TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
41,222 Commits 2 Branches 0 Tags 294 MiB
4a9e54ef35
Commit Graph

41222 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Carlos Antonio da Silva
b4e9577f9b Merge pull request #12462 from jjb/improve_ar_exception_message_formatting 
Improve formatting of ActiveRecord migration exception messages
 2013-12-03 12:10:18 -08:00
Carlos Antonio da Silva
9329f28c6d Merge pull request #13149 from laurocaetano/fix_offset_last 
Fix offset with last.
 2013-12-03 12:07:38 -08:00
Rafael Mendonça França
da633f81eb Remove the escaping skip 
We are generating safe strings in the paragraph, so we can escape the
tags
 2013-12-03 17:26:49 -02:00
Lauro Caetano
2a517e7291 Fix offset with last. 
Closes #7441
 2013-12-03 17:09:58 -02:00
Aaron Patterson
dba82120fe Merge branch 'master-sec' 
* master-sec:
  Deep Munge the parameters for GET and POST
  Stop using i18n's built in HTML error handling.
  Ensure simple_format escapes its html attributes
  Escape the unit value provided to number_to_currency
  Only use valid mime type symbols as cache keys
 2013-12-03 11:01:56 -08:00
John Joseph Bachir
f606153755 ActiveRecord migration exception message formatting 2013-12-03 12:23:43 -05:00
Yves Senn
be5527b8e8 connection.type_to_sql returns a String for unmapped types. 
Closes #13146.

This fixes an error when using:

```
change_colum :table, :column, :bigint, array: true
```
 2013-12-03 17:54:25 +01:00
Carlos Antonio da Silva
7c20a8b558 Changelog improvements [ci skip] 2013-12-03 14:38:12 -02:00
Carlos Antonio da Silva
c55200cbcb Merge pull request #9685 from dimko/patch-2 
Added Date#all_week/month/quarter/year for generating date ranges
 2013-12-03 08:35:27 -08:00
Dimko
18546d4e35 Added Date#all_week/month/quarter/year for generating date ranges 2013-12-03 20:32:20 +04:00
Carlos Antonio da Silva
1441961f16 Merge pull request #12822 from cbartlett/master 
Add support for localized date references
 2013-12-03 08:23:57 -08:00
Carlos Antonio da Silva
05a685eeb7 Merge pull request #13145 from acapilleri/fix_email_example 
fix email regex example code [ci skip]
 2013-12-03 07:47:25 -08:00
Angelo capilleri
f590cdb656 fix email regex example code [ci skip] 
different from the regex in EmailValidator
 2013-12-03 16:44:39 +01:00
Colin Bartlett
029f24ede9 Add support for localized date references 
Ruby's Date class automatically gives us #yesterday, #today,
and #tomorrow. And ActiveSupport has a handy Time.zone.today
for getting a localized version. But there was no localized
version of #yesterday or #tomorrow. Until now.
 2013-12-03 10:37:01 -05:00
Colin Bartlett
59cb9e31fd Use travel_to convention in existing test 2013-12-03 10:37:01 -05:00
Rafael Mendonça França
a04b5ee416 Merge pull request #13143 from joker1007/fix_active_record_callbacks_document_bug 
Fix ActiveRecord::Callbacks sample code [ci skip]
 2013-12-03 06:53:12 -08:00
joker1007
edd93a53fe Fix ActiveRecord::Callbacks sample code [ci skip] 
Callback caller class uses `after_initialize`,
but Callback callee defines `after_find`.

Current sample code causes following error.

  NoMethodError: undefined method `after_initialize' for #<EncryptionWrapper:0x007fe4931fa5c0>
 2013-12-03 23:27:23 +09:00
Carlos Antonio da Silva
5f1e394165 Fix bad usage of #select with hash 2013-12-03 10:45:40 -02:00
Carlos Antonio da Silva
f654c996dc Merge pull request #11643 from vipulnsward/query_cache_clear 
Fix QueryCache to work with nested blocks
 2013-12-03 04:33:52 -08:00
Vipul A M
1ed81e85ca Currently, we clear query_cache in cache block finish, even if we may already have cache true. 
This commit takes into account the last cache_enabled value, before clearing query_cache.
 2013-12-03 17:48:14 +05:30
Yves Senn
b6f189e2f0 Merge pull request #13022 from pwnall/fixture_context 
Introduce a context for rendering fixtures ERB.
 2013-12-03 00:11:24 -08:00
Victor Costan
ddf27acbc2 Introduce a context for rendering fixtures ERB. 
Fixture files are passed through an ERB renderer before being read as
YAML. The rendering is currently done in the context of the main object,
so method definitons leak into other fixtures, and there is no clean
place to define fixture helpers.

After this commit, the ERB renderer will use a new subclass of
ActiveRecord::FixtureSet.context_class each time a fixture is rendered.
 2013-12-03 02:52:26 -05:00
Guillermo Iguaran
abc1e5831c Convert Mime::NullType in a singleton 2013-12-03 02:41:26 -05:00
Guillermo Iguaran
66b1c2d3b5 Cleanups in comment about conditional 2013-12-03 02:34:57 -05:00
Guillermo Iguaran
9ed3aab692 Merge branch 'format_localized_template' of https://github.com/acapilleri/rails 
Conflicts:
	actionpack/CHANGELOG.md
 2013-12-03 02:34:11 -05:00
Angelo capilleri
43962d6ec5 Fix header Content-Type: #<Mime::NullType:...> in localized template 
This PR fixes #13064 regression bug introduced by the #8085

Now in _process_format when the format is a Mime::NullType nothing is written in self.content_type.
In this way the method Response#assign_default_content_type_and_charset can
write the the default mime_type.
 2013-12-03 07:46:39 +01:00
Carlos Antonio da Silva
c48a0cac62 Tidy up previous commit, fix message assertion and improve tests 2013-12-03 00:15:34 -02:00
Nerian
2ebf47aea2 Modify the Hash#assert_valid_keys error message so that it shows the valid keys. Also, show the wrong value as it was entered. 
{ :failore => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: failore
{ 'failore' => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: failore

{ 'failore' => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: "failore". Valid keys are: :failure, :funny

{ :failore => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: :failore. Valid keys are: :failure, :funny

Conflicts:
	activerecord/CHANGELOG.md

Closes #11624.
 2013-12-03 00:12:04 -02:00
Carlos Antonio da Silva
6e905e21b1 Merge pull request #13060 from chancancode/change_log_for_json_refactor 
CHANGELOG for JSON refactor + added back the `encode_big_decimal_as_string` option with warning
 2013-12-02 17:47:29 -08:00
Godfrey Chan
fadc02b732 Added back the encode_big_decimal_as_string option with warning 
Also added the missing CHANGELOG entry for #12183 @ 80e7552073 and
4d02296cfb.
 2013-12-02 17:22:57 -08:00
Carlos Antonio da Silva
735abe93a5 Avoid generating more strings while iterating to create methods 
Use the already existing strings instead of creating a new one each time
just to test if it responds to the methods.
 2013-12-02 22:59:40 -02:00
Michael Koziarski
4e9dd5378b Deep Munge the parameters for GET and POST 
The previous implementation of this functionality could be accidentally
subverted by instantiating a raw Rack::Request before the first Rails::Request
was constructed.

Fixes CVE-2013-6417
 2013-12-02 16:44:27 -08:00
Michael Koziarski
0c7ac34aed Stop using i18n's built in HTML error handling. 
i18n doesn't depend on active support which means it can't use our html_safe
code to do its escaping when generating the spans.  Rather than try to sanitize
the output from i18n, just revert to our old behaviour of rescuing the error
and constructing the tag ourselves.

Fixes: CVE-2013-4491
 2013-12-02 16:42:16 -08:00
Michael Koziarski
bea9c9b4c0 Ensure simple_format escapes its html attributes 
The previous behavior equated the sanitize option for simple_format with the
escape option of content_tag, however these are two distinct concepts.

This fixes CVE-2013-6416

Conflicts:
	actionview/lib/action_view/helpers/text_helper.rb
 2013-12-02 16:42:07 -08:00
Michael Koziarski
b31a7a6f1e Escape the unit value provided to number_to_currency 
Previously the unit values were trusted leading to potential XSS vulnerabilities.

Fixes: CVE-2013-6415
 2013-12-02 16:41:14 -08:00
Aaron Patterson
2e3c3a87d8 Only use valid mime type symbols as cache keys 
CVE-2013-6414
 2013-12-02 16:41:09 -08:00
Rafael Mendonça França
46923cabe1 Merge remote-tracking branch 'origin/master' 2013-12-02 22:36:21 -02:00
Rafael Mendonça França
d7d11f0dab :sicssors: 2013-12-02 22:32:22 -02:00
Rafael Mendonça França
d752ae16ab Options are not optional 2013-12-02 22:32:21 -02:00
Rafael Mendonça França
5c04ca87d8 Make execute priave API 2013-12-02 22:32:21 -02:00
Carlos Antonio da Silva
45f70dca7b Merge pull request #12123 from aredondo/master 
Add regression test for IpSpoofAttackError issue

Closes #10780
 2013-12-02 16:23:45 -08:00
Rafael Mendonça França
d3b93e403b Make load of NumberHelper thread safe 2013-12-02 22:12:36 -02:00
Carlos Antonio da Silva
b42d4c407d Remove note about removed local_constant_names method from guides [ci skip] 2013-12-02 21:42:48 -02:00
Carlos Antonio da Silva
5fdb594f7b Remove dead comment from AS extensions guide [ci skip] 2013-12-02 21:36:09 -02:00
Carlos Antonio da Silva
f3c2c73336 Fix note about class attribute accessors deprecated file [ci skip] 2013-12-02 21:33:31 -02:00
Rafael Mendonça França
fc73ebf332 Merge pull request #10996 from mattdbridges/number-helper-refactor 
Refactor and clean up number helpers

Conflicts:
	activesupport/lib/active_support/number_helper.rb
 2013-12-02 20:50:03 -02:00
Guillermo Iguaran
b40faf423c Merge pull request #13138 from gsamokovarov/remove-cattr-requires 
Remove deprecated cattr_* requires
 2013-12-02 14:30:39 -08:00
Juanito Fatas
b0a3d113a3 Add number and range field to form helpers article 
Also wrap surrounding text to 80 chars.

[ci skip] Closes #13132
 2013-12-02 20:29:32 -02:00
Genadi Samokovarov
6329d9fa8b Remove deprecated cattr_* requires 2013-12-03 00:28:15 +02:00
Rafael Mendonça França
83e4f33ea1 Make ActionView::Tags loading tread safe 2013-12-02 20:27:50 -02:00