github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-04-26 03:00:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
21,093 Commits 34 Branches 105 Tags
7112cf5e021d8da7c4e073a4e2d2a4afb10671ec
Commit Graph

6582 Commits

Author SHA1 Message Date
Josh Kalderimis
0f8d2794f2 updated Time, Date and DateTime current methods in AS to use Time.zone and not Time.zone_default. 
[#6410 state:committed]
 2011-02-28 14:05:49 -08:00
Santiago Pastorino
53b17e9ad0 javascript_include_tag shouldn't raise if you register an expansion key with nil value 2011-02-28 11:52:00 -02:00
Santiago Pastorino
801e314006 Add tests for register expansion methods with key = [] 2011-02-28 11:30:12 -02:00
Prem Sichanugrist
839d06f5f2 We're in 2011, let's update our license 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-22 18:24:20 -02:00
Michael Koziarski
3d907a68d9 Prepend the CSRF filter to make it much more difficult to execute application code before it fires. 2011-02-23 09:00:41 +13:00
Xavier Noria
f41bf6938f merges docrails 2011-02-18 23:22:15 +01:00
Nicholas Rowe
9a9d895481 Fix Typos: remove several occurences of the the 2011-02-17 20:46:52 -05:00
Steve Schwartz
f4ddb4da89 Added RDoc info for accepted options for simple_format in TextHelper. 2011-02-15 12:58:57 -05:00
Andrew White
ccc678b49e Add test to prevent regression on namespace root nested in a resource 
[#6389 state:resolved]
 2011-02-14 06:12:22 +00:00
Andrew White
460a341682 Fix named route helper for routes nested inside deeply nested resources 
[#6416 state:resolved]
 2011-02-14 02:56:09 +00:00
Andrew White
fd7605826a Add notes on how to override the default :id constraint [#5994 state:resolved] 2011-02-14 01:01:20 +00:00
Andrew White
af4fab7d2e Remove incorrect assert_recognizes example 2011-02-13 23:25:57 +00:00
Andrew White
385be358cf Fix assert_recognizes with block constraints [#5805 state:resolved] 2011-02-13 23:24:46 +00:00
Santiago Pastorino
944d314244 Add Date#rfc3339 and Date#iso8601 to AS 2011-02-13 02:10:13 -02:00
Josh Kalderimis
33cc36678b Allow for the format of time_tag in AP to be changed via an option argument. 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-12 22:22:30 -02:00
Sjoerd Andringa
95a5bd87cb Added time_tag helper to AP for HTML5 time tag [#5919 state:resolved] 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-12 22:22:18 -02:00
Josh Kalderimis
e2b99eb1a7 Applied changes to stylesheet_link_tag from javascript_include_tag which corrects issues with ordering and duplicates. 2011-02-13 05:50:25 +08:00
Josh Kalderimis
1363bb8f72 This corrects two issues with javascript_include_tag, the order at which they are expanded, and removing duplicates. 
When individual js assets are specified, they will override the order of the same asset specified in an expansion.

[#5938 state:resolved]
 2011-02-13 05:50:24 +08:00
Carlos Antonio da Silva
ad5b4d980a Remove duplicated action pack tests added to fix issue with fields_for, nested attributes and erb 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-12 16:40:41 -02:00
Tom Stuart
829de9d98e Add block support to button_tag helper 
As per the HTML 4.01 spec:

  Buttons created with the BUTTON element function just like buttons
  created with the INPUT element, but they offer richer rendering
  possibilities: the BUTTON element may have content. For example, a
  BUTTON element that contains an image functions like and may resemble
  an INPUT element whose type is set to "image", but the BUTTON element
  type allows content.

Since rich content is the main purpose of the <button> element, it makes
sense for the button_tag helper to accept a block.

http://www.w3.org/TR/html401/interact/forms.html#edef-BUTTON
http://dev.w3.org/html5/spec/the-button-element.html#the-button-element

Signed-off-by: Santiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
 2011-02-12 13:52:00 -02:00
Tom Stuart
03749d6c88 Make type="submit" the default for button_tag helper 
"submit" is the default value of the <button> element's type attribute
according to the HTML 4.01 and the HTML5 draft specs, so if button_tag
is going to have a default, type="submit" is a more sensible choice than
type="button".

http://www.w3.org/TR/html401/interact/forms.html#adef-type-BUTTON
http://dev.w3.org/html5/spec/the-button-element.html#attr-button-type

Signed-off-by: Santiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
 2011-02-12 13:51:02 -02:00
Carlos Antonio da Silva
f23bf7dbdb Add missing deprecation require 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-11 13:29:23 -02:00
José Valim
28185ebc2e Remove misleading reference to polymorphic_url. 2011-02-11 05:51:13 -08:00
Josh Kalderimis
1814298d75 Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same. This also changes how safe_join works, if items or the separator are not html_safe they are html_escape'd, a html_safe string is always returned. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-02-10 16:51:30 +01:00
José Valim
89a5f1463d Revert "Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same." 
Applied the wrong version.

This reverts commit 98c0c5db50.
 2011-02-10 16:50:35 +01:00
Josh Kalderimis
98c0c5db50 Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same. 2011-02-10 23:47:54 +08:00
Gabriel Horner
b3dad5deb9 add some docs for ActionController::Renderers 2011-02-10 00:16:06 -05:00
Aaron Patterson
c9182597ca reduce string append funcalls 2011-02-08 16:18:37 -08:00
Michael Koziarski
ae19e4141f Change the CSRF whitelisting to only apply to get requests 
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:

 X-CSRF-Token: ...

This fixes CVE-2011-0447
 2011-02-08 14:57:08 -08:00
José Valim
6b1018526f Use Mime::Type references. 2011-02-08 14:14:26 -08:00
José Valim
b93c590297 Ensure render is case sensitive even on systems with case-insensitive filesystems. 
This fixes CVE-2011-0449
 2011-02-08 14:04:19 -08:00
Michael Koziarski
3ddd7f7ec9 Be sure to javascript_escape the email address to prevent apostrophes inadvertently causing javascript errors. 
This fixes CVE-2011-0446
 2011-02-08 13:56:08 -08:00
Santiago Pastorino
ee0b92ec7a fields_for with inline blocks and nested attributes already persisted does not render properly 
[#6381 state:committed]
 2011-02-08 18:04:12 -02:00
Carlos Antonio da Silva
631e23ec6c Add tests showing the LH issue #6381: fields_for with inline blocks and nested attributes already persisted 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-08 18:04:12 -02:00
Aaron Patterson
ea25224046 cleaning up some warnings on 1.9.3 2011-02-07 16:44:27 -08:00
Dan Pickett
3026843dc1 put authenticity_token option in parity w/ remote 
[#6228 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-06 19:04:52 -02:00
Andre Arko
10cab35d3b Allow page_cache_directory to be set as a Pathname 
For example, page_cache_directory = Rails.root.join("public/cache")

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-06 17:55:38 -02:00
Timothy N. Tsvetkov
b9309b47cd Added tests for form_for and an authenticity_token option. Added docs for for_for and authenticity_token option. Added section to form helpers guide about forms for external resources and new authenticity_token option for form_tag and form_for helpers. 
[#6228 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-05 18:58:32 -02:00
Xavier Noria
8b5dc9caa5 Merge branch 'master' of git://github.com/lifo/docrails 2011-02-05 19:47:08 +01:00
Gabriel Horner
277327bb7f improve routing docs, mostly for #match 2011-02-05 13:12:49 -05:00
german
adbae9aab8 fixed bug with nested resources within shallow scope 
[#6372 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-04 17:07:51 -02:00
Gabriel Horner
ac15647bf0 keep options titles consistent to "Options" 2011-02-03 23:51:06 -05:00
Franco Brusatti
d3cfee1182 removing generation of id in submit helper 
[#6369 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-03 20:24:14 -02:00
Anton Astashov
c1c6f29214 Add a test for 'render :layout' 
To make sure it will show block contents if it is placed after 'render
:partial'

[#5557 state:resolved]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-03 12:55:32 -02:00
Xavier Noria
e99e859a04 revises a metal example 2011-02-02 23:27:27 +01:00
Xavier Noria
33643bcf53 copy-edits 2446b13 2011-02-02 23:04:12 +01:00
Stephen Celis
a0757e00f3 Protocol-relative URL support. 
[#5774 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-02 19:09:44 -02:00
Xavier Noria
a96a9a4948 Merge branch 'master' of git://github.com/lifo/docrails 2011-02-02 22:04:11 +01:00
Bernerd Schaefer
2446b1307e Provide documentation for ActionController::Metal 2011-02-02 16:02:28 +01:00
Santiago Pastorino
86dc5987b2 add test to check class is being escaped in form_class 2011-02-01 19:17:31 -02:00