aboutsummaryrefslogtreecommitdiffstats
path: root/actionview
Commit message (Collapse)AuthorAgeFilesLines
* ensure tag/content_tag escapes " in attribute valsAndrew Carpenter2016-08-112-1/+11
| | | | | | Many helpers mark content as HTML-safe without escaping double quotes -- including `sanitize`. Regardless of whether or not the attribute values are HTML-escaped, we want to be sure they don't include double quotes, as that can cause XSS issues. For example: `content_tag(:div, "foo", title: sanitize('" onmouseover="alert(1);//'))` CVE-2016-6316
* Fix actionview test failureRyuta Kamizono2016-08-112-3/+3
| | | | Caused by #26092.
* prefer __dir__ over __FILE__ in File.expand_pathXavier Noria2016-08-111-1/+3
| | | | | | Thinking .. relative to files is not natural, we are used to think "parent of a directory", and we have __dir__ nowadays.
* Fix broken alignments caused by auto-correct commit 411ccbdRyuta Kamizono2016-08-102-4/+7
| | | | Hash syntax auto-correcting breaks alignments. 411ccbdab2608c62aabdb320d52cb02d446bb39c
* revises more Lint/EndAlignment offensesXavier Noria2016-08-081-9/+9
|
* code gardening: removes redundant selfsXavier Noria2016-08-087-9/+8
| | | | | | | | | A few have been left for aesthetic reasons, but have made a pass and removed most of them. Note that if the method `foo` returns an array, `foo << 1` is a regular push, nothing to do with assignments, so no self required.
* Extract common view cache dependency setup.Kasper Timm Hansen2016-08-071-8/+9
|
* Move CHANGELOG entry to the top.Kasper Timm Hansen2016-08-071-11/+11
|
* Modify LogSubscriber for single partial's cache message.Stan Lo2016-08-085-23/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement naive partial caching mechanism. Add test for LogSubscriber Use ActionView::Base#log_payload to store log_subscriber's payload, so we can pass cache result into it. Fixed tests Remove useless settings Check if #log_payload exists before calling it. Because other classes also includes CacheHelper but don't have is attribute Use @log_payload_for_partial_reder instead of #log_payload to carry ActionView's payload. Update test's hash syntax Add configuration to enable/disable fragment caching logging Remove unless test and add new test to ensure cache info won't effect next rendering's log Move :enable_fragment_cache_logging config from ActionView to ActionPack Apply new config to tests Update actionview's changelog Update configuration guide Improve actionview's changelog Refactor PartialRenderer#render and log tests Mute subscriber's log instead of disabling instrumentation. Fix typo, remove useless comment and use new hash syntax Improve actionpack's log_subscriber test Fix rebase mistake Apply new config to all caching intstrument actions
* Add `Style/EmptyLines` in `.rubocop.yml` and remove extra empty linesRyuta Kamizono2016-08-076-7/+0
|
* applies remaining conventions across the projectXavier Noria2016-08-0625-125/+99
|
* normalizes indentation and whitespace across the projectXavier Noria2016-08-0636-853/+852
|
* remove redundant curlies from hash argumentsXavier Noria2016-08-0613-72/+64
|
* modernizes hash syntax in actionviewXavier Noria2016-08-0668-1123/+1123
|
* applies new string literal convention to the rest of the projectXavier Noria2016-08-061-9/+9
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* applies new string literal convention in the gemspecsXavier Noria2016-08-061-18/+18
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* applies new string literal convention in actionview/testXavier Noria2016-08-0657-1207/+1207
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* applies new string literal convention in actionview/libXavier Noria2016-08-0655-271/+271
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Use to_a to pre-buffer the collectionSteven Harman2016-07-262-8/+7
| | | | | | | | We can safely assume we're not dealing with an infinite collection as we're about to call `each` on it and collect the results until it terminates on its own. Given that, `to_a` is implemented by the normal Array-like objects, and less Array-like objects like `Enumerator` and `Enumerator::Lazy`.
* Default to an empty collection if falsey givenSteven Harman2016-07-261-1/+1
| | | | | | | This will ensure we attempt to render an empty collection, meaning we don't actually render anything at all. Allowing `nil` or a falsey value through results in calling `render_partial` rather than `render_collection`, which isn't what we want.
* Use Ruby >= 1.9 hash syntax as is the preferenceSteven Harman2016-07-261-1/+1
|
* Fix collection_from_options to allow EnumeratorsSteven Harman2016-07-263-1/+21
| | | | | | | | | | | | | An optimization was introduced in https://github.com/rails/rails/commit/27f4ffd11a91b534fde9b484cb7c4e515ec0fe77 which tried to `#to_ary` the collection to prevent unnecessary queries for ActiveRecord scopes/relations. If the given collection did not respond to `#to_ary`, and empty collection was returned. That meant you couldn't use collections built from `Enumerator` nor `Enumerable`. With this change, `#collection_from_options` will attempt the optimization, but fall back to passing along the given collection, as-is.
* systematic revision of =~ usage in AVXavier Noria2016-07-2511-28/+39
| | | | | Where appropriate, prefer the more concise Regexp#match?, String#include?, String#start_with?, or String#end_with?
* Explain meaning of the code very well and Remove confusion. [ci skip]Santosh Wadghule2016-07-231-4/+4
| | | | | | Code like `render(topics) => render("topics/topic")` adds confusion for the readers. On first impression, that code feels like hash kind of data, but it's not. So make it more clear and meaningful.
* Bring back support for callable cache_key on collection renderingIgnatius Reza2016-07-212-4/+19
|
* Merge pull request #25520 from st0012/fix-current-pageRafael França2016-07-202-0/+8
|\ | | | | Fix ActionView::Helpers#current_page? with trailing space issue.
| * Fix ActionView::Helpers#current_page? with issue in ↵Stan Lo2016-07-202-0/+8
| | | | | | | | https://github.com/rails/rails/issues/19472
* | Fix docs in collection_radio_buttonsclaudiob2016-07-181-3/+3
| | | | | | | | [ci skip] Just some english and `<tt>` tags.
* | Store the old logger before calling superRafael Mendonça França2016-07-171-1/+1
| | | | | | | | | | | | setup in ActiveSupport::LogSubscriber::TestHelper call set_logger that will change ActionController::Base.logger to the MockLogger so that logger will be always MockLogger
* | Merge pull request #25850 from ojab/layout_doc_fixRafael Mendonça França2016-07-171-1/+4
|\ \ | | | | | | | | | Mention that layout can call a Proc [ci skip]
| * | Mention that layout can call a Proc [ci skip]ojab2016-07-151-1/+4
|/ / | | | | | | Also document return values for Proc/Symbol arguments
* | Eliminate extra template lookup in ActionView::DigestorJavan Makhmali2016-07-141-2/+1
| |
* | Tiny documentation fixes [ci skip]Robin Dupret2016-07-041-4/+9
| | | | | | | | | | | | Fix a link to use RDoc syntax and make sure that the titles' level match the section we are in since we are both documenting the new and the legacy syntax.
* | `partial` option on the digest method is no more needed [ci skip]:Edouard CHIN2016-07-021-1/+0
| | | | | | | | - `partial` option is not used anymore, this was removed in https://github.com/rails/rails/pull/23724
* | Merge pull request #25553 from vipulnsward/25543-docs-follow-upVipul A M2016-06-301-16/+7
|\ \ | | | | | | 25543 docs cleanup
| * | - Tone down documentationVipul A M2016-06-281-16/+7
| | | | | | | | | | | | | | | | | | | | | - Remove repetative docs - Fix grammar on sentences - Add escaping for literals [ci skip]
* | | [ci skip] Update formatting in ActionView::Base documentationAlex Kitchens2016-06-291-6/+6
| | |
* | | - Added select tag test for verifying passing html options to f.select helperVipul A M2016-06-281-1/+10
| | | | | | | | | | | | - Renamed test to be more descriptive
* | | Add dup leftover from 26710ab.Kasper Timm Hansen2016-06-281-1/+1
| | |
* | | Default to frozen string literals in TagHelper.Kasper Timm Hansen2016-06-281-5/+7
| | | | | | | | | | | | Removes littering `freeze` calls with Ruby 2.3's magic comment.
* | | Merge pull request #25555 from vipulnsward/boolean-attributes-updateRafael França2016-06-284-14/+13
|\ \ \ | | | | | | | | Bring Boolean Attributes list for AV Tags helper upto speed with current spec
| * | | Bring Boolean Attributes list for AV Tags helper upto speed with current spec.Vipul A M2016-06-284-14/+13
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | This is based on https://github.com/kangax/html-minifier/blob/6b2d4536d82819143b468b41a89c700b6c61631f/src/htmlminifier.js#L197 and spec from https://www.w3.org/TR/html51/single-page.html. Couple of other changes to tests due to support update: - autobuffer has been dropped in favour of preload attribute, ref: https://msdn.microsoft.com/en-us/library/ff974743(v=vs.85).aspx - pubdate attribute has been dropped from spec, ref: https://www.w3.org/html/wg/tracker/issues/185
* | | Merge pull request #25551 from vipulnsward/25543-follow-upKasper Timm Hansen2016-06-281-1/+1
|\ \ \ | | | | | | | | Expand list of void elements to match spec
| * | | Expand list of void elements to match spec from ↵Vipul A M2016-06-281-1/+1
| |/ / | | | | | | | | | https://html.spec.whatwg.org/multipage/syntax.html#void-elements
* / / Freeze string for default content for tag_strings, which later goes on to ↵Vipul A M2016-06-281-1/+1
|/ / | | | | | | create new content. This should also be inline with content being passed should not be mutable
* | Document `simple_format` handling of `\r`Derek Prior2016-06-271-4/+5
| | | | | | | | | | | | | | `simple_format` handles `\r\n` and `\r` but previously did not document this behavior. The handling is done with a `gsub` in `split_paragraphs`. [ci skip]
* | New syntax for tag helpers i.e. tag.br instead of tag(br) #25195Marek2016-06-276-63/+364
| |
* | Fix typo in exception class nameCédric Félizard2016-06-261-1/+1
| |
* | Merge pull request #25287 from marekkirejczyk/fix_25267Godfrey Chan2016-06-252-1/+8
|\ \ | |/ |/| Make select_year work with include_position: true option, fix #25267
| * Make select_year work with include_position: true option, fix #25267Marek2016-06-052-1/+8
| |