From d0703280c7c4a3d958fe5c5743def7808383ad75 Mon Sep 17 00:00:00 2001 From: Robin Dupret Date: Sat, 3 Jan 2015 12:58:19 +0100 Subject: Avoid displaying new lines inside note paragraphs Commit 65a2977 added a `pre-wrap` style for white spaces on `.note` paragraphs. However, this is first inconsistent as other notes like warnings don't have this style applied. Furthermore, it seems to be unneeded for mobile devices. Also revert changes made in #18147 since they aren't needed anymore. Cross-refs #18138. [ci skip] --- guides/source/active_record_querying.md | 3 ++- guides/source/security.md | 9 ++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'guides/source') diff --git a/guides/source/active_record_querying.md b/guides/source/active_record_querying.md index e0a9add2be..6cfb6c5ca5 100644 --- a/guides/source/active_record_querying.md +++ b/guides/source/active_record_querying.md @@ -1384,7 +1384,8 @@ WHERE people.name = 'John' LIMIT 1 ``` -NOTE: Remember that, if `find_by` returns more than one registry, it will take just the first and ignore the others. Note the `LIMIT 1` statement above. +NOTE: Remember that, if `find_by` returns more than one registry, it will take +just the first and ignore the others. Note the `LIMIT 1` statement above. Find or Build a New Object -------------------------- diff --git a/guides/source/security.md b/guides/source/security.md index 4a80edbdad..e4cc79df55 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -249,7 +249,14 @@ protect_from_forgery with: :exception This will automatically include a security token in all forms and Ajax requests generated by Rails. If the security token doesn't match what was expected, an exception will be thrown. -NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for jQuery](https://github.com/rails/jquery-ujs), which adds a header called `X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token. Without this header, non-GET Ajax requests won't be accepted by Rails. When using another library to make Ajax calls, it is necessary to add the security token as a default header for Ajax calls in your library. To get the token, have a look at `` tag printed by `<%= csrf_meta_tags %>` in your application view. +NOTE: By default, Rails includes jQuery and an [unobtrusive scripting adapter for +jQuery](https://github.com/rails/jquery-ujs), which adds a header called +`X-CSRF-Token` on every non-GET Ajax call made by jQuery with the security token. +Without this header, non-GET Ajax requests won't be accepted by Rails. When using +another library to make Ajax calls, it is necessary to add the security token as +a default header for Ajax calls in your library. To get the token, have a look at +`` tag printed by +`<%= csrf_meta_tags %>` in your application view. It is common to use persistent cookies to store user information, with `cookies.permanent` for example. In this case, the cookies will not be cleared and the out of the box CSRF protection will not be effective. If you are using a different cookie store than the session for this information, you must handle what to do with it yourself: -- cgit v1.2.3