| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
behavior
|
| |
|
|
|
|
|
| |
We had 2 pull requests erronously trying to remove the first command.
Add some comments for clarity.
|
|\
| |
| |
| |
| | |
y-yagi/remove_request_forgery_protection_from_rails_api
remove `request_forgery_protection` initializer from rails api
|
| |
| |
| |
| |
| | |
In rails api, since default is so as not to use the `protect_from_forgery`,
`request_forgery_protection` initializer I think that's unnecessary
|
| | |
|
| |
| |
| |
| | |
Related with e62ddac05b7d827ae870898d7cd9eaf76e0730aa
|
| |
| |
| |
| | |
Related with 668c006cf33a63ac3f8a8f064c772a339341e70c.
|
|/ |
|
|
|
|
|
|
|
| |
LoadingTest#test_does_not_reload_constants_on_development_if_custom_file_watcher_always_returns_false in railties/test/application/loading_test.rb is failing with: `NoMethodError: undefined method 'execute' for #<#<Class:0x00000002465a30>:0x00000001f79698>`
The test creates an anonymous class to be used as a custom file watcher using `config.file_watcher=`. Per the Rails guides for Configuring, the class set to `config.file_watcher` “Must conform to ActiveSupport::FileUpdateChecker API”. Per the docs for ActiveSupport::FileUpdateChecker, the API depends on four methods: #initialize, #updated?, #execute, and #execute_if_updated. The custom file watcher in the failing test only implements the first two methods.
This pull request adds #execute and #execute_if_updated to the custom file_watcher, conforming it to the ActiveSupport::FileUpdateChecker API, and passing the test.
|
| |
|
|
|
|
| |
Also call it `public_server.index_name` so it'll make more sense.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running tests, the Rails test runner would report the start of the test method as the test failure.
For this test:
```ruby
1 require 'test_helper
2
3 class BunnyTest < ActiveSupport::TestCase
4 test "something failing" do
5 assert false, 'This failed'
6 end
7 end
```
The runner outputs 5 instead of 4:
```
............................................F
This failed
bin/rails test test/models/bunny_test.rb:5
........
```
|
|
|
|
| |
The overall syntax of the file path is more important, not the exact line it was on.
|
|
|
|
|
|
|
|
|
| |
generator
In the app generator, regardless of the namespace, it is adapted to read the same `application_controller.rb`,
modified to api generator also be the same behavior.
ref 686966a1861e6761021d45f6795de753e8a62216, 06ac63b4c602e4b26cb3bfbf0dfd2bed8b00e786
|
|
|
|
| |
Forgot to do it in 748b2f9, when deprecating `serve_static_files`.
|
|
|
|
|
|
|
|
| |
As discussed in https://github.com/rails/rails/pull/19135#issuecomment-153385986.
Replaces `serve_static_files` to unify the static options under the `public_file_server` wing.
Deprecates `serve_static_files` accessors, but make them use the newer config internally.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`1_valid_people_have_last_names.rb` and
`20150823202140_create_users.rb` are valid migration file name.
But `1_valid_people_have_last_names.rb` is rendered as
`********** NO FILE **********` when `rake db:migrate:status`.
Fix to this bug, this commit includes
* define some API private methdos and a Constant
`match_to_migration_filename?`, `parse_migration_filename`, and
`MigrationFilenameRegexp`
* use these methods in `db:migrate:status` task
Example:
These files are in `db/migrate`
* 1_valid_people_have_last_names.rb
* 20150819202140_irreversible_migration.rb
* 20150823202140_add_admin_flag_to_users.rb
* 20150823202141_migration_tests.rb
* 2_we_need_reminders.rb
* 3_innocent_jointable.rb
we can migrate all of them.
Before
```shell
$ bundle exec rake db:migrate:status
...
Status Migration ID Migration Name
--------------------------------------------------
up 001 ********** NO FILE **********
up 002 ********** NO FILE **********
up 003 ********** NO FILE **********
up 20150819202140 Irreversible migration
up 20150823202140 Add admin flag to users
up 20150823202141 Migration tests
```
After
```shell
$ bundle exec rake db:migrate:status
...
Status Migration ID Migration Name
--------------------------------------------------
up 001 Valid people have last names
up 002 We need reminders
up 003 Innocent jointable
up 20150819202140 Irreversible migration
up 20150823202140 Add admin flag to users
up 20150823202141 Migration tests
```
|
| |
|
| |
|
|
|
|
|
|
| |
We are using the same version constraint in the database adapters so
when a new version of the adapter that doesn't work with the version of
rails is released we don't break new applications.
|
|\
| |
| | |
Allow rake:stats to account for rake tasks
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
If `SECRET_KEY_BASE` or other `secret` gets passed as other then string
we need to raise `ArgumentError` to know that it's a wrong argument.
Closes #22072
|
|\ \
| | |
| | |
| | | |
Explicitly exit with status "1" for create and drop failures
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* If the drop task fails for a reason other than the database not
existing, processing should end. This is indicated by a non-zero
exit status.
* Since the backtrace is already printed to screen, we forgo
printing it again by using an explicit call to `exit`.
* :warning: This modifies the behavior of the db:create task slightly in
that the stack trace is no longer printed by default. If the `--trace`
option is used, it will print the trace _after_ the error message.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* If the create task fails for a reason other than the database already
existing, processing should end. This is indicated by a non-zero exit
status.
* Since the backtrace is already printed to screen, we forgo printing it
again by using an explicit call to `exit`.
* :warning: This modifies the behavior of the db:create task slightly in
that the stack trace is no longer printed by default. If the `--trace`
option is used, it will print the trace _after_ the error message.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Previously the sqlite3 adapter could not "fail" on drop. Now an error
is raised when no file exists.
* Also updates purge to be resilient of drop failures. This is how purge
is expected to behave.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Running the db:create task when the database already exists isn't
really an error case. That is processing may proceed in this case
because the database exists as requested. So let's validate that
behavior with a test.
* Likewise, if the database doesn't exist when running the db:drop task
processing may continue as the requested condition is already met.
Thus a test.
|
| | | |
|
| | |
| | |
| | |
| | | |
Also move the method to the right class
|
| | | |
|
|/ /
| |
| |
| | |
`README` it is changed to `README.rdoc` in 6b126e2, it has been changed to` README.md` further 89a12c9.
|
|/ |
|
|\
| |
| | |
add application_job.rb to template of mountable engine
|
| |
| |
| |
| |
| | |
since cb012467214f6e4bb1ac3987554bb75020b4796b, generated job inherents from ApplicationJob,
ApplicationJob is required in the mountable engine.
|
|\ \
| | |
| | |
| | | |
Add basic support for access control headers to ActionDispatch::Static
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Now ActionDispatch::Static can accept HTTP headers so that developers
will have control of returning arbitrary headers like
'Access-Control-Allow-Origin' when a response is delivered. They can
be configured through `#config.public_file_server.headers`:
config.public_file_server.headers = {
"Cache-Control" => "public, max-age=60",
"Access-Control-Allow-Origin" => "http://rubyonrails.org"
}
Also deprecate `config.static_cache_control` in favor of
`config.public_file_server.headers`.
|
|\ \ \
| | | |
| | | | |
ActionMailer https on URL with force_ssl = true
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
`config.force_ssl = true` will set
config.action_mailer.default_url_options = { protocol: 'https' }
If you have turned on force_ssl, and then gone to the effort of setting
config.action_mailer.default_url_options = {host: 'example.com'} then
you are probably pointing people back to your current app and want
https on that too.
|
| | | |
| | | |
| | | |
| | | | |
Since the plugin generator do not generate assets, I think manifest.js also that it unnecessary.
|
|\ \ \ \
| | | | |
| | | | | |
Mounted engine route fix
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When generating the url for a mounted engine through its proxy, the path should be the sum of three parts:
1. Any `SCRIPT_NAME` request header or the value of `ActionDispatch::Routing::RouteSet#relative_url_root`.
2. A prefix (the engine's mounted path).
3. The path of the named route inside the engine.
Since commit https://github.com/rails/rails/commit/44ff0313c121f528a68b3bd21d6c7a96f313e3d3, this has been broken. Step 2 has been changed to:
2. A prefix (the value of `ActionDispatch::Routing::RouteSet#relative_url_root` + the engine's mounted path).
The value of `ActionDispatch::Routing::RouteSet#relative_url_root` is taken into account in step 1 of the route generation and should be ignored when generating the mounted engine's prefix in step 2.
This commit fixes the regression by having `ActionDispatch::Routing::RouteSet#url_for` check `options[:relative_url_root]` before falling back to `ActionDispatch::Routing::RouteSet#relative_url_root`. The prefix generating code then sets `options[:relative_url_root]` to an empty string. This empty string is used instead of `ActionDispatch::Routing::RouteSet#relative_url_root` and avoids the duplicate `relative_url_root` value in the final result.
This resolves #20920 and resolves #21459
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change the reporter to just read the option.
Pass output_inline where needed in tests.
|
| | | | |
| | | | |
| | | | |
| | | | | |
Lets us cut the verbose and straight up duplicated setup in 3 tests down to one line.
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We'd see the failures and errors reported after the run, which is needless, when we've already
reported them.
Turns:
```
.......................................S....................F
This failed
bin/rails test test/models/bunny_test.rb:14
....
Finished in 0.100886s, 1020.9583 runs/s, 1001.1338 assertions/s.
2) Failure:
BunnyTest#test_something_failing [/Users/kasperhansen/Documents/code/collection_caching_test/test/models/bunny_test.rb:15]:
This failed
103 runs, 101 assertions, 1 failures, 0 errors, 1 skips
You have skipped tests. Run with --verbose for details.
```
Into:
```
...................S.......................................F
This failed
bin/rails test test/models/bunny_test.rb:14
......................
Finished in 0.069910s, 1473.3225 runs/s, 1444.7143 assertions/s.
103 runs, 101 assertions, 1 failures, 0 errors, 1 skips
```
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit 37423e4ff883ad5584bab983aceb4b2b759a1fd8.
Jeremy is right that we shouldn't remove this. The fact is that many
engines are depending on this middleware to be in the default stack.
This ties our hands and forces us to keep the middleware in the stack so
that engines will work. To be extremely clear, I think this is another
smell of "the rack stack" that we have in place. When manipulating
middleware, we should have meaningful names for places in the req / res
lifecycle **not** have engines depend on a particular constant be in a
particular place in the stack. This is a weakness of the API that we
have to figure out a way to address before removing the constant.
As far as timing attacks are concerned, we can reduce the granularity
such that it isn't useful information for hackers, but is still useful
for developers.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The runtime header is a potential target for timing attacks since it
returns the amount of time spent on the server (eliminating network
speed). Total time is also not accurate for streaming responses.
The middleware can be added back via:
```ruby
config.middleware.ues ::Rack::Runtime
```
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
jeremy/sprockets/move-asset-manifest-from-toplevel-to-config-subdir
Eliminate overlapping `app/assets` load path
|