| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
|
|
|
|
|
|
|
|
| |
A few have been left for aesthetic reasons, but have made a pass
and removed most of them.
Note that if the method `foo` returns an array, `foo << 1`
is a regular push, nothing to do with assignments, so
no self required.
|
| |
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|
|
|
| |
https://github.com/rails/rails/issues/19472
|
|
|
|
|
|
| |
View test
Follow up to #23980.
|
|
|
|
|
|
| |
In e6e0579defcfcf94ef1c4c1c7659f374a5335cdb the `params` option was added to the `button_to` helper. However, the patch doesn't support nested hashes so `{a: {b: 'c'}}` for example gets turned into a hidden form input with the name 'a' and the value being the string representation of the `{b: 'c'}` nested hash.
Since Rails supports nested hashes everywhere else (and even in the URL params of link_to and button_to), I believe this to be a bug/unfinished feature.
|
|
|
|
|
|
| |
of html_safe in favour of raw() in AV helpers.
Also changed usage of html_safe to make use of raw() instead so that the intended behaviour is verified with raw()
|
| |
|
| |
|
|\
| |
| | |
In url_for, never append ? when the query string is empty anyway.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It used to behave like this:
url_for(controller: 'x', action: 'y', q: {})
# -> "/x/y?"
We previously avoided empty query strings in most cases by removing
nil values, then checking whether params was empty. But as you can
see above, even non-empty params can yield an empty query string. So
I changed the code to just directly check whether the query string
ended up empty.
(To make everything more consistent, the "removing nil values"
functionality should probably move to ActionPack's Hash#to_query, the
place where empty hashes and arrays get removed. However, this would
change a lot more behavior.)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`link_to :back` creates a link to whatever was
passed in via the referer header. If an attacker
can alter the referer header, that would create
a cross-site scripting vulnerability on every
page that uses `link_to :back`
This commit restricts the back URL to valid
non-javascript URLs.
https://github.com/rails/rails/issues/14444
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `url_for` methods in `actionpack` and `actionview`
now make a copy of the provided options
before generating polymorphic paths or URLs.
The bug in the previous behavior
is most noticeable in a case like:
url_options = [:new, :post, param: 'value']
if current_page?(url_options)
css_class = "active"
end
link_to "New Post", url_options, class: css_class
|
| |
|
| |
|
|
|
|
|
|
|
| |
Prompted by:
https://github.com/rails/rails/commit/e38dd7bfa4360e241eadf0cf44abdf86ea33a393#commitcomment-11011496
/cc @kuldeepaggarwal
|
|
|
|
|
|
|
| |
This illustrates the purpose of the block for `link_to_if` and
`link_to_unless` helper methods.
It should help to prevent further mistakes like #19844.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
stevenspiel/link_to_if_block_helper_addition"
This reverts commit d459b001b43d25053e7982e96eb8383538a6e358, reversing
changes made to 4d4950fae9e2a6970b5f1793aadc56a0b44e28a3.
:sweat:
The block is not supposed to be passed to `link_to`. It's used for a
customized behavior of the `condtion = false` case. The docs
illustrate that like so:
```
<%=
link_to_if(@current_user.nil?, "Login", { controller: "sessions", action: "new" }) do
link_to(@current_user.login, { controller: "accounts", action: "show", id: @current_user })
end
%>
```
|
|
|
|
| |
Update url_helper.rb
|
|\
| |
| |
| | |
mail_to helper method fix
|
| |
| |
| |
| |
| | |
when mail_to generate blank options for any passed options(cc, bcc, body, subject)
then MICROSOFT OUTLOOK treats it differently and set wrong values in different options.
|
| |
| |
| |
| | |
onwards.
|
| |
| |
| |
| | |
https://github.com/rails/rails/commit/baf14ae513337cb185acf865e93dfc48f3aabf6a
|
|/ |
|
| |
|
| |
|
|
|
|
| |
Related with cbb917455f306cf5818644b162f22be09f77d4b2
|
|
|
| |
I did not see in the docs that `button_to` supports not only URLs but paths as well. I documented this functionality with a unit tests and added an example to the docs as well.
|
|\
| |
| |
| |
| |
| |
| | |
Add params option for button_to
Conflicts:
actionpack/CHANGELOG.md
|
| |
| |
| |
| |
| |
| | |
The parameters are rendered as hidden form fields within the generated
form. This is useful for when a record has multiple buttons associated
with it, each of which target the same controller method, but which
need to submit different attributes.
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
Require minitest/mock in test where stub method is needed.
Apparently this was being "imported" by minitest pride plugin, which
previously required "minitest/autorun", that required "minitest/mock",
making the method available by chance.
It has been changed in minitest:
https://github.com/seattlerb/minitest/commit/595ce955c0d89575726d10fc18d2afd8f334bcbe
So we need to make sure we require what we really need where necessary.
|
| |
|
|
|
|
|
|
|
| |
In some cases webservers like nginx send the escaped characters
lowercased to the Rails application. The current_page? helper was
comparing the escaped strings that are different since Ruby escapes the
URL using uppercased characters.
|
|
|
|
|
|
| |
Use link_to with block and url_hash, expect block as name.
But ignore block and use url_hash as name.
3-2-stable passes this test. 4-0-stable and master fail this.
|
|
|
|
| |
Same test exists above 2 or 3 lines.
|
| |
|
|
|