github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-04-26 03:00:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
22,120 Commits 34 Branches 105 Tags
79a9bebcbf53673cab5d588869819702ac5a9607
Commit Graph

1788 Commits

Author SHA1 Message Date
Prem Sichanugrist
8c9e4d5202 Add ActionController::ParamsWrapper to wrap parameters into a nested hash 
This will allow us to do a rootless JSON/XML request to server.
 2011-05-03 03:21:43 +07:00
José Valim
13df194c00 Tidy up pending TODOs after discussion with Mr. Gatoz (@wycats). 2011-05-01 19:39:57 +02:00
José Valim
46611a995d log errors when an exception happens when streaming. 2011-05-01 13:40:14 +02:00
José Valim
6960a230fa Add a test for rendering from the controller context. 2011-05-01 13:40:14 +02:00
misfo
9f6cafd5fd prevent errors when passing a frozen string as a param to ActionController::TestCase#process 
since ActionDispatch::Http::Parameters#encode_params will force encoding on all params strings (when using an encoding aware Ruby), dup all strings passed into process.  This prevents modification of params passed in and, more importantly, doesn't barf when a frozen string is passed
thanks and high fives to kinsteronline
 2011-04-28 04:07:57 +08:00
David Chelimsky
8d00dfca7f rename test case to better describe use case 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-04-25 09:31:48 +02:00
Florent Piteau
89ed9fbd19 Don't reuse a closed flash when using now 2011-04-20 04:32:26 +08:00
José Valim
069e9b004f Do not stream on HTTP/1.0. 2011-04-19 15:04:28 +02:00
José Valim
b398520c14 Output a redirect to the 500 page if something happens when streaming. 
Currently, we output:

  "><script type="text/javascript">window.location = "/500.html"</script></html>
 2011-04-19 12:26:11 +02:00
José Valim
6380f1a9f4 Be sure to not store the closed flash in the session. 2011-04-19 10:34:17 +02:00
José Valim
3b0f917b1d Test explicit skip. 2011-04-18 14:27:49 +02:00
José Valim
07fde1a3d3 Just define the controller if fibers are defined. 2011-04-18 14:27:49 +02:00
José Valim
389d15ef13 Body... wanna *stream* my body? Body... such a thrill my body! 
Added stream as class level method to make it explicit when to stream.
Render also accepts :stream as option.
 2011-04-18 08:55:41 +02:00
Aaron Patterson
c630750fa5 switch to using comments to comment things 2011-04-15 14:13:46 -07:00
José Valim
d6bd606bdd render :once, YAGNI. 2011-04-15 21:11:54 +02:00
David Chelimsky
a26d407f63 ActionView::PathSet# accepts String or Array 
- Closes #6692

Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-04-13 21:45:51 +02:00
Prem Sichanugrist
733bfa63f5 Remove #among? from Active Support 
After a long list of discussion about the performance problem from using varargs and the reason that we can't find a great pair for it, it would be best to remove support for it for now.

It will come back if we can find a good pair for it. For now, Bon Voyage, `#among?`.
 2011-04-13 20:25:28 +08:00
Xavier Noria
5850f16935 removes the RJS template handler 2011-04-13 13:23:18 +02:00
Xavier Noria
eea66892c8 removes support for render :update 2011-04-13 13:23:17 +02:00
Xavier Noria
b878757c50 removes assert_select_rjs 2011-04-13 13:23:16 +02:00
David Heinemeier Hansson
d1575ae1b9 Change Object#either? to Object#among? -- thanks to @jamesarosen for the suggestion! 2011-04-12 00:23:07 +02:00
Prem Sichanugrist
a9f3c9da01 Using Object#in? and Object#either? in various places 
There're a lot of places in Rails source code which make a lot of sense to switching to Object#in? or Object#either? instead of using [].include?.
 2011-04-11 03:17:09 +08:00
James Robinson
2cdc1f0cd5 Make csrf_meta_tags use the tag helper 
Improved formatting of csrf_helper and improved test coverage
 2011-04-08 02:21:08 +02:00
Aaron Patterson
1e90229e04 many args does not make sense with the current implementation because of how use works 2011-04-06 18:13:16 -07:00
Aaron Patterson
32f876786a getting the flash hash under test 2011-04-06 18:01:03 -07:00
Aaron Patterson
76c2ea7882 favor composition over inheritance, have FlashHash delegate to a Hash 2011-04-06 17:26:55 -07:00
Santiago Pastorino
0e4748cd41 Make process reuse the env var passed as argument 2011-04-06 16:37:55 -03:00
Santiago Pastorino
d7a5638dfb raise if someone tries to modify the flash when it was already streamed back to the client or converted to HTTP headers 2011-04-05 10:41:34 -03:00
Santiago Pastorino
cc58fe79ac Implicit actions named not_implemented can be rendered 2011-04-02 23:47:50 -03:00
Josh Kalderimis
b45302d767 pass respond_with options to controller render when using a template for api navigation 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-31 18:53:36 +02:00
Josh Kalderimis
48404a751d only try to display an api template in responders if the request is a get or there are no errors 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-31 18:53:27 +02:00
Josh Kalderimis
9766997f4c when using respond_with with an invalid resource and custom options, the default response status and error messages should be returned 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-31 18:53:21 +02:00
José Valim
ba51aa0b1b Make action_method? public and change implicit rendering to override it instead. 2011-03-30 17:22:05 +02:00
David Heinemeier Hansson
e2b07ee000 Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call [DHH] 2011-03-28 18:10:08 -07:00
Prem Sichanugrist
7cbdfa8303 Add controller-specific force_ssl method to force web browser to use HTTPS protocol 
This would become useful for site which sometime transferring sensitive information such as account information on particular controller or action.

This featured was requested by DHH.
 2011-03-28 04:58:47 +08:00
Andrew White
9772de8d45 Fix filter :only and :except with implicit actions 
The method_name argument is "default_render" for implicit actions
so use the action_name attribute to determine which callbacks to run.

[#5673 state:resolved]
 2011-03-23 23:32:44 +00:00
Manfred Stienstra
5da9a74bd3 Add a failing test case for an implicit action with a before filter. 
Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
 2011-03-23 23:32:44 +00:00
Andrew White
03cbd9672c Filter params that return nil for to_param and allow through false values 2011-03-09 14:44:25 +00:00
R.T. Lechow
87e9e3f9af Action Pack typos. 2011-03-05 11:56:35 +01:00
Cheah Chu Yeow
2ee5555744 Fix Action caching bug where an action that has a non-cacheable response always renders a nil response body. It now correctly renders the response body. 
Note that only GET and HTTP 200 responses can be cached.

[#6480 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-03-02 13:11:07 -02:00
Michael Koziarski
ae19e4141f Change the CSRF whitelisting to only apply to get requests 
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:

 X-CSRF-Token: ...

This fixes CVE-2011-0447
 2011-02-08 14:57:08 -08:00
José Valim
6b1018526f Use Mime::Type references. 2011-02-08 14:14:26 -08:00
José Valim
b93c590297 Ensure render is case sensitive even on systems with case-insensitive filesystems. 
This fixes CVE-2011-0449
 2011-02-08 14:04:19 -08:00
Aaron Patterson
ea25224046 cleaning up some warnings on 1.9.3 2011-02-07 16:44:27 -08:00
Dan Pickett
3026843dc1 put authenticity_token option in parity w/ remote 
[#6228 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-06 19:04:52 -02:00
Andre Arko
10cab35d3b Allow page_cache_directory to be set as a Pathname 
For example, page_cache_directory = Rails.root.join("public/cache")

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-06 17:55:38 -02:00
Timothy N. Tsvetkov
b9309b47cd Added tests for form_for and an authenticity_token option. Added docs for for_for and authenticity_token option. Added section to form helpers guide about forms for external resources and new authenticity_token option for form_tag and form_for helpers. 
[#6228 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-05 18:58:32 -02:00
Stephen Celis
a0757e00f3 Protocol-relative URL support. 
[#5774 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-02 19:09:44 -02:00
Neeraj Singh
806e6f80dc render_to_string must ensure that response_body 
is nil

[ #5875 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-01-25 20:14:03 +01:00
Doug Fales
7927fc2ff7 A patch so that http status codes are still included in logs even during an exception [#6333 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-01-25 20:12:22 +01:00