github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-04-26 03:00:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
21,256 Commits 34 Branches 105 Tags
76e4e2fa468593c42623472055d329dfeb577c49
Commit Graph

864 Commits

Author SHA1 Message Date
Aaron Patterson
acd4bfb537 Just define methods directly on the class rather than use the module 
indirection.

clever--
 2011-03-11 18:16:47 -08:00
Aaron Patterson
89c5b9aee7 do not automatically add format to routes that end in a slash 2011-03-11 18:06:22 -08:00
Prem Sichanugrist & Xavier Noria
68802d0fbe Filter sensitive query string parameters in the log [#6244 state:committed] 
This provides more safety to applications that put secret information in the query string, such as API keys or SSO tokens.

Signed-off-by: Xavier Noria <fxn@hashref.com>
 2011-03-11 00:16:18 +01:00
Andrew White
03cbd9672c Filter params that return nil for to_param and allow through false values 2011-03-09 14:44:25 +00:00
Aaron Patterson
0c777bace2 stop being clever and just call methods on the Route object 2011-03-08 16:18:27 -08:00
Andrew White
31f09f9dbc Improve testing of cookies in functional tests: 
- cookies can be set using string or symbol keys
- cookies are preserved across calls to get, post, etc.
- cookie names and values are escaped
- cookies can be cleared using @request.cookies.clear

[#6272 state:resolved]
 2011-03-06 12:49:44 +00:00
Andrew White
e00867bc43 Raise ArgumentError if route name is invalid [#6517 state:resolved] 2011-03-06 07:08:50 +00:00
R.T. Lechow
87e9e3f9af Action Pack typos. 2011-03-05 11:56:35 +01:00
Aaron Patterson
1f2e7214aa make sure string keys are always looked up from the class cache 2011-03-02 10:11:28 -08:00
Aaron Patterson
dd41387f34 use newer class cache api 2011-03-02 09:35:10 -08:00
Aaron Patterson
f345e2380c yo dawg, directly use the class cache rather than the cache of the cache 2011-03-01 17:43:45 -08:00
Aaron Patterson
7b6bfe84f3 refactor Reference to a ClassCache object, fix lazy lookup in Middleware so that anonymous classes are supported 2011-03-01 17:20:35 -08:00
Aaron Patterson
50ed1a25a4 initialize ivars 2011-03-01 17:20:35 -08:00
Aaron Patterson
fd26afc93b Enumerable gives us include?, so remove include? 2011-03-01 10:21:44 -08:00
Aaron Patterson
648fd60ecf prefer composition over inheritance with AD::MS 2011-03-01 10:14:09 -08:00
Aaron Patterson
46bb424287 Revert "compute ext in initialize, and use an attr_reader" 
This reverts commit 2dbb73bdda.

Conflicts:

	actionpack/lib/action_dispatch/middleware/static.rb
 2011-02-28 19:47:09 -08:00
Aaron Patterson
f279422e33 no need to pass a regex to Regexp.compile 2011-02-28 18:03:06 -08:00
Aaron Patterson
2dbb73bdda compute ext in initialize, and use an attr_reader 2011-02-28 17:54:00 -08:00
Andrew White
460a341682 Fix named route helper for routes nested inside deeply nested resources 
[#6416 state:resolved]
 2011-02-14 02:56:09 +00:00
Andrew White
fd7605826a Add notes on how to override the default :id constraint [#5994 state:resolved] 2011-02-14 01:01:20 +00:00
Andrew White
af4fab7d2e Remove incorrect assert_recognizes example 2011-02-13 23:25:57 +00:00
Andrew White
385be358cf Fix assert_recognizes with block constraints [#5805 state:resolved] 2011-02-13 23:24:46 +00:00
Carlos Antonio da Silva
f23bf7dbdb Add missing deprecation require 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-11 13:29:23 -02:00
Michael Koziarski
ae19e4141f Change the CSRF whitelisting to only apply to get requests 
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:

 X-CSRF-Token: ...

This fixes CVE-2011-0447
 2011-02-08 14:57:08 -08:00
José Valim
6b1018526f Use Mime::Type references. 2011-02-08 14:14:26 -08:00
Xavier Noria
8b5dc9caa5 Merge branch 'master' of git://github.com/lifo/docrails 2011-02-05 19:47:08 +01:00
Gabriel Horner
277327bb7f improve routing docs, mostly for #match 2011-02-05 13:12:49 -05:00
german
adbae9aab8 fixed bug with nested resources within shallow scope 
[#6372 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-04 17:07:51 -02:00
Gabriel Horner
ac15647bf0 keep options titles consistent to "Options" 2011-02-03 23:51:06 -05:00
Stephen Celis
a0757e00f3 Protocol-relative URL support. 
[#5774 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-02 19:09:44 -02:00
Xavier Noria
a96a9a4948 Merge branch 'master' of git://github.com/lifo/docrails 2011-02-02 22:04:11 +01:00
John Firebaugh
57bc25c5f8 Use run_callbacks; the generated _run_<name>_callbacks method is not a public interface. 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-01-31 19:45:53 -02:00
Jonathan Dance + Gabriel Horner
d1ef543794 explain different ways to use match() 2011-01-29 17:29:06 -05:00
Jonathan Dance + Gabriel Horner
fab16fded9 organize and expand on options for routing methods 2011-01-29 17:29:06 -05:00
misfo
ef48408a7b corrected the location of status code symbols 2011-01-29 16:03:40 -06:00
Jonathan Dance + Gabriel Horner
38d728fb94 add cross-references and documentation for scope 2011-01-28 19:25:12 -05:00
Jonathan Dance + Gabriel Horner
49744bdaee fix cross-references in HttpHelper methods 2011-01-28 19:25:12 -05:00
Matt Jankowski
cc9301f459 clarify what the "they" that are is and what the "are" in question is 2011-01-27 12:25:22 -05:00
brainopia
8491f16e12 Add tld_length option when using domain :all in cookies 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-01-21 13:13:51 +01:00
brainopia
91a4193ee0 Support list of possible domains for cookies 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-01-21 13:13:43 +01:00
Aaron Patterson
9702159373 removing more unused variables 2011-01-17 14:33:34 -08:00
Aaron Patterson
16ae08fff0 use raise to create exceptions and to set the backtrace 2011-01-12 11:15:11 -08:00
Aaron Patterson
1d9c555297 reraising should be in the rescue block 2011-01-12 11:15:10 -08:00
Krekoten' Marjan
366e7854ac Refactor to handle the X-Cascade without having to raise an exception 2011-01-09 16:08:54 -08:00
Santiago Pastorino
171172f324 render :template is faster than render :file 2011-01-01 13:44:34 -02:00
Santiago Pastorino
9bc879d42a This is not needed anymore 2011-01-01 13:20:00 -02:00
José Valim
d6efd3cfc2 Don't deprecate to_prepare. 2010-12-23 19:21:14 +01:00
José Valim
819b8cae40 Clean up callbacks should also be called on exceptions. 2010-12-23 19:17:02 +01:00
John Firebaugh
0b0e6f13c0 Typo (request -> response) 2010-12-21 19:32:34 -08:00
John Firebaugh
d4afde9ab0 Expand ActionDispatch::Reloader docs 2010-12-21 19:26:33 -08:00