aboutsummaryrefslogtreecommitdiffstats
path: root/railties/lib/rails/mailers_controller.rb
Commit message (Collapse)AuthorAgeFilesLines
* [Rails::MailersController] Do not leak I18n global setting changesThierry Joyal2019-04-161-2/+5
|
* Use symbol for mail preview format, not stringJohn Hawthorn2019-03-181-1/+1
|
* Introduce a guard against DNS rebinding attacksGenadi Samokovarov2018-12-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ActionDispatch::HostAuthorization is a new middleware that prevent against DNS rebinding and other Host header attacks. By default it is included only in the development environment with the following configuration: Rails.application.config.hosts = [ IPAddr.new("0.0.0.0/0"), # All IPv4 addresses. IPAddr.new("::/0"), # All IPv6 addresses. "localhost" # The localhost reserved domain. ] In other environments, `Rails.application.config.hosts` is empty and no Host header checks will be done. If you want to guard against header attacks on production, you have to manually permit the allowed hosts with: Rails.application.config.hosts << "product.com" The host of a request is checked against the hosts entries with the case operator (#===), which lets hosts support entries of type RegExp, Proc and IPAddr to name a few. Here is an example with a regexp. # Allow requests from subdomains like `www.product.com` and # `beta1.product.com`. Rails.application.config.hosts << /.*\.product\.com/ A special case is supported that allows you to permit all sub-domains: # Allow requests from subdomains like `www.product.com` and # `beta1.product.com`. Rails.application.config.hosts << ".product.com"
* Disable content security policy for mailer previewsDylan Reile2018-07-301-0/+2
|
* Add locale selector to email preview (#31596)Hitoshi Nakashima2018-01-181-2/+10
| | | | - Add set_locale to detect suitable locale - Make feature compatible with Rails 5.x
* [Railties] require_relative => requireAkira Matsuda2017-10-211-1/+1
| | | | This basically reverts 618268b4b9382f4bcf004a945fe2d85c0bd03e32
* Adding frozen_string_literal pragma to Railties.Pat Allan2017-08-141-0/+2
|
* [Railties] require => require_relativeAkira Matsuda2017-07-011-1/+1
|
* Pass request params to ActionMailer::PreviewAlexey Zapparov2017-03-011-1/+7
|
* Privatize unneededly protected methods in RailtiesAkira Matsuda2016-12-251-5/+5
|
* Add three new rubocop rulesRafael Mendonça França2016-08-161-3/+3
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* applies new string literal convention in railties/libXavier Noria2016-08-061-3/+3
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Use `Mime[:foo]` instead of `Mime::Type[:FOO]` for back compatJeremy Daer2015-10-061-1/+1
| | | | | | | | | | | | | | | | | Rails 4.x and earlier didn't support `Mime::Type[:FOO]`, so libraries that support multiple Rails versions would've had to feature-detect whether to use `Mime::Type[:FOO]` or `Mime::FOO`. `Mime[:foo]` has been around for ages to look up registered MIME types by symbol / extension, though, so libraries and plugins can safely switch to that without breaking backward- or forward-compatibility. Note: `Mime::ALL` isn't a real MIME type and isn't registered for lookup by type or extension, so it's not available as `Mime[:all]`. We use it internally as a wildcard for `respond_to` negotiation. If you use this internal constant, continue to reference it with `Mime::ALL`. Ref. efc6dd550ee49e7e443f9d72785caa0f240def53
* stop using deprecated method in mailers controlleryuuji.yaginuma2015-09-231-1/+1
| | | | Accessing mime types via constants is deprecated.
* Fix displaying mailer previews on non local requests.Wojciech Wnętrzak2015-09-171-1/+5
| | | | | When config `action_mailer.show_previews` is set, previews are displayed regardless of local request check.
* stop using deprecated `render :text` in railtiesyuuji.yaginuma2015-08-061-1/+1
|
* Fix mailer previews with attachmentsAndrew White2015-05-041-6/+8
| | | | | | Use the mail gem's own API to locate the correct part. Fixes #14435.
* mailer previews for `NullMail` instances. Closes #19849.Yves Senn2015-04-281-5/+5
|
* Deprecate all *_filter callbacks in favor of *_action callbacksRafael Mendonça França2014-05-271-3/+3
| | | | | This is the continuation of the work started at 9d62e04838f01f5589fa50b0baa480d60c815e2c
* Add mailer previews feature based on mail_view gemAndrew White2013-12-171-0/+73
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 09:53:13 +0000