Commit Graph

9613 Commits

Author SHA1 Message Date
Calvin Correli
c3e8d15e8b Fix for assigns(:..) resetting template assertions
When calling assigns(:...) or cookies(:...), template assertions would be reset, which they obviously shouldn't be.
2014-11-17 09:49:07 +08:00
Rafael Mendonça França
3c60fb429d Make FlashHash#key? work with symbol and string
Closes #17586
2014-11-11 01:04:06 -02:00
Rafael Mendonça França
091652cae8 Merge pull request #16535 from bf4/patch-1
Allow fallback to LegacyKeyGenerator when secret_key_base is not set but secrets.secret_token is
2014-11-10 20:38:46 -02:00
Godfrey Chan
aa6637d140 Pass the route name explicitly
Follow up to 212057b9. Since that commit, we need to pass the `route_name`
explicitly. This is one of the left-over cases that was not handled in that
commit, which was causing `use_route` to be ignored in functional tests.
2014-11-10 00:31:49 -08:00
Rafael Mendonça França
e16f8e58e7 Merge pull request #17523 from tgxworld/reset_session_after_calling_with_routing
Remove session to allow `with_routing` to be called twice.
2014-11-06 12:02:32 -02:00
Robert Evans
c12fbae932 Removed documentation that still mentioned using respond_with in place
of respond_to. respond_with was moved into the responders gem and deprecated
inside rails, so there is no need to mention it within rails itself.
2014-11-05 20:36:45 -08:00
Guo Xiang Tan
76f5a9afb3 Remove session to allow with_routing to be called twice.
Fixes: https://github.com/rails/rails/issues/16814
2014-11-05 23:38:02 +08:00
Rafael Mendonça França
8602fc5e11 Merge pull request #17480 from gsamokovarov/exception-wrapper-traces
Move DebugExceptions#traces_from_wrapper to ExceptionWrapper
2014-11-04 14:58:07 -02:00
Genadi Samokovarov
c7f2ee2213 Move DebugExceptions#traces_from_wrapper to ExceptionWrapper
ActionDispatch::ExceptionWrapper seems to be the more natural place for
this method to live in.
2014-11-03 19:12:04 +02:00
Benjamin Fleischer
db5f1a46f2 secret_token is now saved in Rails.application.secrets.secret_token
- `secrets.secret_token` is now used in all places `config.secret_token` was
  - `secrets.secret_token`, when not present in `config/secrets.yml`,
    now falls back to the value of `config.secret_token`
  - when `secrets.secret_token` is set, it over-writes
    `config.secret_token` so they are the same (for backwards-compatibility)
  - Update docs to reference app.secrets in all places
    - Remove references to `config.secret_token`, `config.secret_key_base`
- Warn that missing secret_key_base is deprecated
- Add tests for secret_token, key_generator, and message_verifier
  - the legacy key generator is used with the message verifier when
    secrets.secret_key_base is blank and secret_token is set
  - app.key_generator raises when neither secrets.secret_key_base nor
    secret_token are set
  - app.env_config    raises when neither secrets.secret_key_base nor
    secret_token are set
- Add changelog

Run focused tests via
ruby -w -Itest test/application/configuration_test.rb -n '/secret_|key_/'
2014-11-02 21:21:09 -06:00
Pablo Herrero
861b70e92f Call gsub with a Regexp instead of a String for better performance 2014-11-01 20:23:29 -03:00
Godfrey Chan
4daebedcc4 Prepare for 4.2.0.beta4 release 2014-10-30 14:12:24 -07:00
Xavier Noria
810b7914f3 Merge pull request #17440 from claudiob/remove-yet-another-redundant-to-s
Remove redundant `to_s` in interpolation
2014-10-30 19:47:36 +01:00
Aaron Patterson
c6f9518e24 Merge branch 'master-sec'
* master-sec:
  FileHandler should not be called for files outside the root
2014-10-30 11:39:46 -07:00
claudiob
64b09823e6 Remove redundant to_s in interpolation 2014-10-30 08:48:32 -07:00
Xavier Noria
e595d91ac2 edit pass over all warnings
This patch uniformizes warning messages. I used the most common style
already present in the code base:

* Capitalize the first word.

* End the message with a full stop.

* "Rails 5" instead of "Rails 5.0".

* Backticks for method names and inline code.

Also, converted a few long strings into the new heredoc convention.
2014-10-28 17:47:32 -07:00
Xavier Noria
b3bfa361c5 let's warn with heredocs
The current style for warning messages without newlines uses
concatenation of string literals with manual trailing spaces
where needed.

Heredocs have better readability, and with `squish` we can still
produce a single line.

This is a similar use case to the one that motivated defining
`strip_heredoc`, heredocs are super clean.
2014-10-28 16:35:24 -07:00
Godfrey Chan
777142d3a7 Typos in the deprecation message 2014-10-28 11:05:54 -07:00
Godfrey Chan
aa1fadd48f Deprecate the only_path option on *_path helpers.
In cases where this option is set to `true`, the option is redundant and can
be safely removed; otherwise, the corresponding `*_url` helper should be
used instead.

Fixes #17294.

See also #17363.

[Dan Olson, Godfrey Chan]
2014-10-28 09:43:33 -07:00
Andrew White
df0ea90cf1 Merge pull request #16229 from byroot/stop-swallowing-url-generation-errors
UrlGenerationError are not catched as 404 anymore
2014-10-27 22:46:19 +00:00
Jean Boussier
8e1362be3f UrlGenerationError are not catched as 404 anymore 2014-10-27 16:53:10 -04:00
Rafael Mendonça França
d27efbfbf5 Merge pull request #17362 from bronzle/fix_debug_exceptions_app
Show the user’s application in the source window and select the correct ...
2014-10-26 22:04:43 -05:00
Xavier Noria
8d7cf75684 give a better error message for misspelled helpers
See comment in this patch for the rationale.

References #16468
2014-10-25 14:06:33 +02:00
Guillermo Iguaran
0073d274de Use AS secure_compare for CSRF token comparison 2014-10-23 14:54:17 -03:00
Byron Bischoff
dbcbbcf2bc Show the user’s application in the source window and select the correct trace list, closes #17312 2014-10-23 09:53:43 -07:00
Rafael Mendonça França
42130e8572 Merge pull request #17313 from accessd/fix-url-generation-error-message
Fix url generation error message
2014-10-21 11:21:19 -02:00
Accessd
2224bf7992 fix url generation error message 2014-10-21 12:10:48 +04:00
Abdelkader Boudih
aefec3c61a remove duplicate method (_status_code) in action_dispatch 2014-10-19 17:59:07 +00:00
Prathamesh Sonpatki
295621e436 Make _status_code methods nodoc
- Also one minor change for documenting url_for method in ActionController::Metal.
[ci skip]
2014-10-19 22:12:59 +05:30
claudiob
6aa115e41f Replace (slower) block.call with (faster) yield
Performance optimization: `yield` with an implicit `block` is faster than `block.call`.
See http://youtu.be/fGFM_UrSp70?t=10m35s and the following benchmark:

```ruby
require 'benchmark/ips'

def fast
 yield
end

def slow(&block)
 block.call
end

Benchmark.ips do |x|
 x.report('fast') { fast{} }
 x.report('slow') { slow{} }
end

# => fast    154095 i/100ms
# => slow     71454 i/100ms
# =>
# => fast  7511067.8 (±5.0%) i/s -   37445085 in   4.999660s
# => slow  1227576.9 (±6.8%) i/s -    6145044 in   5.028356s
```
2014-10-17 11:46:37 -07:00
Yuutetu
5a10b417cd Fix typo in actionpack/lib/action_dispatch/routing/mapper.rb 2014-10-16 08:50:45 +09:00
Rafael Mendonça França
ba769cc483 Merge pull request #17255 from printercu/cors_exception_wrapper
ActionController::InvalidCrossOriginRequest fails with 422 instead of 500
2014-10-15 16:03:46 -03:00
Nicolas Cavigneaux
1c7dd65637 Use #tr instead of #gsub
`#tr` is more efficient than `#gsub` and can be used as a drop in
replacement in this context.
2014-10-14 22:32:23 +02:00
Max Melentiev
7a7ccc31e7 ActionController::InvalidCrossOriginRequest fails with 422 instead of 500
Fixes #15967
2014-10-14 18:56:51 +03:00
Nicolas Cavigneaux
3041bb2a94 Improve Journey compliance to RFC 3986
The scanner in Journey fails to recognize routes that use literals
from the sub-delims section of RFC 3986.

This commit enhance the compatibility of Journey with the RFC by
adding support of authorized delimiters to the scanner.

Fix #17212
2014-10-14 16:42:50 +02:00
Erik Michaels-Ober
2b6bacd192 Replace Array#shuffle.first with Array#sample 2014-10-13 11:54:04 +01:00
Aaron Patterson
d1123f2056 FileHandler should not be called for files outside the root
FileHandler#matches? should return false for files that are outside the
"root" path.
2014-10-10 16:00:03 -07:00
Stefan Henzen
e86cadc257 Request#check_method no longer breaks when :en is not available locale
Request#check_method would use to_sentence(locale: :en), which breaks when
I18n.available_locales does not include :en and
I18n.enforce_available_locales is true (default).

Inlined to_sentence functionality to solve this.
2014-10-09 15:45:49 +02:00
Neeraj Singh
590efa49cc Rephrasing sentences 2014-10-07 09:23:51 -04:00
Akira Matsuda
fe88af61f6 Responder was removed at ee77770d57de9da87b05a2fe84b9d46ec6852c62 2014-09-30 17:21:48 +09:00
Kasper Timm Hansen
f939904f23 Parse HTML as document fragment.
This is to match the changes in Rails Dom Testing rails/rails-dom-testing#20.
2014-09-29 21:41:52 +02:00
Erik Michaels-Ober
e2b49b203f Use Hash#each_key instead of Hash#keys.each
Hash#keys.each allocates an array of keys; Hash#each_key iterates through the
keys without allocating a new array. This is the reason why Hash#each_key
exists.
2014-09-29 17:27:10 +02:00
Vijay Dev
3a9b3ba082 Merge branch 'master' of github.com:rails/docrails 2014-09-28 06:11:30 +00:00
Rafael Mendonça França
4581d04477 Preparing for 4.2.0.beta2 release 2014-09-26 17:19:53 -03:00
Rafael Mendonça França
4af5899e25 Revert "Merge pull request #16966 from why-el/symbolize-path-params"
This reverts commit 9d05d6de52871e57bfbf54a60de005e8a5f5b0e4, reversing
changes made to 0863c9248fd47a15e88e05ce4fcd80966684c0e3.

The change in the behaviour reported at #16958 doesn't exist since 4.0
and 4.1 works in the same way
2014-09-25 18:07:22 -03:00
Mohamed Wael Khobalatte
f10b38bbc8 Ensure named path params are symbols (Fixes #16958) 2014-09-25 17:40:26 -03:00
Rafael Mendonça França
bc644c54d6 Keep the original implementation to not having to allocate new objects 2014-09-25 17:20:52 -03:00
Gert Goet
2d08fd2506 Remove internal options from query string of paths
Fixes #17057
2014-09-25 17:50:16 +02:00
Steven Harman
6c941ea405 Consistently markup etag options. 2014-09-16 15:24:24 -04:00
Steven Harman
2210521040 Consistently capitalize ETag. 2014-09-16 15:23:24 -04:00