| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
attributes list isn't given
|
|
|
|
| |
permissible params
|
|
|
|
| |
mass_assignment_sanitizers
|
| |
|
| |
|
|\
| |
| | |
Implement :null_session CSRF protection method
|
| |
| |
| |
| |
| |
| |
| |
| | |
It's further work on CSRF after 245941101b1ea00a9b1af613c20b0ee994a43946.
The :null_session CSRF protection method provide an empty session during
request processing but doesn't reset it completely (as :reset_session
does).
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Users of other SCM's can now generate rails
apps that will add the "empty" directories to source control,
but will not have a useless .gitignore or mis-named .gitkeep
files.
* Change `rails new` and `rails plugin new` generators to name
the `.gitkeep` as `.keep` in a more SCM-agnostic way.
* Change `--skip-git` option to only skip the `.gitignore` file
and still generate the `.keep` files.
* Add `--skip-keeps` option to skip the `.keep` files.
It closes #2800.
|
| |
| |
| |
| | |
default is the SynchronousQueue.
|
| |
| |
| |
| |
| | |
We should not let the users use the ThreadedConsumer without know about
the risks
|
|/ |
|
| |
|
|
|
|
|
|
|
| |
The app generator is not generally run under bundler, but the Bundler
constant is used here.
In particular you cannot create --dev apps without this.
|
| |
|
|
|
|
|
|
|
|
| |
The cause of the previous revert was bug in bundler that made it hard to
make railties test work. Fix for bundler was recently pushed to github,
so now we can safely get back to the original commit.
This reverts commit 0f5cc34ab58cda99d1401ecc82e1ebb873838dd7.
|
|
|
|
|
|
|
| |
When running `rails generate controller --help` an example
with creating a (singular) "CreditCard" controller is
shown. The convention is to generate controllers with plural
names though.
|
|
|
|
|
|
| |
Tell people to install `activerecord-session_store` gem when it's not
installed instead ofraising `NameError` on missing
`ActionDispatch::Session::ActiveRecordStore`.
|
| |
|
|
|
|
|
| |
This functionality will be available from gem
`active_record-session_store` instead.
|
|
|
|
|
|
|
| |
The reason the test was failing was because when the test
invokes `app.config`, the app is loaded and, as `eager_load`
is set to true, it disables the dependency loading mechanism,
so controllers that are later defined are not loaded.
|
| |
|
| |
|
| |
|
|\
| |
| | |
Improve eager load on Rails
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
The new option allows any Ruby namespace to be registered and set
up for eager load. We are effectively exposing the structure existing
in Rails since v3.0 for all developers in order to make their applications
thread-safe and CoW friendly.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The flag was mainly used to add a Rack::Lock middleware to
the stack, but the only scenario the lock is desired is in
development.
If you are deploying on a not-threaded server, the Rack::Lock
does not provide any benefit since you don't have concurrent
accesses. On the other hand, if you are on a threaded server,
you don't want the lock, since it defeats the purpose of using
a threaded server.
If there is someone out there, running on a thread server
and does want a lock, it can be added to your environment
as easy as: `use Rack::Lock`
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, the eager load behavior was mostly coupled to
config.cache_classes, however this was suboptimal since in
some environments a developer may want to cache classes but
not necessarily load them all on boot (for example, test env).
This pull request also promotes the use of config.eager_load
set to true by default in production. In the majority of the
cases, this is the behavior you want since it will copy most
of your app into memory on boot (which was also the previous
behavior).
Finally, this fix a long standing Rails bug where it was
impossible to access a model in a rake task when Rails was
set as thread safe.
|
|\ \
| |/
|/|
| | |
Clarify and correct the description for the --full option of the
plugin_new generator. [ci skip]
|
| |
| |
| |
| | |
generator
|
| | |
|
| | |
|
|\ \ |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This was only needed due to
https://github.com/rails/rails/blob/6591a10b1f6eccc91bc01ab708050884058e9665/railties/lib/rails/console_app.rb#L6
We don't need that on master.
Fixes #6907.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
Let Rake control the cache directories. If the directory already
exists, rake will skip creating it (vs the previous task which would
always try to mkdir_p)
|
| | |
| | |
| | |
| | |
| | |
| | | |
ActionDispatch railtie is a better place for
config.action_dispatch.default_headers settings, users can continue
overriding those settings in their configuration files if needed.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When you mount your application at a path, for example /myapp, server
should set SCRIPT_NAME to /myapp. With such information, rails
application knows that it's mounted at /myapp path and it should generate
routes relative to that path.
Before this patch, rails handled SCRIPT_NAME correctly only for regular
apps, but it failed to do it for mounted engines. The solution was to
hardcode default_url_options[:script_name], which is not the best answer
- it will work only when application is mounted at a fixed path.
This patch fixes the situation by respecting original value of
SCRIPT_NAME when generating application's routes from engine and the
other way round - when you generate engine's routes from application.
This is done by using one of 2 pieces of information in env - current
SCRIPT_NAME or SCRIPT_NAME for a corresponding router. This is because
we have 2 cases to handle:
- generating engine's route from application: in this situation
SCRIPT_NAME is basically SCRIPT_NAME set by the server and it
indicates the place where application is mounted, so we can just pass
it as :original_script_name in url_options. :original_script_name is
used because if we use :script_name, router will ignore generating
prefix for engine
- generating application's route from engine: in this situation we
already lost information about the SCRIPT_NAME that server used. For
example if application is mounted at /myapp and engine is mounted at
/blog, at this point SCRIPT_NAME is equal /myapp/blog. Because of that
we need to keep reference to /myapp SCRIPT_NAME by binding it to the
current router. Later on we can extract it and use when generating url
Please note that starting from now you *should not* use
default_url_options[:script_name] explicitly if your server already
passes correct SCRIPT_NAME to rack env.
(closes #6933)
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It's not really a good idea to have this as a global config option. We
should allow people to specify the behaviour per association.
There will now be two new values:
* :dependent => :restrict_with_exception implements the current
behaviour of :restrict. :restrict itself is deprecated in favour of
:restrict_with_exception.
* :dependent => :restrict_with_error implements the new behaviour - it
adds an error to the owner if there are dependent records present
See #4727 for the original discussion of this.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
called out at the top level
|
| | |
| | |
| | |
| | | |
basic data". I dont consider this something most people is going to want most of the time. If you want to add it in your own app, knock yourself out. But it doesnt belong in Rails imo
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
by Active Support)
Selecting which key extensions to include in active_support/rails
made apparent the systematic usage of Object#in? in the code base.
After some discussion in
https://github.com/rails/rails/commit/5ea6b0df9a36d033f21b52049426257a4637028d
we decided to remove it and use plain Ruby, which seems enough
for this particular idiom.
In this commit the refactor has been made case by case. Sometimes
include? is the natural alternative, others a simple || is the
way you actually spell the condition in your head, others a case
statement seems more appropriate. I have chosen the one I liked
the most in each case.
|
| | |
|
| | |
|
| | |
|