github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-01-30 08:48:06 -05:00
Code Issues Packages Projects Releases Wiki Activity
5,564 Commits 34 Branches 105 Tags
v2.0.0_PR
Commit Graph

1017 Commits

Author SHA1 Message Date
David Heinemeier Hansson
7275d2749c Fixed JSON encoding to use quoted keys according to the JSON standard (closes #8762) [choonkat/chuyeow] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7697 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-30 20:57:50 +00:00
David Heinemeier Hansson
826f0bd42f Fixed that strip_tags blows up with invalid html (closes #9730) [lifo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7677 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-29 20:19:33 +00:00
Michael Koziarski
9660360d6b Re-enable Routing optimisation code for _url methods, add defined?(request) to the guard conditions 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7673 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 20:57:39 +00:00
Rick Olson
82ff27766d Better error messages if you leave out the :secret option for request forgery protection. Closes #9670 [rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7671 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 16:50:48 +00:00
Michael Koziarski
c1bdf027d8 Add missing require 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7670 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 16:48:59 +00:00
Rick Olson
5edc81dcc2 Allow ability to disable request forgery protection, disable it in test mode by default. Closes #9693 [lifofifo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7668 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 15:55:45 +00:00
David Heinemeier Hansson
e3b49c052b Fixed spelling errors (closes #9706) [tarmo/rmm5t] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7666 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 14:18:47 +00:00
David Heinemeier Hansson
3c695356ae Fixed the layout defaults (closes #9564) [lifo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7661 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 01:23:20 +00:00
Jeremy Kemper
f08da31a4f Move Railties' Dispatcher to ActionController::Dispatcher, introduce before_ and after_dispatch callbacks, and warm up to non-CGI requests. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7640 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-26 01:24:07 +00:00
David Heinemeier Hansson
82c1fed89f Protect button_to behind protect_from_forgery (closes #9675) [lifo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7636 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-25 16:50:35 +00:00
David Heinemeier Hansson
42d35472b2 Please do remember 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7633 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-25 16:40:56 +00:00
David Heinemeier Hansson
7ca53e1d31 Added another failing test 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7632 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-25 16:37:43 +00:00
David Heinemeier Hansson
2a6f8c99da Doh, forgot this file 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7631 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-25 16:30:38 +00:00
David Heinemeier Hansson
06dd4b3166 Better failing tests 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7630 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-25 15:09:21 +00:00
David Heinemeier Hansson
55a9c86e62 Added failing tests for iphone 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7629 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-25 14:57:15 +00:00
David Heinemeier Hansson
501244fee4 Updated iphone_with_html_response_type to fail as it uses the new register_alias approach 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7625 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-24 23:44:36 +00:00
David Heinemeier Hansson
bdf5672077 Change from InvalidToken to InvalidAuthenticityToken to be more specific 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7623 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-24 23:12:25 +00:00
Jeremy Kemper
40f9fd39f6 Include asset host in public path cache key. Clear cache between asset tag tests. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7617 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-24 19:47:45 +00:00
Jeremy Kemper
4b33306c70 The tag helper may bypass escaping. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7608 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-24 08:13:55 +00:00
Jeremy Kemper
cb5b8a7f05 Optimized named routes respect AbstractRequest.relative_url_root. Closes #9612. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7605 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 22:52:57 +00:00
Jeremy Kemper
6580b3ab00 Remove , and ; (comma and semicolon) from routing separators again. References #8558. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7599 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 21:58:02 +00:00
David Heinemeier Hansson
7d9fe04b1d Fixed cache_page to use the request url instead of the routing options when picking a save path (closes #8614) [josh] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7598 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 21:56:52 +00:00
Jeremy Kemper
a6f49d9b78 Introduce ActionController::Base.rescue_from to declare exception-handling methods. Cleaner style than the case-heavy rescue_action_in_public. Closes #9449. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7597 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 21:56:22 +00:00
Rick Olson
c619003854 Rename some RequestForgeryProtection methods. The class method is now #protect_from_forgery, and the default parameter is now 'authenticity_token'. [Rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7596 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 18:14:44 +00:00
Rick Olson
4e3ed5bc44 Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model that verifies session-specific _tokens for non-GET requests. [Rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7592 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 02:32:55 +00:00
Rick Olson
2d02199e15 Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. Closes #8877. [Rick, lifofifo, Jacques Distler] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7589 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 00:11:08 +00:00
David Heinemeier Hansson
f3bf372630 Test fix (closes #6911) 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7587 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 23:26:22 +00:00
David Heinemeier Hansson
f0dc2774e8 Improve tests (closes #7240) [josh] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7581 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 23:11:45 +00:00
David Heinemeier Hansson
ee45d76df8 Roll back #7578, tests failed 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7580 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 23:10:41 +00:00
David Heinemeier Hansson
9ab8d4d9ed Improve the error message for assert_redirected_to (closes #7337) [sandofsky] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7578 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 22:22:20 +00:00
Michael Koziarski
7573791284 Disable the routing optimisation code when dealing with foo_url helpers. Add test to actionmailer to expose the problem they introduced. References #9450 [Koz] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7572 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 19:20:06 +00:00
David Heinemeier Hansson
da5d8fa6ad Fixed JavaScriptHelper#escape_javascript to also escape closing tags (closes #8023) [rubyruy] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7567 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 18:31:44 +00:00
David Heinemeier Hansson
9686dcdb5b Fixed TextHelper#word_wrap for multiline strings with extra carrier returns (closes #8663) [seth] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7562 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 18:21:54 +00:00
David Heinemeier Hansson
2f8146bc5e Use rel="stylesheet" in lowercase as prescribed by XHTML standards (closes #8910) [RSL] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7558 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 18:01:54 +00:00
David Heinemeier Hansson
39de84d967 Fixed that setting the :host option in url_for would automatically turn off :only_path (since :host would otherwise not be shown) (closes #9586) [Bounga] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7542 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 17:19:26 +00:00
David Heinemeier Hansson
a7764d8fd4 Added FormHelper#label (closes #8641) [jcoglan] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7541 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 17:17:22 +00:00
Jeremy Kemper
28f7de07cb Test CGI::Cookie#to_s. Closes #9624 [tarmo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7535 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-22 09:01:33 +00:00
David Heinemeier Hansson
2ec817c003 Fix tests for atom feed 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7533 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-21 23:42:59 +00:00
David Heinemeier Hansson
8b2439e5e4 Added AtomFeedHelper (slightly improved from the atom_feed_helper plugin) [DHH] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7529 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-21 22:17:35 +00:00
Michael Koziarski
9b468f4cd7 [html-scanner] Fix parsing of empty tags. Closes #7641. [anthony.bailey] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7528 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-21 20:45:49 +00:00
David Heinemeier Hansson
eede82ccb9 Added support for HTTP Only cookies (works in IE6+ and FF 2.0.5+) as an improvement for XSS attacks (closes #8895) [lifo/Spakman] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7525 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-21 15:05:49 +00:00
David Heinemeier Hansson
26238ac173 Submit missing fixture files 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7524 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-21 14:36:33 +00:00
David Heinemeier Hansson
4156497602 Fixed CaptureHelper#content_for to work with the optional content parameter instead of just the block #9434 [sandofsky/wildchild] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7522 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-21 03:40:25 +00:00
Jeremy Kemper
09e76e6aca Autolink behaves well with emails embedded in URLs. Closes #7313. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7516 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-20 20:40:22 +00:00
Jeremy Kemper
835cb43745 Revert [7397]. Reopens #7313. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7515 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-20 08:27:45 +00:00
David Heinemeier Hansson
0d99423727 Fixed that default layouts did not take the format into account #9564 [lifofifo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7514 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-18 23:10:34 +00:00
Jeremy Kemper
8fd263cd4e tag_options creates fewer objects 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7512 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-18 10:55:15 +00:00
Michael Koziarski
7cb26b5d2d Disable optimisation code for UrlWriter as request.host doesn't make sense there. 
Don't try to use the .to_query method when the route has no dynamic segments.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7501 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-17 09:30:18 +00:00
Jeremy Kemper
148202d401 Fixed optimized route segment escaping. Closes #9562. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7487 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-15 22:10:20 +00:00
David Heinemeier Hansson
0b0931e150 Added block-acceptance to JavaScriptHelper#javascript_tag (closes #7527) [BobSilva/tarmo/rmm5t] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7485 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-15 21:34:25 +00:00