TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
6b9a973154
rails/actionpack/CHANGELOG.md

122 lines
3.4 KiB
Markdown
Raw Normal View History

Add prepend option to protect_from_forgery.
2015-01-05 00:38:54 +00:00
* Allow you to pass `prepend: false` to protect_from_forgery to have the
verification callback appended instead of prepended to the chain.
This allows you to let the verification step depend on prior callbacks.
Example:
class ApplicationController < ActionController::Base
before_action :authenticate
Fix the example
2015-01-08 19:17:03 +00:00
protect_from_forgery prepend: true, unless: -> { @authenticated_by.oauth? }
Add prepend option to protect_from_forgery.
2015-01-05 00:38:54 +00:00
private
def authenticate
if oauth_request?
# authenticate with oauth
@authenticated_by = 'oauth'.inquiry
else
# authenticate with cookies
@authenticated_by = 'cookie'.inquiry
end
end
end
*Josef Šimánek*
Remove ActionController::HideActions (closes #18336)
2015-01-06 20:33:31 +00:00
* Remove `ActionController::HideActions`
*Ravil Bayramgalin*
Remove respond_to/respond_with placeholder methods This functionality has been extracted to the responders gem.
2015-01-04 20:20:17 +00:00
* Remove `respond_to`/`respond_with` placeholder methods, this functionality
has been extracted to the `responders` gem.
*Carlos Antonio da Silva*
Remove deprecated assertion files
2015-01-03 20:39:42 +00:00
* Remove deprecated assertion files.
*Rafael Mendonça França*
Remove deprecated usage of string keys in URL helpers
2015-01-03 20:37:03 +00:00
* Remove deprecated usage of string keys in URL helpers.
*Rafael Mendonça França*
Remove deprecated `only_path` option on `*_path` helpers
2015-01-03 20:34:50 +00:00
* Remove deprecated `only_path` option on `*_path` helpers.
*Rafael Mendonça França*
Remove deprecated `NamedRouteCollection#helpers`
2015-01-03 03:26:36 +00:00
* Remove deprecated `NamedRouteCollection#helpers`.
*Rafael Mendonça França*
Remove deprecated support to define routes with `:to` option that doesn't contain `#`
2015-01-03 03:17:17 +00:00
* Remove deprecated support to define routes with `:to` option that doesn't contain `#`.
*Rafael Mendonça França*
Remove deprecated `ActionDispatch::Response#to_ary`
2015-01-03 02:25:57 +00:00
* Remove deprecated `ActionDispatch::Response#to_ary`.
*Rafael Mendonça França*
Remove deprecated `ActionDispatch::Request#deep_munge`
2015-01-03 02:22:22 +00:00
* Remove deprecated `ActionDispatch::Request#deep_munge`.
*Rafael Mendonça França*
Remove deprecated `ActionDispatch::Http::Parameters#symbolized_path_parameters`
2015-01-03 02:19:29 +00:00
* Remove deprecated `ActionDispatch::Http::Parameters#symbolized_path_parameters`.
*Rafael Mendonça França*
Remove deprecated option `use_route` in controller tests
2015-01-03 02:16:51 +00:00
* Remove deprecated option `use_route` in controller tests.
*Rafael Mendonça França*
Ensure append_info_to_payload is called even if an exception is raised. See: * https://github.com/rails/rails/pull/14903 * https://github.com/roidrage/lograge/issues/37 Some code by mxrguspxrt from #14903.
2014-12-09 09:55:58 +00:00
* Ensure `append_info_to_payload` is called even if an exception is raised.
Fixes an issue where when an exception is raised in the request the additonal
payload data is not available.
See:
Merge pull request #17978 from kommen/fixed-pr-14903 Ensure append_info_to_payload is called even if an exception is raised. Conflicts: actionpack/CHANGELOG.md
2015-01-02 17:16:15 +00:00
* #14903
Ensure append_info_to_payload is called even if an exception is raised. See: * https://github.com/rails/rails/pull/14903 * https://github.com/roidrage/lograge/issues/37 Some code by mxrguspxrt from #14903.
2014-12-09 09:55:58 +00:00
* https://github.com/roidrage/lograge/issues/37
*Dieter Komendera*, *Margus Pärt*
Correctly use the response's status code calling head Commit 20fece1 introduced the `_status_code` method to fix calls to `head :ok`. This method has been added on both ActionController::Metal and ActionDispatch::Response. As for the latter, this method is just equivalent to the `response_code` one so commit aefec3c removed it from the `Reponse` object so call to the `_status_code` method on an ActionController::Base instance would be handled by the `Metal` class (which `Base` inherits from) but the status code is not updated according to the response at this level. The fix is to actually rely on `response_code` for ActionController::Base instances but this method doesn't exist for bare Metal controllers so we need to define it.
2014-12-31 11:21:55 +00:00
* Correctly rely on the response's status code to handle calls to `head`.
*Robin Dupret*
Remove single space response body for head request - The single space response was added due to a bug in safari in https://github.com/rails/rails/commit/cb0f8fda9652c4d24d04693bdb82cecd3b067e5c and https://github.com/rails/rails/commit/807df4fcf021fc4d15972aa1c17ba7398d43ab0d. - This was removed from the `render nothing: true` in https://github.com/rails/rails/pull/14883. - Removing it from response of :head also. As :head is more obvious alternative to call `render nothing: true`(http://guides.rubyonrails.org/layouts_and_rendering.html#using-head-to-build-header-only-responses), removing it from head method also. - Closes #18253.
2014-12-30 15:04:18 +00:00
* Using `head` method returns empty response_body instead
of returning a single space " ".
The old behavior was added as a workaround for a bug in an early
version of Safari, where the HTTP headers are not returned correctly
if the response body has a 0-length. This is been fixed since and
the workaround is no longer necessary.
Fixes #18253.
*Prathamesh Sonpatki*
Merge pull request #18251 from tjgrathwell/fix-polymorphic-routes-to-model Fix form_for to work with objects that implement to_model
2014-12-30 14:15:07 +00:00
* Fix how polymorphic routes works with objects that implement `to_model`.
*Travis Grathwell*
Don't convert empty arrays to nils when deep munging params
2014-09-14 10:22:29 +00:00
* Stop converting empty arrays in `params` to `nil`
This behaviour was introduced in response to CVE-2012-2660, CVE-2012-2694
and CVE-2013-0155
ActiveRecord now issues a safe query when passing an empty array into
a where clause, so there is no longer a need to defend against this type
of input (any nils are still stripped from the array).
*Chris Sinjakli*
cleanup CHANGELOGs. [ci skip]
2014-12-23 07:56:17 +00:00
* Fixed usage of optional scopes in url helpers.
allow URL helpers to work with optional scopes
2014-12-13 20:46:52 +00:00
*Alex Robbin*
cleanup CHANGELOGs. [ci skip]
2014-12-23 07:56:17 +00:00
* Fixed handling of positional url helper arguments when `format: false`.
Fix handling of positional url helper arguments when format is false There is no need to subtract one from the path_params size when there is no format parameter because it is not present in the path_params array. Fixes #17819.
2014-12-13 15:34:41 +00:00
Fixes #17819.
*Andrew White*, *Tatiana Soukiassian*
Start Rails 5 development :tada: We will support only Ruby >= 2.1. But right now we don't accept pull requests with syntax changes to drop support to Ruby 1.9.
2014-11-28 17:00:06 +00:00
Please check [4-2-stable](https://github.com/rails/rails/blob/4-2-stable/actionpack/CHANGELOG.md) for previous changes.
Reference in New Issue Copy Permalink