Commit Graph

557 Commits

Author SHA1 Message Date
Carlos Antonio da Silva
618d5317d3 Move the null mime type to request.format
TLDR: always return an object that responds to the query methods from
request.format, and do not touch Mime::Type[] lookup to avoid bugs.

---

Long version:

The initial issue was about being able to do checks like
request.format.html? for request with an unknown format, where
request.format would be nil.

This is where the issue came from at first in #7837 and #8085
(merged in cba05887dc3b56a46a9fe2779b6b228880b49622), but the
implementation went down the path of adding this to the mime type
lookup logic.

This unfortunately introduced subtle bugs, for instance in the merged
commit a test related to send_file had to be changed to accomodate the
introduction of the NullType.

Later another bug was found in #13064, related to the content-type being
shown as #<Mime::NullType:...> for templates with localized extensions
but no format included. This one was fixed in #13133, merged in
43962d6ec50f918c9970bd3cd4b6ee5c7f7426ed.

Besides that, custom handlers were not receiving the proper template
formats anymore when passing through the rendering process, because of
the NullType addition. That was found while migrating an application
from 3.2 to 4.0 that uses the Markerb gem (a custom handler that
generates both text and html emails from a markdown template).

---

This changes the implementation moving away from returning this null
object from the mime lookup, and still fixes the initial issue where
request.format.zomg? would raise an exception for unknown formats due to
request.format being nil.
2013-12-23 16:16:49 -02:00
Xavier Noria
92f9ff8cc3 converts hashes in arrays of unfiltered params to unpermitted params [fixes #13382] 2013-12-21 01:16:38 +01:00
Jeremy Kemper
c437a98aca Merge pull request #13188 from imanel/skip_deep_munge
Add configuration option to optionally disable deep_munge

Conflicts:
	actionpack/CHANGELOG.md
2013-12-19 23:39:17 -07:00
Ryunosuke SATO
d54bc032c9 Show routes defined under assets prefix
Closes #9625
2013-12-19 09:51:17 -02:00
Jeremy Kemper
1650bb3d56 CSRF protection from cross-origin <script> tags
Thanks to @homakov for sounding the alarm about JSONP-style data leaking
2013-12-17 13:14:17 -07:00
Rafael Mendonça França
1454f2c20a Merge pull request #13290 from strzalek/inline-syntax-docs
Variants inline syntax documentation
2013-12-12 07:59:17 -08:00
Łukasz Strzałkowski
3ce9563d42 Variants inline syntax documentation [ci skip]
* Extend method documentation
  * Mention it in actionpack/CHANGELOG
  * Update release notes
2013-12-12 13:20:45 +01:00
Carlos Antonio da Silva
fe24f3560a Changelog improvements [ci skip] 2013-12-12 08:33:46 -02:00
Trent Ogren
96a6703ed9 Update CHANGELOG entry for Session#fetch
This reverts the changes to CHANGELOG.md in commit
38f8872aa5fd8f0a1d0895e9eb41f73261acd040.
2013-12-11 19:26:45 -06:00
Piotr Sarnacki
e6c602da90 Fix mounting engines inside a resources block
When a route is mounted inside a resources block, it's automatically
prefixed, so a following code:

    resources :users do
      mount Blog::Engine => '/blog'
    end

will generate a user_blog path helper.

In order to access engine helpers, we also use "mounted_helpers", a list
of helpers associated with each mounted engine, so a path to blog's post
can be generated using user_blog.post_path(user, post).

The problem I'm fixing here is that mount used a raw :as option, without
taking nestings into account. As a result, blog was added to a route set
as a `user_blog`, but helper was generated for just `blog`.

This commit applies the proper logic for defining a helper for a mounted
engine nested in resources or resource block.

(closes #8533)
2013-12-10 21:38:41 +01:00
David Heinemeier Hansson
13dd38cee7 Add Mime::Type.register "text/vcard", :vcf to the default list of mime types 2013-12-05 15:49:06 -08:00
Bernard Potocki
e8572cf2f9 Add configuration option to optionally disable deep_munge 2013-12-05 12:08:34 +01:00
Yves Senn
d71c1fc6a7 add missing CHANGELOG entry for d8c6f52. [ci skip]
Discoverd by #13175.
2013-12-05 11:41:12 +01:00
Shota Fukumori (sora_h)
c1d5477b63 Escalate missing error when :raise is true
Before ec16ba75a5493b9da972eea08bae630eba35b62f,
ActionView::Helpers::TranslationHelper#translate has raised errors with
specifying options[:raise] to true.

This should work by this fix:

     begin
       t(:"translations.missing", raise: true)
     rescue I18n::MissingTranslationData
       p :hello!
     end
2013-12-05 09:20:58 +09:00
Rafael Mendonça França
2d061c2c4f Update changelog [ci skip] 2013-12-04 17:48:32 -02:00
Łukasz Strzałkowski
2d3a6a0cb8 Action Pack Variants
By default, variants in the templates will be picked up if a variant is set
and there's a match. The format will be:

  app/views/projects/show.html.erb
  app/views/projects/show.html+tablet.erb
  app/views/projects/show.html+phone.erb

If request.variant = :tablet is set, we'll automatically be rendering the
html+tablet template.

In the controller, we can also tailer to the variants with this syntax:

  class ProjectsController < ActionController::Base
    def show
      respond_to do |format|
        format.html do |html|
          @stars = @project.stars

          html.tablet { @notifications = @project.notifications }
          html.phone  { @chat_heads    = @project.chat_heads }
        end

        format.js
        format.atom
      end
    end
  end

The variant itself is nil by default, but can be set in before filters, like
so:

  class ApplicationController < ActionController::Base
    before_action do
      if request.user_agent =~ /iPad/
        request.variant = :tablet
      end
    end
  end

This is modeled loosely on custom mime types, but it's specifically not
intended to be used together. If you're going to make a custom mime type,
you don't need a variant. Variants are for variations on a single mime
types.
2013-12-04 00:13:16 +01:00
Carlos Antonio da Silva
7c20a8b558 Changelog improvements [ci skip] 2013-12-03 14:38:12 -02:00
Guillermo Iguaran
9ed3aab692 Merge branch 'format_localized_template' of https://github.com/acapilleri/rails
Conflicts:
	actionpack/CHANGELOG.md
2013-12-03 02:34:11 -05:00
Angelo capilleri
43962d6ec5 Fix header Content-Type: #<Mime::NullType:...> in localized template
This PR fixes #13064 regression bug introduced by the #8085

Now in _process_format when the format is a Mime::NullType nothing is written in self.content_type.
In this way the method Response#assign_default_content_type_and_charset can
write the the default mime_type.
2013-12-03 07:46:39 +01:00
Andrew White
d2e1caaab9 Try to escape each part of a path redirect route correctly
A path redirect may contain any and all parts of a url which have different
escaping rules for each part. This commit tries to escape each part correctly
by splitting the string into three chunks - path (which may also include a host),
query and fragment; then it applies the correct escape pattern to each part.

Whilst using `URI.parse` would be better, unfortunately the possible presence
of %{name} parameters in the path redirect string prevents us from using it so
we have to use a regular expression instead.

Fixes #13110.
2013-12-02 05:16:05 +00:00
Lauro Caetano
71d19f1517 Fix stream closing when sending file with ActionController::Live included.
Fixes #12381
2013-11-30 16:06:52 -02:00
Yves Senn
7c6d99e81e first pass through CHANGELOGS to extract 4_1_release_notes. [ci skip]
Extract **notable changes**, **deprecations** and **removals** from
each CHANGELOG.

I tried to reference the commits and pull requests for new features
and deprecations.

In the process I also made some minor changes to the CHANGELOGS.

The 4_1_release_notes guide is declared WIP.
2013-11-28 17:24:15 +01:00
Victor Costan
c759a93454 Better error message for typos in assert_response argument.
This commit makes it really easy to debug errors due to typos like
"assert_response :succezz".
2013-11-25 03:09:02 -05:00
Carlos Antonio da Silva
18964368f3 Improve changelogs
Also make Action Mailer changelog format more consistent with the
others [ci skip]
2013-11-22 08:30:04 -02:00
Yves Senn
f71cbb81ff unify punctuation in Action Pack changelog. [ci skip] 2013-11-21 18:10:38 +01:00
Sıtkı Bağdat
6701b4cf41 Fix for routes task
This commit fixes formatting issue for `rake routes` task, when a section is shorter than a header.
2013-11-21 18:35:58 +02:00
chocoby
04907b64ac Fix CHANGELOG typo [ci skip] 2013-11-15 22:22:49 +09:00
Andrey Ognevsky
d04c4fac3b Take Hash with options inside Array in #url_for 2013-11-15 15:50:42 +04:00
Damien Mathieu
38f8872aa5 session#fetch doesn't behave exactly like Hash#fetch.
Mention it in the changelog and add a test checking for regressions.

Hash#fetch isn't adding the defaultly returned value.
However, in the session, saving it is the behavior we should expect.

See discussion in #12692
2013-10-30 15:04:22 +01:00
Damien Mathieu
84c9f4164b add the fetch method to sessions 2013-10-29 20:37:15 +01:00
Robin Dupret
cbb32ec244 Add a changelog entry for #12656 [ci skip] 2013-10-27 16:03:38 +01:00
Caleb Spare
cd78d72526 Make remote_ip detection properly handle private IPv6 addresses
Fixes #12638.
2013-10-26 12:28:44 -07:00
Rafael Mendonça França
6c570648ad Merge pull request #10471 from andyw8/button_to_params
Add params option for button_to

Conflicts:
	actionpack/CHANGELOG.md
2013-10-24 18:02:19 -02:00
Rafael Mendonça França
6ac677fd87 Improve the CHANGELOG entry [ci skip] 2013-10-24 14:43:07 -02:00
Tima Maslyuchenko
1ea072f88c update CHANGELOG 2013-10-24 10:46:57 +03:00
Andrew White
9dbd208562 Respect SCRIPT_NAME when using redirect with a relative path
Example:
    # application routes.rb
    mount BlogEngine => '/blog'

    # engine routes.rb
    get '/admin' => redirect('admin/dashboard')

This now redirects to the path `/blog/admin/dashboard`, whereas before it
would've generated an invalid url because there would be no slash between
the host name and the path. It also allows redirects to work where the
application is deployed to a subdirectory of a website.

Fixes #7977
2013-10-10 13:03:26 +01:00
Yves Senn
2b21bddc9e add dots after Fixes #YYYYY in actionpack CHANGELOG. [ci skip] 2013-10-09 11:49:12 +02:00
BlueHotDog
8642c2aadc Fixing repond_with working directly on the options hash
This fixes an issue where the respond_with worked directly with the given
options hash, so that if a user relied on it after calling respond_with,
the hash wouldn't be the same.

Fixes #12029
2013-10-09 12:36:26 +03:00
Andrew White
28b4ffc379 Add changlog entry for #10844 2013-09-30 12:51:37 +01:00
kennyj
277918e61a Strong parameters should permit nested number as key. Closes #12293 2013-09-27 03:53:45 +09:00
Derek Prior
a78c10d3c7 Fix regex used to find URI schemes in redirect_to
The previous regex was allowing `_` in the URI scheme, which is not
allowed by RFC 3986. This change brings the regex in line with the RFC.
2013-09-19 09:23:20 -04:00
Derek Prior
1dacfbabf3 Fix incorrect assert_redirected_to failure message
In some instances, `assert_redirected_to` assertion was returning an
incorrect and misleading failure message when the assertion failed.
This was due to a disconnect in how the assertion computes the redirect
string for the failure message and how `redirect_to` computes the
string that is actually used for redirection.

I made the `_compute_redirect_to_loaction` method used by `redirect_to`
public and call that from the method `assert_redirect_to` uses to
calculate the URL.

The reveals a new test failure due to the regex used by
`_compute_redirect_to_location` allow `_` in the URL scheme.
2013-09-19 09:23:20 -04:00
Andy Waite
e6e0579def Add params option for button_to
The parameters are rendered as hidden form fields within the generated
form. This is useful for when a record has multiple buttons associated
with it, each of which target the same controller method, but which
need to submit different attributes.
2013-09-18 19:56:46 +01:00
kennyj
0cc6508120 Fix an issue where router can't recognize downcased url encoding path. 2013-09-19 02:43:22 +09:00
Ricardo de Cillo
1413ee991c Custom flash should be defined only for the class that defines it and it's subclasses. 2013-09-13 10:19:29 -03:00
Rafael Mendonça França
b262248997 Add CHANGELOG entry for #12149
[ci skip]
2013-09-12 19:22:06 -03:00
José Valim
a41669563b Remove BasicRendering and remove template functionality from AbsC::Rendering 2013-09-09 12:33:53 -03:00
Carlos Antonio da Silva
701664b56b Improve AP changelog regarding AV extraction [ci skip] 2013-08-26 23:46:28 -03:00
Łukasz Strzałkowski
44bc45b014 Update AP changelog 2013-08-25 11:40:10 +02:00
Kir Shatrov
a725a453b3 Display exceptions in text format for xhr request 2013-08-22 22:20:34 +04:00
Nicholas Jakobsen
55cbb85fb7 Execute conditional procs on controller filters only for current action.
:only and :except options for controller filters are now added before
:if and :unless. This prevents running :if and :unless procs when not
on the specified. Closes #11786.
2013-08-10 09:13:20 -07:00
Ryan McGeary
51520a75d5 Pass assert_dom_equal message arg to underlying assertion
#assert_dom_equal and #assert_dom_not_equal both take a "failure"
message argument, but this argument was not utilized.
2013-08-04 11:18:46 -04:00
Andrew White
4db0637d55 Allow overriding of all headers from passed environment hash
Allow REMOTE_ADDR, HTTP_HOST and HTTP_USER_AGENT to be overridden from
the environment passed into `ActionDispatch::TestRequest.new`.

Fixes #11590
2013-07-25 07:54:57 +01:00
Andrew White
e5275f9b59 Clear named routes when routes.rb is reloaded
Fix an issue where Journey was failing to clear the named routes hash when the
routes were reloaded and since it doesn't overwrite existing routes then if a
route changed but wasn't renamed it kept the old definition. This was being
masked by the optimised url helpers so it only became apparent when passing an
options hash to the url helper.
2013-07-21 17:11:52 +01:00
Andrew White
1555a1800e Skip Rack applications and redirects when generating urls
When generating an unnamed url (i.e. using `url_for` with an options
hash) we should skip anything other than standard Rails routes otherwise
it will match the first mounted application or redirect and generate a
url with query parameters rather than raising an error if the options
hash doesn't match any defined routes.

Fixes #8018
2013-07-16 13:39:17 +01:00
Yves Senn
5bee14f3a4 move MissingHelperError out of the ClassMethods module. 2013-07-12 15:34:29 +02:00
Piotr Niełacny
e0438b1c07 Show real LoadError on helpers require
When helper try to require missing file rails will throw exception about
missing helper.

  # app/helpers/my_helper.rb

  require 'missing'

  module MyHelper
  end

And when we try do load helper

  class ApplicationController
    helper :my
  end

Rails will throw exception. This is wrong because there is a helper
file.

  Missing helper file helpers/my_helper.rb

Now when helper try to require non-existed file rails will throw proper
exception.

  No such file to load -- missing
2013-07-10 11:26:43 +02:00
Paul Nikitochkin
f6746c0245 Use Request#raw_post instead Request#body
In order to get raw_post to be not empty after
ParamsParser#parse_formatted_parameters,
added rewinding of body stream input on parsing json params.

Closes #11345
2013-07-08 01:48:35 +03:00
Yamagishi Kazutoshi
ce89251bb2 Space is not required for Set-Cookie header 2013-07-05 15:40:14 +09:00
Carlos Antonio da Silva
bf12c35087 Remove deprecated Rails application fallback for integration testing
Set ActionDispatch.test_app instead.
2013-07-02 22:59:59 -03:00
Francesco Rodriguez
fa45401b82 Remove page_cache_extension deprecated method 2013-07-01 22:09:11 -05:00
Carlos Antonio da Silva
4b97ce5eb1 Remove deprecated constants from Action Controller
ActionController::AbstractRequest  => ActionDispatch::Request
  ActionController::Request          => ActionDispatch::Request
  ActionController::AbstractResponse => ActionDispatch::Response
  ActionController::Response         => ActionDispatch::Response
  ActionController::Routing          => ActionDispatch::Routing
  ActionController::Integration      => ActionDispatch::Integration
  ActionController::IntegrationTest  => ActionDispatch::IntegrationTest
2013-07-01 22:20:23 -03:00
Xavier Defrang
9fd0c605b9 Verify that route constraints respond to the expected messages instead of silently failing to enforce the constraint 2013-06-28 15:54:48 +02:00
Carlos Antonio da Silva
dd9d869746 Merge pull request #11000 from sbeckeriv/accept_header
Fix undefined method `ref' for nil:NilClass for bad accept headers
2013-06-25 19:34:20 -03:00
Akshay Khole
444d3412b9 Fixing Issue #11083
Removing other occurrences of `the` appearing twice
2013-06-25 16:47:29 +05:30
Andrew White
37b4276dbf Fix shorthand routes where controller and action are in the scope
Merge `:action` from routing scope and assign endpoint if both `:controller`
and `:action` are present. The endpoint assignment only occurs if there is
no `:to` present in the options hash so should only affect routes using the
shorthand syntax (i.e. endpoint is inferred from the the path).

Fixes #9856
2013-06-25 06:04:26 +01:00
Piotr Sarnacki
50311f1391 Don't remove trailing slash from PATH_INFO for mounted apps
Previously when app was mounted as following:

    class Foo
      def call(env)
        [200, {}, [env['PATH_INFO']]]
      end
    end

    RackMountRailsBug::Application.routes.draw do
      mount RackTest.new => "/foo"
    end

trailing slash was removed from PATH_INFO. For example requesting

    GET /foo/bar/

on routes defined above would result in a response containing "/foo/bar"
instead of "/foo/bar/".

This commit fixes the issue.

(closes #3215)
2013-06-21 08:56:19 +02:00
Łukasz Strzałkowski
d1fb5d5949 Adjust changelog for AV & AP 2013-06-20 19:06:52 +02:00
Stephen Becker IV
8ffd139edd Fix undefined method `ref' for nil:NilClass for bad accept headers 2013-06-19 06:29:52 -07:00
Rafael Mendonça França
2d2f35ddf2 Add CHANGELOG entry for #10969
[ci skip]
2013-06-16 21:37:46 -03:00
Vasiliy Ermolovich
782cee5377 collection tags accept html attributes as the last element of collection 2013-06-16 17:58:34 +03:00
Alex Peattie
a89bdc04ba Update the HTML boolean attributes per the HTML 5.1 spec
- Add attributes `allowfullscreen`, `default`, `inert`, `sortable`,
`truespeed`, `typemustmatch`.
- Fix attribute `seamless` (previously misspelled `seemless`).
- Use `assert_dom_equal` instead of `assert_equal` in test.
2013-06-14 23:47:21 +01:00
Bryan Ricker
3c516c4b52 Allow numbers in partial name for digesting
Add failing test for template with number at the end

Use \w for RENDER_DEPENDENCY regex

Spacing

Add CHANGELOG entry
2013-05-06 18:30:29 -07:00
Rafael Mendonça França
feb44b9213 rails/master is now 4.1.0.beta 2013-04-29 13:15:24 -03:00
Rafael Mendonça França
faa2c71dee Revert "Merge pull request #10337 from eimermusic/fix_template_digestor_lookup"
This reverts commit b4239622afc4f3f73808fd0c97512f3a534e07dd, reversing
changes made to f99ce3c188f5dde57e2ff63e6a22363c62f0a4cd.

Reason: This broke the build
https://travis-ci.org/rails/rails/jobs/6629894
2013-04-25 11:14:22 -03:00
Rafael Mendonça França
b4239622af Merge pull request #10337 from eimermusic/fix_template_digestor_lookup
Fix ActionView::Digestor to correctly pass format to LookupContext

Conflicts:
	actionpack/CHANGELOG.md
2013-04-25 10:22:51 -03:00
Andrew White
f99ce3c188 Add support for extra options to force_ssl
This commit adds support for passing additional url options along
with a :status option and any of the flash-related options to
`redirect_to` (i.e. :flash, :alert & :notice).

Closes #7570.
2013-04-25 13:45:52 +01:00
Martin Westin
9a79c13c45 AV Digestor correctly passes format to LookupContext
ActionView::Digestor now passes arguments correctly to
LookupContext::find method. This makes cache digests
respect the format option correctly.

FixtureFinder in tests also changed to reflect this.
2013-04-25 09:52:04 +02:00
Andrew White
8227bf7ee9 Use request.fullpath to build redirect url in force_ssl
The `force_ssl` command now builds the redirect url from `request.fullpath`.
This ensures that the format is maintained and it doesn't redirect to a route
that has the same parameters but is defined earlier in `routes.rb`. Also any
optional segments are maintained.

Fixes #7528.
Fixes #9061.
Fixes #10305.
2013-04-25 08:33:21 +01:00
Lewis Marshall
ec462b4de7 Return a 405 response for unknown HTTP methods 2013-04-22 14:31:10 +01:00
Andrew White
222011dbee Add CHANGELOG entries - closes #10180, #10185 2013-04-18 17:12:40 +01:00
Rafael Mendonça França
1692732271 Merge pull request #10173 from nashby/element-attributes
options_from_collection_for_select helper takes html attributes
2013-04-16 14:02:14 -07:00
Yves Senn
c245437de7 use unified and clean formatting in CHANGELOGS. [ci skip] 2013-04-12 15:52:43 +02:00
Vasiliy Ermolovich
0778290b57 options_from_collection_for_select helper takes html attributes
as the last element of the array
2013-04-11 14:15:33 +03:00
Rafael Mendonça França
096ee1594d Improve the changelog entry [ci skip] 2013-04-05 16:43:04 -03:00
Ryan McGeary
48dc5192ef Fix explicit names on multiple file fields
If a file field tag is passed the multiple option, it is turned into an
array field (appending "[]"), but if the file field is passed an
explicit name as an option, leave the name alone (do not append "[]").

Fixes #9830
2013-04-05 15:32:56 -04:00
Sam Pohlenz
4bb26dd7b2 Add block support for the helper 2013-04-03 14:42:48 +10:30
Santiago Pastorino
f9d23b3848 Merge pull request #9978 from trevorturk/cookie-store-auto-upgrade
Cookie-base session store auto-upgrade
2013-04-01 08:10:34 -07:00
Carlos Antonio da Silva
6ee17918e1 Improve AP changelog entry about layout method with nil return
Add a note about getting the "no layout" behavior by returning "false"
to make it easier for people that might need to change their code.

Related to #8458. [ci skip]
2013-03-30 15:48:39 -03:00
Trevor Turk
274a3aa64c Allow transparent upgrading of legacy signed cookies to encrypted cookies; Automatically configure cookie-based sessions to use the best cookie jar given the app's config 2013-03-28 14:38:36 -05:00
Prathamesh Sonpatki
48a80f30bb Removed unused variable in proc
* This unused variable is already removed from the code here. d18e8b1a3839c5c214e96c7e37e0d86febe15f99

 * So removing it from CHANGELOG to be consistent with code
2013-03-28 20:43:25 +05:30
Rafael Mendonça França
e7438501d6 Merge pull request #8458 from lucisferre/improve-layout-override-fallback-behavior
Provides standard layout lookup behavior for method and proc cases

Conflicts:
	actionpack/CHANGELOG.md
2013-03-27 16:09:12 -03:00
Chris Nicola
ef27bba63d Provides standard layout lookup behavior for method and proc cases
When setting the layout either by referencing a method or supplying a
Proc there is no way to fall back to the default lookup behavior if
desired. This patch allows fallback to the layout lookup behavior when
returning nil from the proc or method.
2013-03-27 10:59:50 -07:00
Jeremy Kemper
b3e08f25ef Tender love for #9909 ❤️ 2013-03-24 22:59:36 -07:00
Trevor Turk
0190cba99c Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4 2013-03-24 18:20:24 -05:00
Trevor Turk
a2b7c0e69d Raise an ArgumentError when a clashing named route is defined 2013-03-19 23:23:55 -05:00
schneems
334549b4a5 Fix improperly configured host in generated urls
If the host in `default_url_options` is accidentally set with a protocol such as 

```
host: "http://example.com"
``` 

then the generated url will have the protocol twice `http://http://example.com` which is not what the user intended. Likely they wanted to define a host `host: "example.com"` and a `protocol: "http://"` but did not know the convention.

This may not the most common problem, but when it happens it can go undetected for a while. I accidentally added `http://` out of habit recently only to find all the links in my emails were broken after deploying a demo site to production. Rather than allow this accident go undetected, we can fix the problem in line by properly setting the protocol and host.


I was able to find this related question on stack overflow: http://stackoverflow.com/questions/5878329/rails-3-devise-how-do-i-make-the-email-confirmation-links-use-secure-https-n where the answer was highly upvoted.

This is based off of work in #7415 cc/ @pixeltrix

ATP Action Mailer and Action Pack
2013-03-19 12:34:49 -05:00
Brad Dunbar
95332abe09 Digest auth should not 500 when given a basic header. 2013-03-18 14:50:47 -04:00
Juan Barreneche
cecbf5dd4d Include I18n fallbacks in :locale lookup context 2013-03-16 21:27:13 -03:00
Yves Senn
41a14dcd10 Http::Headers directly modifies the passed environment.
The env hash passed to `Http::Headers#new` must be in env format.
Also be aware that the passed hash is modified directly.

docs and test-cases for setting headers/env in functional tests.

Follow up to #9700.
2013-03-15 10:13:49 +01:00
Yves Senn
9af59b2468 allow headers and env to be passed in IntegrationTest.
Closes #6513.
2013-03-13 16:41:00 +01:00
Yves Senn
8945be464f Http::Headers respects headers that are not prefixed with HTTP_ 2013-03-13 16:27:47 +01:00
Yves Senn
a58e660837 Use "Fixes" in place of "Fix" in changelogs for consistency [ci skip]. 2013-03-09 20:57:17 +01:00
Olek Janiszewski
8e05a6f638 Fix incorrectly appended square brackets to a multiple select box
If an explicit name has been given and it already ends with "[]"

Before:

    select(:category, [], {}, multiple: true, name: "post[category][]")
    # => <select name="post[category][][]" ...>

After:

    select(:category, [], {}, multiple: true, name: "post[category][]")
    # => <select name="post[category][]" ...>
2013-03-08 19:01:32 +01:00
Carlos Antonio da Silva
a049631380 Move AP changelog entry to the top [ci skip] 2013-03-07 20:15:49 -03:00
Justin Coyne
73deb3af23 Allow use of assert_template with the :file option.
This worked in Rails 3.2, but was a regression in 4.0.0.beta1
2013-03-01 07:22:38 -06:00
Rafael Mendonça França
c4f2f5b9d7 Improve the CHANGELOG entry
[ci skip]
2013-02-28 18:31:46 -03:00
Rafael Mendonça França
fae2e4d05d Merge pull request #9366 from killthekitten/fix-content_for-regression
Fix for #9360 content_for regression
2013-02-28 13:28:50 -08:00
Carlos Antonio da Silva
a3894380eb Minor changelog improvement [ci skip] 2013-02-28 08:41:53 -03:00
Yves Senn
afddc0409e format: true does not override existing format constraints.
Closes #9466.

Passing `format: true` used to override the constraints: { format: /json/ }
with `/.+/`. This patch only sets the format if there is no constraint present.
2013-02-27 19:57:41 +01:00
Yves Senn
794cbf3e38 allow non-String default params in the router.
Closes #9435.

Skip valid encoding checks for non-String parameters that come
from the matched route's defaults.
2013-02-26 21:53:48 +01:00
Yves Senn
09d9f04d08 the router allows String contraints.
Closes #9432.
2013-02-26 21:09:49 +01:00
Rafael Mendonça França
e24e086ef1 Move the CHANGELOG entry to the proper place
[ci skip]
2013-02-26 14:16:55 -03:00
Rafael Mendonça França
28bebb225f Merge pull request #9434 from zires/dev
Journey::Path::Pattern#new raise more meaningful exception message.
2013-02-26 09:15:43 -08:00
zires
35f38b71df Make ActionDispatch::Journey::Path::Pattern#new raise more meaningful exception message. 2013-02-27 08:26:51 +08:00
Rafael Mendonça França
0f75e2c51f Update CHANGELOGS 2013-02-26 13:45:57 -03:00
Nikolay Shebanov
371a5f2d73 Fix #9360 regression in content_for 2013-02-25 20:03:37 +04:00
David Heinemeier Hansson
c0bc9ce38c Preparing for 4.0.0.beta1 release 2013-02-25 08:31:50 -06:00
grosser
149e3cd376 fix respond_to without blocks not working if one of the blocks is all 2013-02-24 11:47:20 -05:00
Xavier Noria
c9c5656950 registers the encrypted session store in the AP changelog 2013-02-23 23:46:37 +01:00
Carlos Antonio da Silva
1fbfdf5e1b Changelog improvements, use 1.9 style hash in examples [ci skip] 2013-02-22 19:44:50 -03:00
Xavier Noria
4b48a75230 completes pass over the AP changelog [ci skip] 2013-02-21 21:18:25 +01:00
Xavier Noria
29927df3d3 tweaks to the AP changelog [ci skip] 2013-02-21 21:17:17 +01:00
Andrew White
f4b506f60a Merge pull request #9361 from senny/improved_match_shorthand_syntax
determine the match shorthand target early.
2013-02-21 11:36:15 -08:00
Santiago Pastorino
3893979524 Revert "Revert "Merge pull request #4803 from lucascaton/master""
This reverts commit 6871bd9818a9a7d9d8c7e21e253d64c0410fde1d.
2013-02-21 15:34:02 -02:00
Yves Senn
c88ee76928 determine the match shorthand target early.
Closes #7554.

This patch determines the `controller#action` directly
in the `match` method when the shorthand syntax is used.
this prevents problems with namespaces and scopes.
2013-02-21 17:44:31 +01:00
Carlos Antonio da Silva
b20823ba41 Remove not necessary changelog about time zone array mutation
This seemed to be introduced in master by
9dd64f2e0c1b3ce85b503b0f81c50c93f89ffbcd, so there's no need to add a
changelog entry for fixing it.

[ci skip]
2013-02-21 13:32:34 -03:00
Xavier Noria
e2096e8882 tweaks to the AP changelog [ci skip] 2013-02-21 17:30:00 +01:00
Santiago Pastorino
6871bd9818 Revert "Merge pull request #4803 from lucascaton/master"
This reverts commit bb842e8d2111e50b21a14b8bd6d89371a4b9cd68, reversing
changes made to 40c287c7983c20c498f6a8a2ea49e9a6455347f7.
This was causing issues in one of our apps we just upgraded.
ActionController::RoutingError: No route matches [GET]
"/images/favicon.ico"
favicon_link_tag now returns '/images/favicon.ico' and in 3.2 returned
'/favicon.ico'
Browsers by default look for favicon.ico in the root directory

Conflicts:
	actionpack/CHANGELOG.md
	actionpack/lib/action_view/helpers/asset_tag_helper.rb
2013-02-20 15:51:51 -02:00
Prem Sichanugrist
c9909db9f2 Remove XML Parser from ActionDispatch
If you want an ability to parse XML parameters, please install
`actionpack-xml_parser` gem.
2013-02-20 08:46:44 -05:00
Brian McManus
5c73f0d398 Fix time_zone_options_for_select to not mutate TimeZones array
Previous implementation of time_zone_options_for_select did not dup the
ActiveSupport::TimeZone.all array.  When :priority_zones were provided
the method would reject! the zones from the memoized TimeZones array
thus affecting future requests to the server.  Essentially whatever
zones were specified as :priority_zones would show up for the first
request but then disappear from the time zone options on future
requests.
2013-02-19 17:51:23 -08:00
Xavier Noria
ff259b5249 moves a CHANGELOG entry from AR to AP 2013-02-19 17:32:32 +01:00
Steve Klabnik
d3b836ac4a Add message when you have no routes defined.
Print a message in both `rake routes` and at GET "/rails/info/routes"
that lets you know you have no routes defined, as well as linking to the
Rails Guide on the topic.
2013-02-18 16:09:37 -08:00
Carlos Antonio da Silva
b1c72a3675 Improve changelog entry from #9221 [ci skip] 2013-02-11 11:37:17 -02:00
thenickcox
dd9f8bc847 Improve img alt attribute for screen readers
Currently, the img_alt method in ActionView keeps underscores
in the alt attribute. Because underscores are pronounced in
Apple's VoiceOver Utility, this has serious implications for
accessibility. This patch makes underscored or hyphenated file
names (both common in projects) read more naturally in screen
readers by replacing them with spaces. See method documentation
for details.

Added documentation to image_alt method
2013-02-09 20:29:52 -08:00
Rafael Mendonça França
f14dcc058e Update actionpack/CHANGELOG.md
[ci skip]
2013-02-06 18:01:32 -02:00
Yves Senn
69f28a7d8d ruby constant syntax is not supported as routing :controller option.
The current implementation only works correctly if you supply the `:controller`
with directory notation (eg. `:controller => 'admin/posts'`).

The ruby constant notation (eg. `:controller => 'Admin::Posts`) leads to unexpected problems with `url_for`.

This patch prints a warning for every non supported `:controller` option. I also added documentation how
to work with namespaced controllers. The warning links to that documentation in the rails guide.
2013-02-06 20:56:09 +01:00
Yves Senn
cce94e7232 partials inside directory work with assert_template
previously when a partial was placed inside a directory
(eg. '/dir/_partial'), `assert_template` did not replace
the '_' prefix when looking through rendered tempaltes,
which resulted in an error.

I modified it to replace both, the leading '_' and the last '_'
after a '/'.
2013-02-04 14:46:50 +01:00
Steve Klabnik
f2c7a5d5df Fix markdown syntax in actionpack CHANGELOG.
Starting a line with an octothorpe makes an <h1>
2013-02-01 11:33:31 -08:00
Semyon Perepelitsa
540ebe37cd Fix content_tag_for with array html option.
It would embed array as string instead of joining it like `content_tag` does:

    content_tag(:td, class: ["foo", "bar"]){}
    #=> '<td class="foo bar"></td>'

Before:

    content_tag_for(:td, item, class: ["foo", "bar"]){}
    #=> '<td class="item [&quot;foo&quot;, &quot;bar&quot;]" id="item_1"></td>'

After:

    content_tag_for(:td, item, class: ["foo", "bar"]){}
    #=> '<td class="item foo bar" id="item_1"></td>'
2013-01-31 01:28:57 +08:00
Guillermo Iguaran
673915035d Changelog about BestStandardsSupport removal 2013-01-29 16:35:03 -05:00
Akira Matsuda
c38515693a s/ERb/ERB/ 2013-01-29 14:16:30 +09:00
Carlos Antonio da Silva
68f69ec31e Move AS changelog entry to the top, improve AP changelog a bit
[ci skip]
2013-01-28 19:40:18 -02:00
Michiel Sikkes
489138802c Added a Changelog entry for fixing HEAD requests. 2013-01-28 21:29:21 +01:00
Piotr Sarnacki
351b0d9092 Update actionpack's CHANGELOG for 445f14e 2013-01-21 21:53:06 +01:00
schneems
8b72d689e3 In Browser Path Matching with Javascript
When debugging routes ,it can sometimes be difficult to understand exactly how the paths are matched. This PR adds a JS based path matching widget to the `/rails/info/routes` output. You can enter in a path, and it will tell you which of the routes that path matches, while preserving order (top match wins).

The matching widget in action:

![](http://f.cl.ly/items/3A2F0v2m3m1Z1p3P3O3k/path-match.gif)

Prior to this PR the only way to check matching paths is via mental math, or typing in a path in the url bar and seeing where it goes. This feature will be an invaluable debugging tool by dramatically decreasing the time needed to check a path match. 

ATP actionpack
2013-01-20 23:10:24 -06:00
Carlos Antonio da Silva
f12f08d61f Fix markdown formatting to highlight block in changelog [ci skip] 2013-01-20 21:45:05 -02:00
Xavier Noria
cbec22ce57 strong parameters filters permitted scalars 2013-01-20 17:59:53 +01:00
Carlos Antonio da Silva
038574a538 Deprecate direct calls to AC::RecordIdentifier.dom_id and dom_class
Also add some generic tests to ensure they're properly deprecated.
2013-01-16 23:09:36 -02:00
Edward Anderson
7925884b5e Remove header bloat introduced by BestStandardsSupport middleware
The same headers were being duplicated on every request.
2013-01-15 19:16:08 -05:00
Andrew White
f1d8f2af72 Change the behavior of route defaults
This commit changes route defaults so that explicit defaults are no
longer required where the key is not part of the path. For example:

  resources :posts, bucket_type: 'posts'

will be required whenever constructing the url from a hash such as a
functional test or using url_for directly. However using the explicit
form alters the behavior so it's not required:

  resources :projects, defaults: { bucket_type: 'projects' }

This changes existing behavior slightly in that any routes which
only differ in their defaults will match the first route rather
than the closest match.

Closes #8814
2013-01-15 17:22:25 +00:00
Andrew White
90d2802b71 Add support for other types of routing constraints
This now allows the use of arrays like this:

  get '/foo/:action', to: 'foo', constraints: { subdomain: %w[www admin] }

or constraints where the request method returns an Fixnum like this:

  get '/foo', to: 'foo#index', constraints: { port: 8080 }

Note that this only applies to constraints on the request - path
constraints still need to be specified as Regexps as the various
constraints are compiled into a single Regexp.
2013-01-15 17:21:33 +00:00
Andrew White
b28fc685a9 Ensure port is set when passed via the process method 2013-01-15 17:21:33 +00:00
Colin Burn-Murdoch
1fecaf15d7 Rename :value option to :selected, in line with other select helpers
Add tests for time & datetime.
Add documentation.
2013-01-14 19:49:07 +00:00
Colin Burn-Murdoch
aea3820261 Allow value to be set on date_select 2013-01-13 21:03:21 +00:00
Dylan Smith
bae92681be Fix json params parsing regression for non-object JSON content.
Fixes #8845.
2013-01-11 00:28:32 -05:00
Yves Senn
3e1ed7818b extract PerformanceTest into rails-performance_tests gem 2013-01-10 17:09:06 +01:00
Jamis Buck
70e684a681 view_cache_dependency API
A declarative API for specifying dependencies that affect template
cache digest computation. In your controller, specify any of said
dependencies:

  view_cache_dependency { "phone" if using_phone? }

When the block is evaluated, the resulting value is included in the
cache digest calculation, allowing you to generate different digests
for effectively the same template. (Mostly useful if you're mucking
with template load paths.)
2013-01-08 11:20:47 -07:00
Nihad Abbasov
0f8f75c81a set 'alt' attribute for image_submit_tag 2013-01-08 15:56:47 +04:00
Carlos Antonio da Silva
c67005f221 Do not generate local vars for partials without object or collection
Previously rendering a partial without giving :object or :collection
would generate a local variable with the partial name by default.

This was noticed due to warnings in Ruby 2.0 of not used variables,
which turned out to be the generation of not used variables inside
partials that do not contain objects related to them.
2013-01-08 09:15:20 -02:00
Carlos Antonio da Silva
6cc42464fe Action Pack changelog improvements [ci skip] 2013-01-05 11:42:23 -02:00
Yves Senn
80795e02ca display mountable engine routes on RoutingError. 2013-01-05 14:31:03 +01:00
Matt Bridges
f6364e454a Typo and grammar fixes in the ActionPack CHANGELOG 2013-01-03 10:30:11 -06:00
Andre Arko
75dcdbc84e Restore original remote_ip algorithm.
Proxy servers add X-Forwarded-For headers, resulting in a list of IPs. We
remove trusted IP values, and then take the last given value, assuming that
it is the most likely to be the correct, unfaked value. See [1] for a very
thorough discussion of why that is the best option we have at the moment.

[1]: http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection/

Fixes #7979
2013-01-02 15:26:27 -08:00
Carlos Antonio da Silva
9f200fb296 Changelog improvements [ci skip] 2013-01-02 21:11:11 -02:00
Yves Senn
0b2ce7d955 do not append a second slash when using 2013-01-02 21:11:16 +01:00
Gosha Arinich
bb932d5e98 allow toggling dumps instead of just showing 2013-01-02 16:12:51 +03:00
Rafael Mendonça França
7e2ef18b51 Make content_tag_for work without block
This is version of #8640 for master
2013-01-02 09:17:54 -03:00
Guillermo Iguaran
c113a2f0f6 Add CHANGELOG entry for changes in exception pages 2013-01-01 13:29:04 -05:00
Yves Senn
b8c2f3c769 charset should not be appended for head responses
1) Failure:
    test_head_created_with_image_png_content_type(RenderTest) [test/controller/render_test.rb:1238]:
    Expected: "image/png"
      Actual: "image/png; charset=utf-8"
2012-12-31 16:08:36 +01:00
Rafael Mendonça França
5d80da812b Fix CHANGELOG style [ci skip] 2012-12-26 12:19:09 -03:00
Angelo Capilleri
c2267db383 return Mime::NullType if format is unknown
If a request has an unknown format, the methods html?, xml?, json? ...etc
not raise an Exception.

This patch add a class Mime::NullType, that is returned when  request.format is unknown
and it responds false to the methods that ends with '?' and true to 'nil?'.

It refers to #7837, this issue is considered a improvement not a bug.
2012-12-22 09:18:08 +01:00
Guillermo Iguaran
a8ad694a86 Fix CHANGELOG entry about scope change
I missed attribution on this 😳
2012-12-20 04:21:34 -05:00
Andrew White
56fee39c39 Integrate Journey into Action Dispatch
Move the Journey code underneath the ActionDispatch namespace so
that we don't pollute the global namespace with names that may
be used for models.

Fixes rails/journey#49.
2012-12-19 22:13:08 +00:00
Carlos Antonio da Silva
939ff86139 Move changelog entry to the top [ci skip] 2012-12-19 13:22:03 -02:00
Nick Reed
cf9d9450ec Remove obfuscation support from mail_to helper
Removes support for :encode, :replace_at, and :replace_dot
options from the mail_to helper. Support for these options
has been extracted to the 'actionview-encoded_mail_to' gem.
2012-12-18 22:39:12 -06:00
Vasiliy Ermolovich
0a6d8fbe17 handle protocol option in stylesheet_link_tag and javascript_include_tag
closes #8388
2012-12-18 11:16:17 +03:00
Carlos Antonio da Silva
df9f9b7f3e Convert changelogs to 1.9 hash style and fix some formatting [ci skip] 2012-12-14 20:25:22 -02:00
Rafael Mendonça França
414b1c3da6 Merge pull request #8497 from acapilleri/conditional_cache
Removed :if / :unless conditions to fragment cache in favour of *cache_i...
2012-12-14 13:57:53 -03:00
Angelo capilleri
83223424b3 Removed :if and :unless from fragment cache option in favour of
cache_if(condition, option, &block) and cache_unless(condition, option, &block).

In the PR #8371 was introduced  conditional options :if and :unless in
the cache method.

    Example:

      <%= cache @model, if: some_condition(@model) do %>
        ...
      <%end%>

This is a good feature but *cache_if* and and *cache_unless*
are more concise and close to the standard of rails view helpers
(ex: link_to_if and link_to_unless).

    Example:

      <%= cache_if condition, @model do %>
      ...
      <%end%>
2012-12-14 17:51:52 +01:00
Andrew White
01d3a36bfe Clear url helper methods when routes are reloaded
Remove all the old url helper methods when clear! is called on the
route set because it's possible that some routes have been removed.
2012-12-14 13:22:36 +00:00
Andrew White
a16da3f25f Revert "Clear url helpers when reloading routes"
This doesn't actually remove old url helper methods as they are
defined in a different module.

This reverts commit 96bcef947bf713b7d9fc88f26dff69f568111262.

Conflicts:
	actionpack/CHANGELOG.md
2012-12-14 13:19:50 +00:00
Matt Venables
991601ff6e Fix rewinding in ActionDispatch::Request#raw_post
If env['RAW_POST_DATA'] is nil, #raw_post will attempt to set it to
the result of #body (which will return env['rack.input'] if
env['RAW_POST_DATA'] is nil). #raw_post will then attempt to rewind
the result of another call to #body. Since env['RAW_POST_DATA'] has
already been set, the result of #body is not env['rack.input'] anymore.
This causes env['rack.input'] to never be rewound.
2012-12-11 16:57:21 -05:00
Rafael Mendonça França
d9039cd960 Move new CHANGELOG entry to the top 2012-12-10 17:34:35 -03:00
Rafael Mendonça França
b04fe4c539 Merge pull request #8476 from sheerun/fix/multipart-get
Prevent raising EOFError on multipart GET request.
2012-12-10 12:28:41 -08:00
Adam Stankiewicz
bc254cc235 Prevent raising EOFError on multipart GET request.
Such request can happen on Internet Explorer. When we redirect
after multipart form submission, the request type is changed
to GET, but Content-Type is preserved as multipart. GET request
cannot have multipart body and that caused Rails to fail.

It's similar fix to Rack's one:
8025a4ae94/lib/rack/request.rb (L224)
2012-12-10 21:23:59 +01:00
David Heinemeier Hansson
7b50dc5316 Fix README 2012-12-07 19:08:38 +01:00
David Heinemeier Hansson
9d62e04838 Rename all action callbacks from *_filter to *_action 2012-12-07 18:54:44 +01:00
Andrew White
af73e3cb15 Revert "Invert precedence of content in ActionDispatch::Static"
This reverts commit c59734f756b79c39486c45273d2cc5d42cd0c864.
2012-12-07 06:02:43 +00:00
Andrew White
c59734f756 Invert precedence of content in ActionDispatch::Static
This commit inverts the precedence in ActionDispatch::Static so that
dynamic content will be served before static content. This is so that
precompiled assets do not inadvertently get included when running in
development mode - it should have no effect in production where static
files are usually handled by the web server.

Closes #6421
2012-12-06 17:20:53 +00:00
Fabrizio Regini
6b014a4580 Allow fragment cache to accept :if and :unless options
[Stephen Ausman + Fabrizio Regini]
2012-12-05 14:58:38 +01:00
Fabrizio Regini
86e3aaab93 Adding filter capability to ActionController logs 2012-12-05 11:07:14 +01:00
Maura Fitzgerald
4243de6a04 Fixed issue where routes with globs caused constraints on that glob to
be ignored. A regular expression constraint gets overwritten when the
routes.rb file is processed. Changed the overwriting to an ||= instead
of an = assignment.
2012-12-04 14:42:09 +00:00
Yves Senn
60b525c751 More descriptive error when rendering a partial with :layout => true 2012-12-02 16:26:45 +01:00
Rafael Mendonça França
ec17f0d352 Add CHANGELOG entries for the observes extraction
[ci skip]
2012-11-29 01:08:36 -02:00
Drew Ulmer
e969ba955d Add CHANGELOG entry for opt-out option of automatic template digesting 2012-11-27 12:14:03 -06:00
Sergey Kojin
0195d6138b No sort Hash options in #grouped_options_for_select 2012-11-27 20:04:37 +04:00
Elia Schito
5d8faa683e Accept symbols as #send_data :disposition value 2012-11-27 00:21:12 +01:00
Steve Klabnik
aa996c3c07 @steveklabnik can't spell 'distance.' 2012-11-26 10:51:08 -08:00
Steve Klabnik
512a8c7363 Add changelog for #7997.
This was forgotten when we did the merge.
2012-11-26 10:47:42 -08:00