github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-04-26 03:00:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
20,769 Commits 34 Branches 105 Tags
c560c8b2ba2af2ff1942e40b8eff8287354bf7d8
Commit Graph

20769 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aaron Patterson
c560c8b2ba log method takes an option list of bind values 2011-02-09 15:15:37 -08:00
Aaron Patterson
37efb517cb fanout unsubscribe only accepted one argument, so taking *args here is probably bad 2011-02-09 14:33:56 -08:00
Aaron Patterson
3e02b3702e just use an attr_accessor so we do not pay ||= on every notification call 2011-02-09 14:02:38 -08:00
Aaron Patterson
e50d43a201 fixing indentation 2011-02-09 13:47:32 -08:00
Aaron Patterson
3d0579fc03 speed up notification publishing by writing the delegate method 2011-02-09 13:46:47 -08:00
Aaron Patterson
5548e47adb rawr, mysql, mysql2, why do you hate me. :'( 2011-02-09 13:35:56 -08:00
Josh Bassett
056be15212 Fixed a bug where ActiveResource::HttpMock would not replace an existing response when passing a block to the respond_to method. 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-09 19:25:53 -02:00
Tsutomu Kuroda
ad31549ab3 Override attributes_protected_by_default when has_secure_password is called. 
attr_protected should not be called, because it nullifies the
mass assignment protection that has been set by attr_accessible.

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-09 18:35:15 -02:00
Josh Kalderimis
9d8fdfec38 removed some duplication from LH issue 5505 regarding AR touch and optimistic locking [#5505 state:resolved] 
Signed-off-by: Santiago Pastorino and José Ignacio Costa <santiago+jose@wyeworks.com>
 2011-02-09 18:28:15 -02:00
Franck Verrot
8bc464c809 The optimistic lock column should be increased when calling touch 
Signed-off-by: Santiago Pastorino and José Ignacio Costa <santiago+jose@wyeworks.com>
 2011-02-09 18:27:40 -02:00
Aaron Patterson
d3b2596884 use parenthesis so limit works on all dbs 2011-02-09 11:51:09 -08:00
Xavier Noria
cb1f8413de now that the API guidelines are a guide, it is enough to assert that the names of Rails components have a space, no need to say it was checked with David in the past 2011-02-09 20:05:28 +01:00
Aaron Patterson
4083e0ea2a removing text-format in favor of a more simple solution 2011-02-09 10:11:29 -08:00
Raimonds Simanovskis
c567ccbb17 bugfix for serialized_attributes to be class specific 
previously serialized_attributes were kept as class attribute of ActiveRecord::Base - if some attribute was defined as serialized in one subclass then it was serialized in all other subclasses as well (if it had the same name)
 2011-02-09 09:19:56 -08:00
Aaron Patterson
f48d32c0cf implementing include? on AM::Errors 2011-02-09 09:19:56 -08:00
Piotr Sarnacki
39310f7930 text-format requires text-hyphen, which needs ruby 1.8 2011-02-09 17:57:42 +01:00
Aaron Patterson
51d84c1d33 we do not need message to be an array 2011-02-09 08:42:13 -08:00
Ken Collins
56fb3b1594 Allow limit values to accept an ARel SQL literal. 2011-02-09 08:33:40 -08:00
Aaron Patterson
c6b4ef082f use map rather than array concatenation 2011-02-09 08:32:43 -08:00
Aaron Patterson
307e6b2b74 favor composition over inheritence 2011-02-09 08:32:43 -08:00
Aaron Patterson
ed6e09c1b1 use 1 call to concat rather than calling << n times 2011-02-09 08:32:43 -08:00
Piotr Sarnacki
e6369bc9e9 Application's assets should have higher priority than engine's ones 
[#6388 state:resolved]
 2011-02-09 12:19:20 +01:00
Eric Allam
d729e5f97e Failing test for #6388 2011-02-09 12:19:08 +01:00
Santiago Pastorino and Emilio Tagua
0faa7ee2a0 Add missing require 2011-02-09 08:36:44 -02:00
Josh Kalderimis
3eb25fb880 fix for AS Gzip returning a UTF-8 string in Ruby 1.9 when it is actually binary [#6386 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-02-09 10:27:01 +01:00
Aaron Patterson
5046120b97 comma limits do not make sense on oracle or pg 2011-02-08 16:54:07 -08:00
Aaron Patterson
c9182597ca reduce string append funcalls 2011-02-08 16:18:37 -08:00
Aaron Patterson
b45a90f9b0 redcloth does not install on 1.9.3 2011-02-08 16:01:36 -08:00
Aaron Patterson
1c6f4562d7 primary keys should not be cleared on cache clear, fixing oracle tests 2011-02-08 16:01:16 -08:00
Michael Koziarski
11061f410e Make rails.js include the CSRF token in the X-CSRF-Token header with every ajax request. 2011-02-08 14:57:34 -08:00
Michael Koziarski
ae19e4141f Change the CSRF whitelisting to only apply to get requests 
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:

 X-CSRF-Token: ...

This fixes CVE-2011-0447
 2011-02-08 14:57:08 -08:00
Aaron Patterson
0b58a7ff42 limit() should sanitize limit values 
This fixes CVE-2011-0448
 2011-02-08 14:21:12 -08:00
José Valim
6b1018526f Use Mime::Type references. 2011-02-08 14:14:26 -08:00
José Valim
b93c590297 Ensure render is case sensitive even on systems with case-insensitive filesystems. 
This fixes CVE-2011-0449
 2011-02-08 14:04:19 -08:00
Michael Koziarski
3ddd7f7ec9 Be sure to javascript_escape the email address to prevent apostrophes inadvertently causing javascript errors. 
This fixes CVE-2011-0446
 2011-02-08 13:56:08 -08:00
Aaron Patterson
8ce57652b2 ignore max identifier length queries from pg 2011-02-08 13:38:05 -08:00
Santiago Pastorino
ee0b92ec7a fields_for with inline blocks and nested attributes already persisted does not render properly 
[#6381 state:committed]
 2011-02-08 18:04:12 -02:00
Carlos Antonio da Silva
631e23ec6c Add tests showing the LH issue #6381: fields_for with inline blocks and nested attributes already persisted 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-08 18:04:12 -02:00
Aaron Patterson
cd440236ad this test requires the job model, so we should require it 2011-02-08 11:31:46 -08:00
Aaron Patterson
51414a0893 use === so that regular expressions are not required 2011-02-08 10:48:01 -08:00
Aaron Patterson
1df3b65acc use === so that regular expressions are not required 2011-02-08 10:42:03 -08:00
Jan
9643243204 make set_table_name take effect immediately 2011-02-08 10:31:09 -08:00
Aaron Patterson
ac86923fca no more faker, rbench, or addressable 2011-02-07 19:53:22 -08:00
Aaron Patterson
ea25224046 cleaning up some warnings on 1.9.3 2011-02-07 16:44:27 -08:00
Aaron Patterson
08ef06dbf1 just return the record from insert_record, use truthiness for comparisons 2011-02-07 16:25:22 -08:00
Aaron Patterson
2b4de6621f require tag since we need it for this test 2011-02-07 16:09:33 -08:00
Jon Leighton
4f7bdc8f74 Documentation for recent refinements to association deletion 2011-02-07 23:35:05 +00:00
Jon Leighton
e62b576472 Refactor the implementations of AssociatioCollection#delete and #destroy to be more consistent with each other, and to stop passing blocks around, thus making the execution easier to follow. 2011-02-07 23:35:05 +00:00
Jon Leighton
d9870d92f7 This string should continue 2011-02-07 23:35:05 +00:00
Jon Leighton
52f09eac5b Correctly update counter caches on deletion for has_many :through [#2824 state:resolved]. Also fixed a bunch of other counter cache bugs in the process, as once I fixed this one others started appearing like nobody's business. 2011-02-07 23:35:05 +00:00