From e385e4678fc64be6e176c3bdac6641db9fe48d85 Mon Sep 17 00:00:00 2001 From: Ilkka Oksanen Date: Fri, 29 Jun 2018 12:41:34 +0200 Subject: Don't handle params option in a special way in url_for helper --- actionpack/CHANGELOG.md | 4 ++++ actionpack/lib/action_dispatch/routing/route_set.rb | 4 ---- actionpack/test/controller/base_test.rb | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'actionpack') diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index a30f178190..0d6e6941ea 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,7 @@ +* Remove undocumented `params` option from `url_from` helper + + *Ilkka Oksanen* + * Purpose metadata for signed/encrypted cookies. Rails can now thwart attacks that attempt to copy signed/encrypted value diff --git a/actionpack/lib/action_dispatch/routing/route_set.rb b/actionpack/lib/action_dispatch/routing/route_set.rb index 07d3a41173..233c9ff244 100644 --- a/actionpack/lib/action_dispatch/routing/route_set.rb +++ b/actionpack/lib/action_dispatch/routing/route_set.rb @@ -820,10 +820,6 @@ module ActionDispatch path, params = generate(route_name, path_options, recall) - if options.key? :params - params.merge! options[:params] - end - options[:path] = path options[:script_name] = script_name options[:params] = params diff --git a/actionpack/test/controller/base_test.rb b/actionpack/test/controller/base_test.rb index a672ede1a9..907de44bdb 100644 --- a/actionpack/test/controller/base_test.rb +++ b/actionpack/test/controller/base_test.rb @@ -193,7 +193,7 @@ class UrlOptionsTest < ActionController::TestCase action: "home", controller: "pages", only_path: true, - params: { "token" => "secret" } + token: "secret" } assert_equal "/home?token=secret", rs.url_for(options) -- cgit v1.2.3