aboutsummaryrefslogtreecommitdiffstats
path: root/guides/source/upgrading_ruby_on_rails.md
Commit message (Collapse)AuthorAgeFilesLines
* Deprecate controller level force_sslDerek Prior2018-03-301-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Today there are two common ways for Rails developers to force their applications to communicate over HTTPS: * `config.force_ssl` is a setting in environment configurations that enables the `ActionDispatch::SSL` middleware. With this middleware enabled, all HTTP communication to your application will be redirected to HTTPS. The middleware also takes care of other best practices by setting HSTS headers, upgrading all cookies to secure only, etc. * The `force_ssl` controller method redirects HTTP requests to certain controllers to HTTPS. As a consultant, I've seen many applications with misconfigured HTTPS setups due to developers adding `force_ssl` to `ApplicationController` and not enabling `config.force_ssl`. With this configuration, many application requests can be served over HTTP such as assets, requests that hit mounted engines, etc. In addition, because cookies are not upgraded to secure only in this configuration and HSTS headers are not set, it's possible for cookies that are meant to be secure to be sent over HTTP. The confusion between these two methods of forcing HTTPS is compounded by the fact that they share an identical name. This makes finding documentation on the "right" method confusing. HTTPS throughout is quickly becomming table stakes for all web sites. Sites are expected to operate over HTTPS for all communication, sensitive or otherwise. Let's encourage use of the broader-reaching `ActionDispatch::SSL` middleware and elminate this source of user confusion. If, for some reason, applications need to expose certain endpoints over HTTP they can do so by properly configuring `config.ssl_options`.
* Update "Upgrading from Rails 5.1 to Rails 5.2" [ci skip]bogdanvlviv2018-03-141-0/+10
| | | | | | | | | | | Add section "Expiry in signed or encrypted cookie is now embedded in the cookies values" to `master` since it should always be in the guides, not only for version 5.2. Add info about `config.action_dispatch.use_authenticated_cookie_encryption` to the "Configuring Rails Applications" guide. It was committed straight to `5-2-stable` since we don't need this functionality in 6.0. Related to b25fcbc074ea688765af62a163698d5449221a8c.
* Fix note marks [ci skip]Yauheni Dakuka2018-03-121-1/+1
|
* Rails 6 requires Ruby 2.4.1+Jeremy Daer2018-02-171-1/+1
| | | | | | Skipping over 2.4.0 to sidestep the `"symbol_from_string".to_sym.dup` bug. References #32028
* Rails 6 requires Ruby 2.3+Jeremy Daer2018-02-171-0/+1
|
* Merge pull request #31577 from prathamesh-sonpatki/upgrade-guide-bootsnapEileen M. Uchitelle2018-01-181-0/+11
|\ | | | | Added a note about bootsnap in the Rails 5.2 upgrade guide [ci skip]
| * Added a note about bootsnap in the Rails 5.2 upgrade guide [ci skip]Prathamesh Sonpatki2017-12-271-0/+11
| |
* | Fix some broken links in guidesDorian Marié2018-01-111-1/+1
| |
* | Fix "the the " [ci skip]Ryuta Kamizono2018-01-101-1/+1
|/
* Merge pull request #30474 from yhirano55/make_it_same_title_in_index_and_pageEileen M. Uchitelle2017-12-131-2/+2
|\ | | | | Make it same title in index and page [ci skip]
| * Make it same title in index and page [ci skip]Yoshiyuki Hirano2017-08-311-2/+2
| |
* | Cosmetic changes [ci skip]Yauheni Dakuka2017-11-301-13/+13
| |
* | Cosmetic fixes [ci skip]Yauheni Dakuka2017-10-061-3/+3
|/
* Use https instead of http in guide [ci skip]Yoshiyuki Hirano2017-08-231-2/+2
|
* Add note about JSON/JSONB serialization changesJon Moss2017-08-171-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | The initial commit (efaa6e4f79d457c2cdd08cbc56d63bc972a6993c) that changed this behavior was intended to be a minor change, but ended up becoming a large-ish breaking change within Active Record. This is because instead of only JSON encoding `Hash`es or `Array`s in `#serialize`, we now encode all values passed in. This is an issue if you're passing in a `String`, that has already been transformed from a `Hash` to a `String`, since your data is now being double encoded. Unfortunately, the change was included in one of the v5.0.0 beta releases, and it is too late to revert without huge ripple effects. Thus, all we can do is update the documentation (via this commit), and add some test coverage (coming soon in a PR) for the new behavior. Please note that in the documentation I talk about deserialization, not about serialization, where the actual change occurred. This is because you won't notice any changes in serialized data until you try and deserialize it. Also to make the change itself (confusing until you read through everything multiple times) easier to understand. Related #27788, #25594, #26101, #24234, #28292, #28285, #28285, and probably others. [ci skip]
* Change to pluralJon Moss2017-08-161-1/+1
| | | | | | `it` and `has` are for singular, not plural [ci skip]
* Updates Rails upgrade guide for 4.2 to 5.0 regarding the removal of ↵Marc Rendl Ignacio2017-07-211-0/+10
| | | | `ActionView::Helpers::RecordTagHelper`
* Update upgrading guide w.r.t. Parameters to use other example method than ↵edwardmp2017-06-061-1/+1
| | | | slice as this has actually been implemented by Parameters
* Fix note about `secrets.yml` [ci skip]yuuji.yaginuma2017-04-301-3/+3
| | | | The `secrets` method is in `Application` class, not `Configuration` class.
* Small grammar fixesJon Moss2017-04-231-7/+6
| | | | [ci skip]
* [ci_skip] Fix typo in Rails 5.1 upgrade notesShanthi Pendleton2017-04-231-1/+1
|
* Add note about #26929 in the upgrade guideRafael Mendonça França2017-04-211-0/+17
| | | | | This is a small breaking change that we chose to make in 5.1 since the fix can be done with a search and replace tool.
* Fix typo in Upgrading Ruby on Rails Guide [skip ci]Erol Fornoles2017-03-031-1/+1
|
* Soft-deprecate the top-level HashWithIndifferentAccess classRobin Dupret2017-02-251-0/+19
| | | | | | | Since using a `ActiveSupport::Deprecation::DeprecatedConstantProxy` would prevent people from inheriting this class and extending it from the `ActiveSupport::HashWithIndifferentAccess` one would break the ancestors chain, that's the best option we have here.
* Merge pull request #27954 from maclover7/jm-fix-26404Jon Moss2017-02-091-0/+10
|\ | | | | Add note about breakage in file uploads in controller tests to upgrading guide
| * Add note about breakage in file uploads in controller tests to upgradingJon Moss2017-02-091-0/+10
| | | | | | | | | | | | | | | | guide ref #26404 [ci skip]
* | Fix wordingJonathan Chen2017-02-091-1/+1
|/
* Revert "Revert "Merge pull request #17943 from ↵Rafael Mendonça França2016-12-291-0/+4
| | | | | | | | | jeremywadsack/doc_cache_importability"" This reverts commit 6961afefd2f163f30b9ae3aacb74b290287f9a80. We were not able to keep backward compatibility in this case so it is better to ask people to upgrade with cold cache.
* Fix typo in Upgrading Ruby on Rails Guide [ci skip]Erol Fornoles2016-10-241-1/+1
|
* Merge pull request #26224 from jonatack/consistent-asset-precompile-examplesEileen M. Uchitelle2016-08-191-1/+1
|\ | | | | Consistent examples and template for assets#precompile
| * Consistent examples and template for assets#precompileJon Atack2016-08-191-1/+1
| | | | | | | | | | | | | | | | Listening to a few developers today discussing their troubles in understanding how to use the asset pipeline, it turns out that the precompile examples in the guides and assets.rb template have over time become a bit inconsistent. This PR makes the examples consistent in code style, spacing, and asset names, removes the old 'swfObject.js' example, and in a couple of places wraps lines at 80 characters including in the assets.rb template. Re-add spaces inside array parentheses.
* | Merge pull request #26175 from stomar/upgrade-guide-fixRafael França2016-08-161-0/+2
|\ \ | | | | | | Clarify migration to ApplicationRecord in upgrade guides [ci skip]
| * | Clarify migration to ApplicationRecord in upgrade guides [ci skip]Marcus Stollsteimer2016-08-151-0/+2
| | |
* | | Clarify use of update task on 4.2 and earlier [ci skip]Marcus Stollsteimer2016-08-151-1/+1
|/ /
* | Revert "Clarify and fix typos in Autoloading Disabled upgrade guide [ci skip]"Xavier Noria2016-08-151-12/+12
| | | | | | | | | | | | Reason: See https://github.com/rails/rails/pull/26163#issuecomment-239703322 This reverts commit 39effc857e5c774670d6fad1a26aebcc33c51f0a.
* | Clarify and fix typos in Autoloading Disabled upgrade guide [ci skip]Olivier Lacan2016-08-141-12/+12
|/ | | | | | | | | | | | The Guides section about autoloading being disabled was slightly confusing (#24724) and didn't directly reference the removed feature by name (config.autoload_paths) making it much harder for someone to search the upgrade guides for a mention or serendipitously find it via a Google search when running into autoloading issues. I also fixed some confusing turns of phrase and a missing word. /cc @vipulnsward @jvanbaarsen
* Fix typo: caches_pages to caches_page.chen78974992016-07-071-1/+1
| | | Fix a small typo on doc: "caches_pages" -> "caches_page".
* [ci skip] Fix Typos and Punctuation in Guides - UpgradingAlex Kitchens2016-06-301-16/+16
|
* Add an upgrade note related to ActionController::Live becoming a ConcernRodrigo Rosenfeld Rosas2016-06-301-0/+29
| | | | | See issue #25581: https://github.com/rails/rails/issues/25581
* Fix styles of headings to follow guide ruleseileencodes2016-06-301-20/+20
| | | | | | From the style guide: When writing headings, capitalize all words except for prepositions, conjunctions, internal articles, and forms of the verb "to be":
* Change wording & punctuation in Guides - UpgradingAlex Kitchens2016-06-301-12/+11
|
* fixes config value [ci skip]Xavier Noria2016-06-301-1/+1
|
* expands a bit a section of the upgrade guide [ci skip]Xavier Noria2016-06-301-4/+15
|
* Add a note about autoloading being disabled in production env in upgrade ↵Prathamesh Sonpatki2016-06-301-1/+7
| | | | | | guide [ci skip] - Also to_time_preserves_timezone config should be false for older apps getting upgraded to Rails 5 [ci skip]
* Update upgrade guideseileencodes2016-06-301-6/+36
| | | | | Mentions missing config options and fixes headers for section talking about new framework defaults.
* Fix release notes linkeileencodes2016-06-291-1/+1
|
* Merge pull request #25584 from vipulnsward/upgrading-guideEileen M. Uchitelle2016-06-291-3/+3
|\ | | | | Pass over Upgrading guide
| * Pass over Upgrading guide [ci skip]Vipul A M2016-06-291-3/+3
| |
* | Add note about release notes in upgrade guideeileencodes2016-06-291-0/+2
|/ | | | | It's useful to have a link to the release notes in the upgrade guide for a clearer view of what changed in Rails.
* Update Rails 5 upgrade guideseileencodes2016-06-291-4/+133
| | | | | Adds missing upgrade items to the upgrade guides for Rails 5. Fixes some typos and whitespace as well.