From cb3e96a447df592947ae10221c7494eb8bf08012 Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Sat, 26 Mar 2011 10:28:39 -0700 Subject: Make JavaScriptHelper#j() an alias for JavaScriptHelper#escape_javascript() -- note this then supersedes the Object#j() method that the JSON gem adds within templates using the JavaScriptHelper [DHH] --- actionpack/CHANGELOG | 2 ++ 1 file changed, 2 insertions(+) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 5ab92c8cfc..a8a4338630 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *Rails 3.1.0 (unreleased)* +* Make JavaScriptHelper#j() an alias for JavaScriptHelper#escape_javascript() -- note this then supersedes the Object#j() method that the JSON gem adds within templates using the JavaScriptHelper [DHH] + * Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. [Prem Sichanugrist, fxn] * URL parameters which return false for to_param now appear in the query string (previously they were removed) [Andrew White] -- cgit v1.2.3 From f8a05ad297d637596d029b013bb65128ca0aa8bd Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Sat, 26 Mar 2011 14:44:36 -0700 Subject: Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash [DHH] --- actionpack/CHANGELOG | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index a8a4338630..cc19402243 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,9 @@ *Rails 3.1.0 (unreleased)* +* Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash [DHH] + + form_for(@post, remote: true, method: :delete) instead of form_for(@post, remote: true, html: { method: :delete }) + * Make JavaScriptHelper#j() an alias for JavaScriptHelper#escape_javascript() -- note this then supersedes the Object#j() method that the JSON gem adds within templates using the JavaScriptHelper [DHH] * Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. [Prem Sichanugrist, fxn] -- cgit v1.2.3 From 7cbdfa83035aacb0d4dbfa84525b54e9122efb75 Mon Sep 17 00:00:00 2001 From: Prem Sichanugrist Date: Mon, 28 Mar 2011 03:05:14 +0800 Subject: Add controller-specific `force_ssl` method to force web browser to use HTTPS protocol This would become useful for site which sometime transferring sensitive information such as account information on particular controller or action. This featured was requested by DHH. --- actionpack/CHANGELOG | 2 ++ 1 file changed, 2 insertions(+) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index cc19402243..a90a7b37f7 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *Rails 3.1.0 (unreleased)* +* Allow you to add `force_ssl` into controller to force browser to transfer data via HTTPS protocol on that particular controller. You can also specify `:only` or `:except` to specific it to particular action. [DHH and Prem Sichanugrist] + * Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash [DHH] form_for(@post, remote: true, method: :delete) instead of form_for(@post, remote: true, html: { method: :delete }) -- cgit v1.2.3 From e2b07ee000439d0bd41f725ff9f7ad53e52a7e9b Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Mon, 28 Mar 2011 18:09:50 -0700 Subject: Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call [DHH] --- actionpack/CHANGELOG | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index a90a7b37f7..7f1e7d1c1d 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,42 @@ *Rails 3.1.0 (unreleased)* +* Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call [DHH] + + class PostsController < ApplicationController + USER_NAME, PASSWORD = "dhh", "secret" + + before_filter :authenticate, :except => [ :index ] + + def index + render :text => "Everyone can see me!" + end + + def edit + render :text => "I'm only accessible if you know the password" + end + + private + def authenticate + authenticate_or_request_with_http_basic do |user_name, password| + user_name == USER_NAME && password == PASSWORD + end + end + end + + ..can now be written as + + class PostsController < ApplicationController + http_basic_authenticate_with :name => "dhh", "secret", :except => :index + + def index + render :text => "Everyone can see me!" + end + + def edit + render :text => "I'm only accessible if you know the password" + end + end + * Allow you to add `force_ssl` into controller to force browser to transfer data via HTTPS protocol on that particular controller. You can also specify `:only` or `:except` to specific it to particular action. [DHH and Prem Sichanugrist] * Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash [DHH] -- cgit v1.2.3 From 3d1e7c2645af6c187d5ab6d2a02bd1e7b9ad7af3 Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Mon, 28 Mar 2011 18:15:41 -0700 Subject: Fix examples --- actionpack/CHANGELOG | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 7f1e7d1c1d..6032c6b7da 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -26,7 +26,7 @@ ..can now be written as class PostsController < ApplicationController - http_basic_authenticate_with :name => "dhh", "secret", :except => :index + http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index def index render :text => "Everyone can see me!" -- cgit v1.2.3 From 51551a0a5bd6f7e4116bc3759a4d7c15634643dc Mon Sep 17 00:00:00 2001 From: Prem Sichanugrist Date: Tue, 29 Mar 2011 02:59:24 +0700 Subject: Update the wildcard route to be non-greedy by default, therefore be able to match the (.:format) segment [#6605 state:resolved] After some discussion with Andrew White, it seems like this is a better approach for handling a wildcard route. However, user can still bring back the old behavior by supplying `:format => false` to the route. Signed-off-by: Andrew White --- actionpack/CHANGELOG | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 6032c6b7da..3eba2281c4 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,13 @@ *Rails 3.1.0 (unreleased)* +* Wildcard route will always matching the optional format segment by default. For example if you have this route: + + map '*pages' => 'pages#show' + + by requesting '/foo/bar.json', your `params[:pages]` will be equals to "foo/bar" with the request format of JSON. If you want the old 3.0.x behavior back, you could supply `:format => false` like this: + + map '*pages' => 'pages#show', :format => false + * Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call [DHH] class PostsController < ApplicationController -- cgit v1.2.3