github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-04-26 03:00:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
21,123 Commits 34 Branches 105 Tags
f00a39845676bd552e31f47f3588ca266d4f010a
Commit Graph

5532 Commits

Author SHA1 Message Date
Aaron Patterson
1f2e7214aa make sure string keys are always looked up from the class cache 2011-03-02 10:11:28 -08:00
Aaron Patterson
dd41387f34 use newer class cache api 2011-03-02 09:35:10 -08:00
Cheah Chu Yeow
2ee5555744 Fix Action caching bug where an action that has a non-cacheable response always renders a nil response body. It now correctly renders the response body. 
Note that only GET and HTTP 200 responses can be cached.

[#6480 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-03-02 13:11:07 -02:00
Aaron Patterson
f345e2380c yo dawg, directly use the class cache rather than the cache of the cache 2011-03-01 17:43:45 -08:00
Aaron Patterson
7b6bfe84f3 refactor Reference to a ClassCache object, fix lazy lookup in Middleware so that anonymous classes are supported 2011-03-01 17:20:35 -08:00
Aaron Patterson
50ed1a25a4 initialize ivars 2011-03-01 17:20:35 -08:00
Aaron Patterson
fd26afc93b Enumerable gives us include?, so remove include? 2011-03-01 10:21:44 -08:00
Aaron Patterson
648fd60ecf prefer composition over inheritance with AD::MS 2011-03-01 10:14:09 -08:00
Aaron Patterson
46bb424287 Revert "compute ext in initialize, and use an attr_reader" 
This reverts commit 2dbb73bdda.

Conflicts:

	actionpack/lib/action_dispatch/middleware/static.rb
 2011-02-28 19:47:09 -08:00
Aaron Patterson
f279422e33 no need to pass a regex to Regexp.compile 2011-02-28 18:03:06 -08:00
Aaron Patterson
2dbb73bdda compute ext in initialize, and use an attr_reader 2011-02-28 17:54:00 -08:00
Santiago Pastorino
53b17e9ad0 javascript_include_tag shouldn't raise if you register an expansion key with nil value 2011-02-28 11:52:00 -02:00
Prem Sichanugrist
839d06f5f2 We're in 2011, let's update our license 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-22 18:24:20 -02:00
Michael Koziarski
3d907a68d9 Prepend the CSRF filter to make it much more difficult to execute application code before it fires. 2011-02-23 09:00:41 +13:00
Xavier Noria
f41bf6938f merges docrails 2011-02-18 23:22:15 +01:00
Nicholas Rowe
9a9d895481 Fix Typos: remove several occurences of the the 2011-02-17 20:46:52 -05:00
Steve Schwartz
f4ddb4da89 Added RDoc info for accepted options for simple_format in TextHelper. 2011-02-15 12:58:57 -05:00
Andrew White
460a341682 Fix named route helper for routes nested inside deeply nested resources 
[#6416 state:resolved]
 2011-02-14 02:56:09 +00:00
Andrew White
fd7605826a Add notes on how to override the default :id constraint [#5994 state:resolved] 2011-02-14 01:01:20 +00:00
Andrew White
af4fab7d2e Remove incorrect assert_recognizes example 2011-02-13 23:25:57 +00:00
Andrew White
385be358cf Fix assert_recognizes with block constraints [#5805 state:resolved] 2011-02-13 23:24:46 +00:00
Santiago Pastorino
944d314244 Add Date#rfc3339 and Date#iso8601 to AS 2011-02-13 02:10:13 -02:00
Josh Kalderimis
33cc36678b Allow for the format of time_tag in AP to be changed via an option argument. 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-12 22:22:30 -02:00
Sjoerd Andringa
95a5bd87cb Added time_tag helper to AP for HTML5 time tag [#5919 state:resolved] 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-12 22:22:18 -02:00
Josh Kalderimis
e2b99eb1a7 Applied changes to stylesheet_link_tag from javascript_include_tag which corrects issues with ordering and duplicates. 2011-02-13 05:50:25 +08:00
Josh Kalderimis
1363bb8f72 This corrects two issues with javascript_include_tag, the order at which they are expanded, and removing duplicates. 
When individual js assets are specified, they will override the order of the same asset specified in an expansion.

[#5938 state:resolved]
 2011-02-13 05:50:24 +08:00
Tom Stuart
829de9d98e Add block support to button_tag helper 
As per the HTML 4.01 spec:

  Buttons created with the BUTTON element function just like buttons
  created with the INPUT element, but they offer richer rendering
  possibilities: the BUTTON element may have content. For example, a
  BUTTON element that contains an image functions like and may resemble
  an INPUT element whose type is set to "image", but the BUTTON element
  type allows content.

Since rich content is the main purpose of the <button> element, it makes
sense for the button_tag helper to accept a block.

http://www.w3.org/TR/html401/interact/forms.html#edef-BUTTON
http://dev.w3.org/html5/spec/the-button-element.html#the-button-element

Signed-off-by: Santiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
 2011-02-12 13:52:00 -02:00
Tom Stuart
03749d6c88 Make type="submit" the default for button_tag helper 
"submit" is the default value of the <button> element's type attribute
according to the HTML 4.01 and the HTML5 draft specs, so if button_tag
is going to have a default, type="submit" is a more sensible choice than
type="button".

http://www.w3.org/TR/html401/interact/forms.html#adef-type-BUTTON
http://dev.w3.org/html5/spec/the-button-element.html#attr-button-type

Signed-off-by: Santiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
 2011-02-12 13:51:02 -02:00
Carlos Antonio da Silva
f23bf7dbdb Add missing deprecation require 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-11 13:29:23 -02:00
José Valim
28185ebc2e Remove misleading reference to polymorphic_url. 2011-02-11 05:51:13 -08:00
Josh Kalderimis
1814298d75 Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same. This also changes how safe_join works, if items or the separator are not html_safe they are html_escape'd, a html_safe string is always returned. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-02-10 16:51:30 +01:00
José Valim
89a5f1463d Revert "Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same." 
Applied the wrong version.

This reverts commit 98c0c5db50.
 2011-02-10 16:50:35 +01:00
Josh Kalderimis
98c0c5db50 Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same. 2011-02-10 23:47:54 +08:00
Gabriel Horner
b3dad5deb9 add some docs for ActionController::Renderers 2011-02-10 00:16:06 -05:00
Aaron Patterson
c9182597ca reduce string append funcalls 2011-02-08 16:18:37 -08:00
Michael Koziarski
ae19e4141f Change the CSRF whitelisting to only apply to get requests 
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:

 X-CSRF-Token: ...

This fixes CVE-2011-0447
 2011-02-08 14:57:08 -08:00
José Valim
6b1018526f Use Mime::Type references. 2011-02-08 14:14:26 -08:00
José Valim
b93c590297 Ensure render is case sensitive even on systems with case-insensitive filesystems. 
This fixes CVE-2011-0449
 2011-02-08 14:04:19 -08:00
Michael Koziarski
3ddd7f7ec9 Be sure to javascript_escape the email address to prevent apostrophes inadvertently causing javascript errors. 
This fixes CVE-2011-0446
 2011-02-08 13:56:08 -08:00
Santiago Pastorino
ee0b92ec7a fields_for with inline blocks and nested attributes already persisted does not render properly 
[#6381 state:committed]
 2011-02-08 18:04:12 -02:00
Dan Pickett
3026843dc1 put authenticity_token option in parity w/ remote 
[#6228 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-06 19:04:52 -02:00
Andre Arko
10cab35d3b Allow page_cache_directory to be set as a Pathname 
For example, page_cache_directory = Rails.root.join("public/cache")

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-06 17:55:38 -02:00
Timothy N. Tsvetkov
b9309b47cd Added tests for form_for and an authenticity_token option. Added docs for for_for and authenticity_token option. Added section to form helpers guide about forms for external resources and new authenticity_token option for form_tag and form_for helpers. 
[#6228 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-05 18:58:32 -02:00
Xavier Noria
8b5dc9caa5 Merge branch 'master' of git://github.com/lifo/docrails 2011-02-05 19:47:08 +01:00
Gabriel Horner
277327bb7f improve routing docs, mostly for #match 2011-02-05 13:12:49 -05:00
german
adbae9aab8 fixed bug with nested resources within shallow scope 
[#6372 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-04 17:07:51 -02:00
Gabriel Horner
ac15647bf0 keep options titles consistent to "Options" 2011-02-03 23:51:06 -05:00
Franco Brusatti
d3cfee1182 removing generation of id in submit helper 
[#6369 state:committed]

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-03 20:24:14 -02:00
Xavier Noria
e99e859a04 revises a metal example 2011-02-02 23:27:27 +01:00
Xavier Noria
33643bcf53 copy-edits 2446b13 2011-02-02 23:04:12 +01:00