| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
This will ensure that the digestor stays in parity with the
LookupContext object.
|
|
|
|
|
|
| |
Written when I didn't understand the internals as well. Action View
generally just refers to `@template` when meaning a fixed template
render. So follow that implicit convention.
|
|
|
|
|
|
| |
We should only support a top level `cache_options`. We also don't
have to default the options to a hash as Active Support's cache
defaults that arg to nil.
|
|
|
|
| |
in the case of failure it is nice to see what the two digests are.
|
|
|
|
|
| |
we can use kwargs in this case to avoid values_at and except calls on
the options hash
|
|
|
|
|
|
| |
This metaprogrammed method doesn't seem to be a bottleneck, so lets just
use a regular method so it's easier to understand. We can follow up
with more interesting techniques for cache manipulation soon.
|
|
|
|
| |
Wasn't removed in 57ac777.
|
| |
|
| |
|
|
|
|
| |
then we can stop scattering nil checks (e.g. `try`) through the class.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The view paths cache will eventually query the filesystem when looking
up templates:
https://github.com/rails/rails/blob/2db347bebc9d3f39b3c5e274b7c9beecfce73913/actionview/lib/action_view/template/resolver.rb#L224-L230
The order in which files are returned is file system dependent. Since
the template digest [depends on its children](https://github.com/rails/rails/blob/2db347bebc9d3f39b3c5e274b7c9beecfce73913/actionview/lib/action_view/digestor.rb#L109-L115), the order of the dependencies will impact the fingerprint.
This commit sorts the wildcard dependencies so that we get a consistent
hash.
Fixes #23592
|
|
|
|
|
|
|
|
|
| |
If we check the conditional at registration time, then we can avoid the
conditional at runtime. This commit checks for view path support when
the handler is registered so that runtime calls to `find_dependencies`
won't need to check the conditional. The idea is that
`register_tracker` is called only once where `find_dependencies` may be
called many times.
|
|\
| |
| | |
Fix edge case with ActionView::Template::Error reraise
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When you re-raise an ActionView::Template::Error, the #cause can change.
You can see this behaviour with [nack]. Currently, `web-console` doesn't
run the console in the proper binding in the case of errors in the
views, because when we follow the `#cause` of the exception it is an
[`EOFError`][EOFError].
This also affects [pow] as it runs on [nack].
[nack]: https://github.com/josh/nack
[pow]: http://pow.cx/
[EOFError]: https://github.com/josh/nack/blob/d523cc870c0a11dcf349388a15adfecba9314f97/lib/nack/server.rb#L108
|
| |
| |
| |
| |
| |
| | |
And improve changelongs.
[ci skip]
|
| | |
|
| | |
|
| |
| |
| |
| | |
This allows expire_in (and other options) to be passed to the cache method
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
These tests were failing due to backwards incompatible changes, as apart
of the v1.0.3 release of rails-html-sanitizer.
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 5-0-beta-sec:
bumping version
fix version update task to deal with .beta1.1
Eliminate instance level writers for class accessors
allow :file to be outside rails root, but anything else must be inside the rails view directory
Don't short-circuit reject_if proc
stop caching mime types globally
use secure string comparisons for basic auth username / password
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
rails view directory
CVE-2016-0752
|
| | |
| | |
| | |
| | |
| | |
| | | |
of html_safe in favour of raw() in AV helpers.
Also changed usage of html_safe to make use of raw() instead so that the intended behaviour is verified with raw()
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A Set can't be implicitly converted into an Array:
```
irb(main):012:0> formats = [ :rss ]
=> [:rss]
irb(main):013:0> formats &= SET.symbols
TypeError: no implicit conversion of Set into Array
from (irb):13:in `&'
from (irb):13
from /Users/kasperhansen/.rbenv/versions/2.2.3/bin/irb:11:in `<main>'
```
Besides `Mime::SET.symbols` returns an Array, so we're closer to that.
|
| | |
| | |
| | |
| | | |
Match `Mime::SET.symbols`.
|
| | |
| | |
| | |
| | | |
If they aren't symbols, then they aren't likely to be in the set anyway.
|
| | |
| | |
| | |
| | | |
We'll be using this to map over to Action Dispatch's Mime::Set.
|
| | |
| | |
| | |
| | |
| | | |
The template types is a private abstraction to fill in basic blanks from Action Dispatch's
mime types. As such we can modify the data structure ourselves.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Spares a to_sym call by aliasing to_sym to ref.
Then the delegate felt meager for one method; ditch and define method ourselves.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The @symbol has already been converted to a symbol in initialize, so no need to call to_sym
when comparing it.
Ditch early return for a simple unless statement.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We delegate to_sym to the internal symbol, which we've already called to_sym on in
initialize, so we don't need to do that.
We also know to_sym will never return a falsy value, so we'll never hit to_s.
Just return the symbolized symbol.
|
|\ \ \
| | | |
| | | |
| | | | |
Use ActiveSupport::SafeBuffer when flushing content_for
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, when content_for is flushed, the content
was replaced directly by a new value in
ActionView::OutputFlow#set. The problem is this new
value passed to the method may not be an instance of
ActiveSupport::SafeBuffer.
This change forces the value to be set to a new
instance of ActiveSupport::SafeBuffer.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Pass the current locale to Inflector from the pluralize text helper.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The pluralize text helper uses the Inflector to determine the plural
form. The inflector accepts an optional parameter for the locale,
so we can pass it from the text helper to have locale-aware pluralizations
on the text helpers level.
The pluralize text helper now only accepts 2 positional arguments:
`count` and `singular`. Passing `plural` as a positional argument
is now deprecated.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
but rather very often used inside helpers to directly return a String value.
[ci skip]
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Per-form CSRF tokens
|
| | | | | | |
|
| | | | | | |
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This fixes the case when you try to render an html you know safe and the
file is named something.html. With this commit the content of the html
won't be escaped anymore because AV won't use Raw handler and choose
Html handler instead.
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
stevenspiel/titleize_model_name_for_default_submit_button_value
titleize the model name on default submit buttons
|
| | | | | | |
|