | | | when mail_to generate blank options for any passed options(cc, bcc, body, subject) then MICROSOFT OUTLOOK treats it differently and set wrong values in different options.
* | Removed magic comments # encoding: utf-8 , since its default from ruby 2.0 ↵Vipul A M2015-02-031-1/+0
| | | | | | | | onwards.
* | Fixed test for deprecation warning in actionview, renaming from ↵Vipul A M2015-01-311-9/+9
| | | | | | | | https://github.com/rails/rails/commit/baf14ae513337cb185acf865e93dfc48f3aabf6a
* | Add support for Reply-To field in mail_to helperMark Dodwell2014-12-201-2/+2
|/
* Included DomAssertions in url_helper- and atom_feed_helper_test.rb.Timm2014-06-161-1/+1
|
* Moved Dom and Selector assertions from ActionDispatch to ActionView.Timm2014-06-161-1/+1
|