From d06a1ee7eec96a1b52f21026e18a0a09219e66a8 Mon Sep 17 00:00:00 2001 From: Dimitri Roche Date: Fri, 13 Oct 2017 09:05:12 -0400 Subject: Update documentation to lead with ajax param `event.detail` --- guides/source/working_with_javascript_in_rails.md | 55 ++++++++--------------- 1 file changed, 19 insertions(+), 36 deletions(-) (limited to 'guides/source') diff --git a/guides/source/working_with_javascript_in_rails.md b/guides/source/working_with_javascript_in_rails.md index 098366ec1b..f8cfac3995 100644 --- a/guides/source/working_with_javascript_in_rails.md +++ b/guides/source/working_with_javascript_in_rails.md @@ -188,15 +188,19 @@ bind to the `ajax:success` event. On failure, use `ajax:error`. Check it out: ```coffeescript $(document).ready -> - $("#new_article").on("ajax:success", (e, data, status, xhr) -> + $("#new_article").on("ajax:success", (event) -> + [data, status, xhr] = event.detail $("#new_article").append xhr.responseText - ).on "ajax:error", (e, xhr, status, error) -> + ).on "ajax:error", (event) -> $("#new_article").append "

ERROR

" ``` Obviously, you'll want to be a bit more sophisticated than that, but it's a start. +NOTE: As of Rails 5.1 and the new `rails-ujs`, the parameters `e, data, status, xhr` +have been bundled into `event.detail`. + #### link_to [`link_to`](http://api.rubyonrails.org/classes/ActionView/Helpers/UrlHelper.html#method-i-link_to) @@ -225,7 +229,7 @@ and write some CoffeeScript like this: ```coffeescript $ -> - $("a[data-remote]").on "ajax:success", (e, data, status, xhr) -> + $("a[data-remote]").on "ajax:success", (event) -> alert "The article was deleted." ``` @@ -343,39 +347,6 @@ This generates a form with: ``` -Dealing with Ajax events ------------------------- - -Here are the different events that are fired when you deal with elements -that have a `data-remote` attribute: - -NOTE: All handlers bound to these events are always passed the event object as the -first argument. The table below describes the extra parameters passed after the -event argument. For example, if the extra parameters are listed as `xhr, settings`, -then to access them, you would define your handler with `function(event, xhr, settings)`. - -| Event name | Extra parameters | Fired | -|---------------------|------------------|-------------------------------------------------------------| -| `ajax:before` | | Before the whole ajax business, aborts if stopped. | -| `ajax:beforeSend` | xhr, options | Before the request is sent, aborts if stopped. | -| `ajax:send` | xhr | When the request is sent. | -| `ajax:success` | xhr, status, err | After completion, if the response was a success. | -| `ajax:error` | xhr, status, err | After completion, if the response was an error. | -| `ajax:complete` | xhr, status | After the request has been completed, no matter the outcome.| -| `ajax:aborted:file` | elements | If there are non-blank file inputs, aborts if stopped. | - -### Stoppable events - -If you stop `ajax:before` or `ajax:beforeSend` by returning false from the -handler method, the Ajax request will never take place. The `ajax:before` event -is also useful for manipulating form data before serialization. The -`ajax:beforeSend` event is also useful for adding custom request headers. - -If you stop the `ajax:aborted:file` event, the default behavior of allowing the -browser to submit the form via normal means (i.e. non-Ajax submission) will be -canceled and the form will not be submitted at all. This is useful for -implementing your own Ajax file upload workaround. - ### Rails-ujs event handlers Rails 5.1 introduced rails-ujs and dropped jQuery as a dependency. @@ -405,6 +376,18 @@ document.body.addEventListener('ajax:success', function(event) { }) ``` +### Stoppable events + +If you stop `ajax:before` or `ajax:beforeSend` by returning false from the +handler method, the Ajax request will never take place. The `ajax:before` event +is also useful for manipulating form data before serialization. The +`ajax:beforeSend` event is also useful for adding custom request headers. + +If you stop the `ajax:aborted:file` event, the default behavior of allowing the +browser to submit the form via normal means (i.e. non-Ajax submission) will be +canceled and the form will not be submitted at all. This is useful for +implementing your own Ajax file upload workaround. + Server-Side Concerns -------------------- -- cgit v1.2.3 From 1997c9a13730cc82e3c4d42ab2995452cfa21074 Mon Sep 17 00:00:00 2001 From: Roman Kovtunenko Date: Sun, 19 Nov 2017 21:54:30 +0200 Subject: Fix names of http authentication modules in api_app guides --- guides/source/api_app.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'guides/source') diff --git a/guides/source/api_app.md b/guides/source/api_app.md index 43a7de88b0..b360f270d7 100644 --- a/guides/source/api_app.md +++ b/guides/source/api_app.md @@ -414,8 +414,10 @@ Some common modules you might want to add: - `AbstractController::Translation`: Support for the `l` and `t` localization and translation methods. -- `ActionController::HttpAuthentication::Basic` (or `Digest` or `Token`): Support - for basic, digest or token HTTP authentication. +- Support for basic, digest or token HTTP authentication: + * `ActionController::HttpAuthentication::Basic::ControllerMethods`, + * `ActionController::HttpAuthentication::Digest::ControllerMethods`, + * `ActionController::HttpAuthentication::Token::ControllerMethods` - `ActionView::Layouts`: Support for layouts when rendering. - `ActionController::MimeResponds`: Support for `respond_to`. - `ActionController::Cookies`: Support for `cookies`, which includes -- cgit v1.2.3 From d5eb8f23c8543ae3c8cff6aefdbb6bbcf2f28128 Mon Sep 17 00:00:00 2001 From: Francis Go Date: Wed, 22 Nov 2017 16:33:28 +0000 Subject: Update Action Cable Overview Guide [ci skip] --- guides/source/action_cable_overview.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'guides/source') diff --git a/guides/source/action_cable_overview.md b/guides/source/action_cable_overview.md index 57403a4bf9..1a86b1fcbb 100644 --- a/guides/source/action_cable_overview.md +++ b/guides/source/action_cable_overview.md @@ -1,12 +1,12 @@ Action Cable Overview ===================== -In this guide you will learn how Action Cable works and how to use WebSockets to +In this guide, you will learn how Action Cable works and how to use WebSockets to incorporate real-time features into your Rails application. After reading this guide, you will know: -* What Action Cable is and its integration on backend and frontend +* What Action Cable is and its integration backend and frontend * How to setup Action Cable * How to setup channels * Deployment and Architecture setup for running Action Cable @@ -129,7 +129,7 @@ subscriptions based on an identifier sent by the cable consumer. # app/channels/chat_channel.rb class ChatChannel < ApplicationCable::Channel # Called when the consumer has successfully - # become a subscriber of this channel. + # become a subscriber to this channel. def subscribed end end @@ -225,7 +225,7 @@ A *broadcasting* is a pub/sub link where anything transmitted by a publisher is routed directly to the channel subscribers who are streaming that named broadcasting. Each channel can be streaming zero or more broadcastings. -Broadcastings are purely an online queue and time dependent. If a consumer is +Broadcastings are purely an online queue and time-dependent. If a consumer is not streaming (subscribed to a given channel), they'll not get the broadcast should they connect later. @@ -515,8 +515,8 @@ user. For a user with an ID of 1, the broadcasting name would be The channel has been instructed to stream everything that arrives at `web_notifications:1` directly to the client by invoking the `received` callback. The data passed as argument is the hash sent as the second parameter -to the server-side broadcast call, JSON encoded for the trip across the wire, -and unpacked for the data argument arriving to `received`. +to the server-side broadcast call, JSON encoded for the trip across the wire +and unpacked for the data argument arriving as `received`. ### More Complete Examples @@ -569,7 +569,7 @@ This may change in the future. [#27214](https://github.com/rails/rails/issues/27 Action Cable will only accept requests from specified origins, which are passed to the server config as an array. The origins can be instances of -strings or regular expressions, against which a check for match will be performed. +strings or regular expressions, against which a check for the match will be performed. ```ruby config.action_cable.allowed_request_origins = ['http://rubyonrails.com', %r{http://ruby.*}] @@ -592,7 +592,7 @@ environment configuration files. ### Other Configurations -The other common option to configure, is the log tags applied to the +The other common option to configure is the log tags applied to the per-connection logger. Here's an example that uses the user account id if available, else "no-account" while tagging: @@ -607,7 +607,7 @@ config.action_cable.log_tags = [ For a full list of all configuration options, see the `ActionCable::Server::Configuration` class. -Also note that your server must provide at least the same number of database +Also, note that your server must provide at least the same number of database connections as you have workers. The default worker pool size is set to 4, so that means you have to make at least that available. You can change that in `config/database.yml` through the `pool` attribute. -- cgit v1.2.3 From b01cc6663f91e825ffdf862a761e7bfc3d2ffd85 Mon Sep 17 00:00:00 2001 From: Avneet Singh Malhotra Date: Fri, 24 Nov 2017 13:38:21 +0530 Subject: Correct render method's response header's content type for option(:body) from text/html to text/plain. (#31212) --- guides/source/layouts_and_rendering.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source') diff --git a/guides/source/layouts_and_rendering.md b/guides/source/layouts_and_rendering.md index f4597b0e60..4d79b2db89 100644 --- a/guides/source/layouts_and_rendering.md +++ b/guides/source/layouts_and_rendering.md @@ -285,7 +285,7 @@ the response. Using `:plain` or `:html` might be more appropriate most of the time. NOTE: Unless overridden, your response returned from this render option will be -`text/html`, as that is the default content type of Action Dispatch response. +`text/plain`, as that is the default content type of Action Dispatch response. #### Options for `render` -- cgit v1.2.3 From a6b0930ff164701e208308d9c23e36e6d05d5ae2 Mon Sep 17 00:00:00 2001 From: Dimitri Roche Date: Fri, 13 Oct 2017 09:05:12 -0400 Subject: Update documentation to lead with ajax param `event.detail` --- guides/source/working_with_javascript_in_rails.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'guides/source') diff --git a/guides/source/working_with_javascript_in_rails.md b/guides/source/working_with_javascript_in_rails.md index f8cfac3995..fc9d3d0ce3 100644 --- a/guides/source/working_with_javascript_in_rails.md +++ b/guides/source/working_with_javascript_in_rails.md @@ -198,8 +198,9 @@ $(document).ready -> Obviously, you'll want to be a bit more sophisticated than that, but it's a start. -NOTE: As of Rails 5.1 and the new `rails-ujs`, the parameters `e, data, status, xhr` -have been bundled into `event.detail`. +NOTE: As of Rails 5.1 and the new `rails-ujs`, the parameters `data, status, xhr` +have been bundled into `event.detail`. For information about the previously used +`jquery-ujs` in Rails 5 and earlier, read the [`jquery-ujs` wiki](https://github.com/rails/jquery-ujs/wiki/ajax). #### link_to @@ -376,12 +377,16 @@ document.body.addEventListener('ajax:success', function(event) { }) ``` +NOTE: As of Rails 5.1 and the new `rails-ujs`, the parameters `data, status, xhr` +have been bundled into `event.detail`. For information about the previously used +`jquery-ujs` in Rails 5 and earlier, read the [`jquery-ujs` wiki](https://github.com/rails/jquery-ujs/wiki/ajax). + ### Stoppable events If you stop `ajax:before` or `ajax:beforeSend` by returning false from the handler method, the Ajax request will never take place. The `ajax:before` event -is also useful for manipulating form data before serialization. The -`ajax:beforeSend` event is also useful for adding custom request headers. +can manipulate form data before serialization and the +`ajax:beforeSend` event is useful for adding custom request headers. If you stop the `ajax:aborted:file` event, the default behavior of allowing the browser to submit the form via normal means (i.e. non-Ajax submission) will be -- cgit v1.2.3 From eb6d7d5aa0522ab8d3d6e32d91d8ac645883ee3c Mon Sep 17 00:00:00 2001 From: Atul Shimpi Date: Sat, 25 Nov 2017 16:13:17 +0530 Subject: =?UTF-8?q?[ci=20skip]=20SecureRandom=20should=20mentioned=20Win32?= =?UTF-8?q?=20CryptoAPI=20functions=20ins=E2=80=A6=20(#31225)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [ci skip] SecureRandom should mentioned Win32 CryptoAPI functions instead of Win32 * Remove functions word --- guides/source/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source') diff --git a/guides/source/security.md b/guides/source/security.md index fa90cadcd2..eeb005b661 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -52,7 +52,7 @@ User.find(session[:user_id]) NOTE: _The session ID is a 32-character random hex string._ -The session ID is generated using `SecureRandom.hex` which generates a random hex string using platform specific methods (such as OpenSSL, /dev/urandom or Win32) for generating cryptographically secure random numbers. Currently it is not feasible to brute-force Rails' session IDs. +The session ID is generated using `SecureRandom.hex` which generates a random hex string using platform specific methods (such as OpenSSL, /dev/urandom or Win32 CryptoAPI) for generating cryptographically secure random numbers. Currently it is not feasible to brute-force Rails' session IDs. ### Session Hijacking -- cgit v1.2.3 From 31eabcedb1f3f1c11f26dad239f0ecdbb1c60782 Mon Sep 17 00:00:00 2001 From: Francis Go Date: Sat, 25 Nov 2017 14:04:42 +0000 Subject: Update guide layout [ci skip] --- guides/source/layout.html.erb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'guides/source') diff --git a/guides/source/layout.html.erb b/guides/source/layout.html.erb index 334595e4d2..3981199e95 100644 --- a/guides/source/layout.html.erb +++ b/guides/source/layout.html.erb @@ -99,9 +99,9 @@ To get started, you can read our <%= link_to 'documentation contributions', 'http://edgeguides.rubyonrails.org/contributing_to_ruby_on_rails.html#contributing-to-the-rails-documentation' %> section.

- You may also find incomplete content, or stuff that is not up to date. + You may also find incomplete content or stuff that is not up to date. Please do add any missing documentation for master. Make sure to check - <%= link_to 'Edge Guides','http://edgeguides.rubyonrails.org' %> first to verify + <%= link_to 'Edge Guides', 'http://edgeguides.rubyonrails.org' %> first to verify if the issues are already fixed or not on the master branch. Check the <%= link_to 'Ruby on Rails Guides Guidelines', 'ruby_on_rails_guides_guidelines.html' %> for style and conventions. @@ -111,7 +111,7 @@ <%= link_to 'open an issue', 'https://github.com/rails/rails/issues' %>.

And last but not least, any kind of discussion regarding Ruby on Rails - documentation is very welcome in the <%= link_to 'rubyonrails-docs mailing list', 'https://groups.google.com/forum/#!forum/rubyonrails-docs' %>. + documentation is very welcome on the <%= link_to 'rubyonrails-docs mailing list', 'https://groups.google.com/forum/#!forum/rubyonrails-docs' %>.

-- cgit v1.2.3 From 260d6f112a0ffdbe03e6f5051504cb441c1e94cd Mon Sep 17 00:00:00 2001 From: npezza93 Date: Tue, 13 Jun 2017 10:54:35 -0400 Subject: Change `form_with` to generates ids by default When `form_with` was introduced we disabled the automatic generation of ids that was enabled in `form_for`. This usually is not an good idea since labels don't work when the input doesn't have an id and it made harder to test with Capybara. You can still disable the automatic generation of ids setting `config.action_view.form_with_generates_ids` to `false.` --- guides/source/configuring.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'guides/source') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index 6e129a5680..4bfcc1e21a 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -578,6 +578,8 @@ Defaults to `'signed cookie'`. * `config.action_view.form_with_generates_remote_forms` determines whether `form_with` generates remote forms or not. This defaults to `true`. +* `config.action_view.form_with_generates_ids` determines whether `form_with` generates ids on inputs. This defaults to `true`. + ### Configuring Action Mailer There are a number of settings available on `config.action_mailer`: -- cgit v1.2.3 From ed564f7db7fb9df58b095b66ab4668f626d6c4b5 Mon Sep 17 00:00:00 2001 From: "Ashley Engelund (weedySeaDragon @ github)" Date: Sun, 26 Nov 2017 00:16:38 -0800 Subject: gendered wording not necessary; changed to neutral [ci skip] --- guides/source/engines.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source') diff --git a/guides/source/engines.md b/guides/source/engines.md index b226eac347..8f4edce04a 100644 --- a/guides/source/engines.md +++ b/guides/source/engines.md @@ -921,7 +921,7 @@ engine: mattr_accessor :author_class ``` -This method works like its brothers, `attr_accessor` and `cattr_accessor`, but +This method works like its siblings, `attr_accessor` and `cattr_accessor`, but provides a setter and getter method on the module with the specified name. To use it, it must be referenced using `Blorgh.author_class`. -- cgit v1.2.3 From 2cec7ccc691f9abaa480e23f57c4003f766c876d Mon Sep 17 00:00:00 2001 From: "Ashley Engelund (weedySeaDragon @ github)" Date: Sun, 26 Nov 2017 00:21:29 -0800 Subject: verb tense correction [ci skip] --- guides/source/engines.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source') diff --git a/guides/source/engines.md b/guides/source/engines.md index 8f4edce04a..fddfdd37e7 100644 --- a/guides/source/engines.md +++ b/guides/source/engines.md @@ -982,7 +982,7 @@ Blorgh.author_class = "User" WARNING: It's very important here to use the `String` version of the class, rather than the class itself. If you were to use the class, Rails would attempt to load that class and then reference the related table. This could lead to -problems if the table wasn't already existing. Therefore, a `String` should be +problems if the table didn't already exist. Therefore, a `String` should be used and then converted to a class using `constantize` in the engine later on. Go ahead and try to create a new article. You will see that it works exactly in the -- cgit v1.2.3 From 092d1af137d6d52349880417923874e17508e608 Mon Sep 17 00:00:00 2001 From: "Ashley Engelund (weedySeaDragon @ github)" Date: Sun, 26 Nov 2017 00:31:40 -0800 Subject: fix comma splice [ci skip] --- guides/source/engines.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source') diff --git a/guides/source/engines.md b/guides/source/engines.md index fddfdd37e7..33694cf76a 100644 --- a/guides/source/engines.md +++ b/guides/source/engines.md @@ -1514,7 +1514,7 @@ To hook into the initialization process of one of the following classes use the ## Configuration hooks -These are the available configuration hooks. They do not hook into any particular framework, instead they run in context of the entire application. +These are the available configuration hooks. They do not hook into any particular framework, but instead they run in context of the entire application. | Hook | Use Case | | ---------------------- | ------------------------------------------------------------------------------------- | -- cgit v1.2.3 From c30c434527d40bca6b28f0714ac8f8f94715763a Mon Sep 17 00:00:00 2001 From: Prathamesh Sonpatki Date: Mon, 27 Nov 2017 12:13:30 +0530 Subject: Added first draft of Rails 5.2 release notes [ci skip] --- guides/source/5_2_release_notes.md | 205 +++++++++++++++++++++++++++++++++++++ 1 file changed, 205 insertions(+) create mode 100644 guides/source/5_2_release_notes.md (limited to 'guides/source') diff --git a/guides/source/5_2_release_notes.md b/guides/source/5_2_release_notes.md new file mode 100644 index 0000000000..e42f81fef4 --- /dev/null +++ b/guides/source/5_2_release_notes.md @@ -0,0 +1,205 @@ +**DO NOT READ THIS FILE ON GITHUB, GUIDES ARE PUBLISHED ON http://guides.rubyonrails.org.** + +Ruby on Rails 5.2 Release Notes +=============================== + +Highlights in Rails 5.2: + +* Active Storage +* Redis Cache Store +* HTTP/2 Early hints support +* Credentials + +These release notes cover only the major changes. To learn about various bug +fixes and changes, please refer to the change logs or check out the [list of +commits](https://github.com/rails/rails/commits/5-2-stable) in the main Rails +repository on GitHub. + +-------------------------------------------------------------------------------- + +Upgrading to Rails 5.2 +---------------------- + +If you're upgrading an existing application, it's a great idea to have good test +coverage before going in. You should also first upgrade to Rails 5.1 in case you +haven't and make sure your application still runs as expected before attempting +an update to Rails 5.2. + + +Major Features +-------------- + +### Active Storage + +[README](https://github.com/rails/rails/blob/d3893ec38ec61282c2598b01a298124356d6b35a/activestorage/README.md) + +### Redis Cache Store + +[Pull Request](https://github.com/rails/rails/pull/31134) + + +### HTTP/2 Early hints support + +[Pull Request](https://github.com/rails/rails/pull/30744) + + +### Credentials + +[Pull Request](https://github.com/rails/rails/pull/30067) + + +Incompatibilities +----------------- + +ToDo + +Railties +-------- + +Please refer to the [Changelog][railties] for detailed changes. + +### Removals + +ToDo + +### Notable changes + +ToDo + +Action Cable +----------- + +Please refer to the [Changelog][action-cable] for detailed changes. + +### Notable changes + +ToDo + +Action Pack +----------- + +Please refer to the [Changelog][action-pack] for detailed changes. + +### Removals + +ToDo + +### Deprecations + +ToDo + +### Notable changes + +ToDo + +Action View +------------- + +Please refer to the [Changelog][action-view] for detailed changes. + +### Removals + +ToDo + +### Deprecations + +ToDo + +### Notable changes + +ToDo + +Action Mailer +------------- + +Please refer to the [Changelog][action-mailer] for detailed changes. + +### Notable changes + +ToDo + +Active Record +------------- + +Please refer to the [Changelog][active-record] for detailed changes. + +ToDo + +### Deprecations + +ToDo + +### Notable changes + +ToDo + +Active Model +------------ + +Please refer to the [Changelog][active-model] for detailed changes. + +### Removals + +ToDo + +### Notable changes + +ToDo + +Active Storage +-------------- + +Please refer to the [Changelog][active-support] for detailed changes. + +### Notable changes + +ToDo + +Active Support +-------------- + +Please refer to the [Changelog][active-support] for detailed changes. + +### Removals + +ToDo + +### Deprecations + +ToDo + +### Notable changes + +ToDo + +Active Job +----------- + +Please refer to the [Changelog][active-job] for detailed changes. + +### Removals + +ToDo + +### Notable changes + +ToDo + +Credits +------- + +See the +[full list of contributors to Rails](http://contributors.rubyonrails.org/) for +the many people who spent many hours making Rails, the stable and robust +framework it is. Kudos to all of them. + +[railties]: https://github.com/rails/rails/blob/5-2-stable/railties/CHANGELOG.md +[action-pack]: https://github.com/rails/rails/blob/5-2-stable/actionpack/CHANGELOG.md +[action-view]: https://github.com/rails/rails/blob/5-2-stable/actionview/CHANGELOG.md +[action-mailer]: https://github.com/rails/rails/blob/5-2-stable/actionmailer/CHANGELOG.md +[action-cable]: https://github.com/rails/rails/blob/5-2-stable/actioncable/CHANGELOG.md +[active-record]: https://github.com/rails/rails/blob/5-2-stable/activerecord/CHANGELOG.md +[active-model]: https://github.com/rails/rails/blob/5-2-stable/activemodel/CHANGELOG.md +[active-storage]: https://github.com/rails/rails/blob/5-2-stable/activestorage/CHANGELOG.md +[active-support]: https://github.com/rails/rails/blob/5-2-stable/activesupport/CHANGELOG.md +[active-job]: https://github.com/rails/rails/blob/5-2-stable/activejob/CHANGELOG.md -- cgit v1.2.3 From 3f89a05c456ff7de2400fb89bf63f5d264f965a4 Mon Sep 17 00:00:00 2001 From: Prathamesh Sonpatki Date: Mon, 27 Nov 2017 16:00:52 +0530 Subject: Added CSP as major feature [ci skip] --- guides/source/5_2_release_notes.md | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'guides/source') diff --git a/guides/source/5_2_release_notes.md b/guides/source/5_2_release_notes.md index e42f81fef4..eb361e200a 100644 --- a/guides/source/5_2_release_notes.md +++ b/guides/source/5_2_release_notes.md @@ -9,6 +9,7 @@ Highlights in Rails 5.2: * Redis Cache Store * HTTP/2 Early hints support * Credentials +* Default Content Security Policy These release notes cover only the major changes. To learn about various bug fixes and changes, please refer to the change logs or check out the [list of @@ -48,6 +49,10 @@ Major Features [Pull Request](https://github.com/rails/rails/pull/30067) +### Default Content Security Policy + +[Pull Request](https://github.com/rails/rails/pull/31162) + Incompatibilities ----------------- -- cgit v1.2.3 From 9c10fec4c06da38f8975dfb851f4d899aa85f8b7 Mon Sep 17 00:00:00 2001 From: Prathamesh Sonpatki Date: Mon, 27 Nov 2017 17:14:20 +0530 Subject: Update the middleware list with CSP [ci skip] --- guides/source/rails_on_rack.md | 1 + 1 file changed, 1 insertion(+) (limited to 'guides/source') diff --git a/guides/source/rails_on_rack.md b/guides/source/rails_on_rack.md index aa1476ecc0..8caddc785a 100644 --- a/guides/source/rails_on_rack.md +++ b/guides/source/rails_on_rack.md @@ -122,6 +122,7 @@ use ActiveRecord::Migration::CheckPending use ActionDispatch::Cookies use ActionDispatch::Session::CookieStore use ActionDispatch::Flash +use ActionDispatch::ContentSecurityPolicy::Middleware use Rack::Head use Rack::ConditionalGet use Rack::ETag -- cgit v1.2.3 From 9cb7c90c59f18d72c13da5808ad368f4f5b60f36 Mon Sep 17 00:00:00 2001 From: Francis Go Date: Mon, 27 Nov 2017 18:43:24 +0000 Subject: Update Rails on Rack guide [ci skip] --- guides/source/rails_on_rack.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'guides/source') diff --git a/guides/source/rails_on_rack.md b/guides/source/rails_on_rack.md index aa1476ecc0..34b709015e 100644 --- a/guides/source/rails_on_rack.md +++ b/guides/source/rails_on_rack.md @@ -249,7 +249,7 @@ Much of Action Controller's functionality is implemented as Middlewares. The fol **`Rails::Rack::Logger`** -* Notifies the logs that the request has began. After request is complete, flushes all the logs. +* Notifies the logs that the request has begun. After the request is complete, flushes all the logs. **`ActionDispatch::ShowExceptions`** @@ -289,7 +289,7 @@ Much of Action Controller's functionality is implemented as Middlewares. The fol **`Rack::ConditionalGet`** -* Adds support for "Conditional `GET`" so that server responds with nothing if page wasn't changed. +* Adds support for "Conditional `GET`" so that server responds with nothing if the page wasn't changed. **`Rack::ETag`** -- cgit v1.2.3 From 052620e00347a51926bdebd8afa529e3399176cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Mon, 27 Nov 2017 14:51:20 -0500 Subject: Add releases notes to the guides index --- guides/source/documents.yaml | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'guides/source') diff --git a/guides/source/documents.yaml b/guides/source/documents.yaml index 126d2e4845..2a4abab116 100644 --- a/guides/source/documents.yaml +++ b/guides/source/documents.yaml @@ -193,6 +193,10 @@ name: Upgrading Ruby on Rails url: upgrading_ruby_on_rails.html description: This guide helps in upgrading applications to latest Ruby on Rails versions. + - + name: Ruby on Rails 5.2 Release Notes + url: 5_2_release_notes.html + description: Release notes for Rails 5.2. - name: Ruby on Rails 5.1 Release Notes url: 5_1_release_notes.html -- cgit v1.2.3 From ce180231d954785b8c91ba4f9ba3fc12ff2e0de3 Mon Sep 17 00:00:00 2001 From: Dixit Patel Date: Tue, 28 Nov 2017 16:42:11 +0530 Subject: [ci skip] Update MVC wiki link --- guides/source/action_controller_overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source') diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md index 28f7246197..6ecfb57db3 100644 --- a/guides/source/action_controller_overview.md +++ b/guides/source/action_controller_overview.md @@ -21,7 +21,7 @@ After reading this guide, you will know: What Does a Controller Do? -------------------------- -Action Controller is the C in MVC. After the router has determined which controller to use for a request, the controller is responsible for making sense of the request and producing the appropriate output. Luckily, Action Controller does most of the groundwork for you and uses smart conventions to make this as straightforward as possible. +Action Controller is the C in [MVC](https://en.wikipedia.org/wiki/Model%E2%80%93view%E2%80%93controller). After the router has determined which controller to use for a request, the controller is responsible for making sense of the request, and producing the appropriate output. Luckily, Action Controller does most of the groundwork for you and uses smart conventions to make this as straightforward as possible. For most conventional [RESTful](https://en.wikipedia.org/wiki/Representational_state_transfer) applications, the controller will receive the request (this is invisible to you as the developer), fetch or save data from a model and use a view to create HTML output. If your controller needs to do things a little differently, that's not a problem, this is just the most common way for a controller to work. -- cgit v1.2.3