github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-01-15 01:28:17 -05:00
Code Issues Packages Projects Releases Wiki Activity
10,234 Commits 34 Branches 105 Tags
github26
Commit Graph

10234 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Di Marco
8ca8ac379d Fixed bug 6440 by checking that destroy exists on the session 2011-02-28 22:54:03 -05:00
Rob Di Marco
589ce09564 Unit test that shows calling reset session twice results in an exception 2011-02-28 22:53:36 -05:00
Vijay Dev
6c42c142e2 fix incorrect version in deprecation message 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-20 13:32:18 -02:00
Aaron Patterson
abc06a2f76 rubygems 1.5.0 compatibility. Thanks Tim Serong 2011-02-09 15:24:14 -08:00
Michael Koziarski
b0c3d451a2 Prepare for the 2.3.11 release 2011-02-09 09:30:53 +13:00
Michael Koziarski
7e86f9b4d2 Change the CSRF whitelisting to only apply to get requests 
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:

 X-CSRF-Token: ...

This fixes CVE-2011-0447
 2011-02-09 09:20:17 +13:00
Michael Koziarski
abe97736b8 Be sure to javascript_escape the email address to prevent apostrophes inadvertently causing javascript errors. 
This fixes CVE-2011-0446
 2011-02-09 09:20:16 +13:00
Aaron Patterson
7e0f60d2ed fixing invalid yaml [#4418 state:resolved] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2011-02-01 13:30:58 -08:00
Jamis Buck
3afa5385c9 Revert "make TestCaseTest work for pre-1.9 rubies, too" 
This reverts commit 8378a44ff9.
 2011-01-19 15:57:16 -07:00
Jamis Buck
c545331f9e Revert "scrub instance variables from test cases on teardown" 
This reverts commit b5cf2b4b82.
 2011-01-19 15:57:16 -07:00
Jamis Buck
cd0ecff00b Revert "rein in GC during tests by making them run (at most) once per second" 
This reverts commit a0c761dc6b.
 2011-01-19 15:57:14 -07:00
Jamis Buck
a0c761dc6b rein in GC during tests by making them run (at most) once per second 
this can provide a significant performance boost during testing, by
preventing the GC from running too frequently.
 2011-01-19 10:27:53 -07:00
Jamis Buck
b5cf2b4b82 scrub instance variables from test cases on teardown 
this prevents test state from accumulating, resulting in leaked
objects and slow tests due to overactive GC.
 2011-01-19 10:12:18 -07:00
Jamis Buck
8378a44ff9 make TestCaseTest work for pre-1.9 rubies, too 2011-01-19 10:08:02 -07:00
Johnathan Ritzi
4f0c8ef9f1 Fix doc for #check_box [#6311 state:resolved] 
Signed-off-by: Xavier Noria <fxn@hashref.com>
 2011-01-19 08:47:19 +01:00
Jeremy Kemper
bc302f2aec Revert "use Object#class instead of Object#type" 
This reverts commit 08d94d3f7e.
 2011-01-10 14:14:25 -08:00
Tomasz Pajor
08d94d3f7e use Object#class instead of Object#type 2011-01-09 15:12:25 -08:00
Mikel Lindsaar
10ec012f58 Updating documentation on ActionMailer base to show a multipart email with attachments 2011-01-02 11:13:44 +11:00
Mikel Lindsaar
92fd824480 Correcting actionmailer guide for Rails 2.3 2011-01-02 11:08:44 +11:00
Michael Koziarski
6d916329b8 Require thread explicitly rather than relying on rubygems to do it. 2010-12-20 11:16:55 +13:00
Michael Koziarski
84465a2cc1 Revert "In nested_attributes when association is not loaded and association record is saved then in memory record attributes should be saved" 
This reverts commit 12bbc34aca.

It caused errors when combined with attr_accessible, piggy back attributes fetched by :select, etc.  Leaving it in 3.0, but removing from 2.3
 2010-12-08 09:48:54 +13:00
Will Bryant
0fee359278 Don't add non-new records back to the target array after loading targets on associations, as that makes destroy_all destroy any created records that don't match the scope destroy_all is called on 
Signed-off-by: Michael Koziarski <michael@koziarski.com>
 2010-12-08 09:48:16 +13:00
Pascal Friederich
e0eb8e9c65 Let Rack::Utils.set_cookie_header! create the Set-Cookie header instead of manually fiddling with the response headers [#4941 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-12-01 11:58:45 +01:00
José Valim
2826324e56 Revert "Fix AbstractStore so that it preserves Set-Cookie header as an array, rather than as newline separated strings" 
This reverts commit 36b91e34f4.

Conflicts:

	actionpack/test/activerecord/active_record_store_test.rb
 2010-12-01 11:48:31 +01:00
Alexandru Catighera
1681ede605 Fix ActiveRecord calculations when grouped by multiple fields 2010-11-16 11:06:49 -08:00
Tom Stuart
44db47c63e Backport BlankSlate removal from ActiveSupport::BasicObject [#5911 state:resolved] 
This is a backport of dd15a3fee0.

Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
 2010-11-03 11:03:38 +00:00
Andrew White
25139ac92c Don't write out secure cookies unless the request is secure 2010-10-27 15:04:29 +01:00
Andrew White
0e52a609fd Don't create a deprecation proxy object if the variable was passed in local_assigns [#1671 state:resolved] 2010-10-26 12:57:21 +01:00
Aaron Patterson
df78de2bc8 removing space errors 2010-10-21 10:30:18 -07:00
Omar Qureshi
36b91e34f4 Fix AbstractStore so that it preserves Set-Cookie header as an array, rather than as newline separated strings 2010-10-21 10:28:54 -07:00
toby cabot
bdfddb09d7 bug 1108: yield to block provided to find_or_create_by_x 
Starting in 2.3.8 we stopped yielding to blocks passed in to
find_or_create_by_x methods.  This patch restores that behavior and
adds a case to test it.
 2010-10-20 17:23:54 -07:00
toby cabot
fdfc8e3b9c bug 1108: fix a bug with find_or_create_by and additional values 
There was a bug with find_or_create_by_x introduced in 2.3.9 - if you
included extra parameters for the create() then those parameters would
confuse the find() so you'd never get to the create().  This patch
filters the parameters so we only pass to find() the subset that it's
interested in.  The code for the filtering was modelled on the code in
base.rb's method_missing().
 2010-10-20 17:23:54 -07:00
Michael Koziarski
f5ed5c317e Prepare for the 2.3.10 release v2.3.10 2010-10-15 08:41:59 +13:00
Michael Koziarski
96183e0f28 Revert 7d2173ec5c which introduced a security vulnerability. 
This addresses  CVE-2010-3933
 2010-10-15 08:30:34 +13:00
Geoff Buesing
f2e32e4fd7 require 'uri' in action_controller/url_rewriter [#5555 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-10-12 00:58:29 +02:00
Aaron Patterson
8beb84fa33 calling correct method on minitest for test name when teardown callback fails 2010-10-04 09:29:37 -07:00
Aaron Patterson
a448e74661 [#5406 state:resolved] calling the correct method on minitest to obtain the test name 2010-10-04 09:28:21 -07:00
Aaron Patterson
fb526a0470 fixing space errors 2010-09-30 10:29:46 -07:00
Marcelo Giorgi
96c19ff7cc AssociationCollection#include? working properly for objects added with build method [#3472 state:resolved] 2010-09-30 10:28:25 -07:00
Marcelo Giorgi
9b78af95be Remove duplication of conditions generated for associations when used in conjunction with named_scopes [#4634 state: resolved] 2010-09-30 09:04:04 -07:00
Emilio Tagua
5a63df211d Add examples to performance script that were included in version 3. 2010-09-30 09:54:01 -03:00
Emilio Tagua
1851596db5 Use detect instead select to avoid sh [..] command not found. 2010-09-30 09:52:47 -03:00
Marcelo Giorgi
0665182950 Preserving :include options for hmt association with an order but without conditions [#5262 state:resolved] 2010-09-28 09:56:10 -07:00
Ryan Wallace
515917f5d8 Add test to demonstrate failure with eager loading hmt where the association has an order. 2010-09-28 09:54:32 -07:00
Étienne Barrié
bc52d81306 Fix add_index with a symbol #4891 2010-09-27 10:26:01 -07:00
Michael Koziarski
dbbf2fd19c Revert "Makes form_helper use overriden model accessors backport" 
This change introduced breakages and test failures.

This reverts commit 8141f0894e.
 2010-09-27 12:20:54 +13:00
Andrew Kaspick
9476d628a3 memoized protected methods should remain protected 
Signed-off-by: Michael Koziarski <michael@koziarski.com>
 2010-09-27 11:50:54 +13:00
Colin Casey
7240e8af6a Fix for imposed version number as last part of gem directory name for frozen gems 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-24 13:16:51 +02:00
Colin Casey
f2990620d7 Test for imposed version number as last part of gem directory name for frozen gems 
[#4295 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-24 13:16:50 +02:00
W. Andrew Loe III
17f2fb44c0 Only send secure cookies over SSL. 2010-09-14 11:52:40 -07:00