rails

History

Andrew White 24f143789a Add note about using 303 See Other for XHR requests other than GET/POST IE since version 6 and recently Chrome and Firefox have started following 302 redirects from XHR requests other than GET/POST using the original request method. This can lead to DELETE requests being redirected amongst other things. Although it doesn't directly affect the Rails framework since it doesn't return a 302 redirect to any non-GET/POST request a note has been added to raise awareness of the issue. Some references: Original article from @technoweenie: http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/ Hacker News discussion of the article: http://news.ycombinator.com/item?id=2903493 WebKit bug report: https://bugs.webkit.org/show_bug.cgi?id=46183 Firefox bug report and changeset: https://bugzilla.mozilla.org/show_bug.cgi?id=598304 https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d Chrome bug report: http://code.google.com/p/chromium/issues/detail?id=56373 HTTPbis bug report and changeset: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160 http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428 Roy T. Fielding's history of the issue: http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html Automated browser tests for the issue: http://www.mnot.net/javascript/xmlhttprequest/ Fixes #4144		2012-04-30 06:37:19 +01:00
..
conditional_get.rb	Removed max-stale from the setting the cache-headers in the response as max-stale is a cache request header.	2012-03-02 07:22:16 +00:00
cookies.rb	Rename config.cookie_secret to config.secret_token and pass it as configuration in request.env. This is another step forward removing global configuration.	2010-04-05 12:00:24 +02:00
data_streaming.rb	#send_file leans on Rack::Sendfile to X-Accel-Redirect the file's path, so opening the file to set the response body is wasteful. Set a FileBody wrapper instead that responds to to_path and streams the file if needed.	2012-04-12 09:53:00 -07:00
exceptions.rb	Remove obsolete reader from AC::MethodNotAllowed exception class	2012-03-31 00:46:34 +04:00
flash.rb	Move Flash into middleware	2010-01-15 14:55:13 -06:00
force_ssl.rb	Add ActionController::HTTP	2012-03-14 12:46:23 -03:00
head.rb	Add ActionController#head example	2011-10-11 12:31:27 +04:00
helpers.rb	Simplify helpers handling. Ensure Metal can run AC hooks.	2012-03-15 08:48:38 +01:00
hide_actions.rb	cleanup of ActionController::Metal inline documentation	2010-08-26 22:32:40 +02:00
http_authentication.rb	Updated/changed useless tr/gsubs	2012-04-03 15:16:09 +02:00
implicit_render.rb	Use performed? instead of checking for response_body	2012-01-19 18:25:52 -02:00
instrumentation.rb	Log 'Filter chain halted as CALLBACKNAME rendered or redirected' every time a before callback halts.	2011-11-30 09:53:09 +01:00
mime_responds.rb	Remove non-obligatory params in AC respond_to examples	2012-04-03 12:43:13 +06:00
params_wrapper.rb	Use <tt>Foo::Bar</tt> instead of +Foo::Bar+	2012-04-27 00:00:30 -07:00
rack_delegation.rb	Remove a relic of #request being in RackDelegation	2010-06-19 08:19:15 -07:00
redirecting.rb	Add note about using 303 See Other for XHR requests other than GET/POST	2012-04-30 06:37:19 +01:00
renderers.rb	Avoid calling content type multiple times	2012-04-29 11:16:13 +03:00
rendering.rb	format lookup for partials is derived from the format in which the template is being rendered	2012-02-22 11:12:03 -02:00
request_forgery_protection.rb	CSRF messages are no longer controlled by 422.html because InvalidAuthenticityToken is not raised	2012-03-28 16:35:06 -04:00
rescue.rb	Show detailed exceptions no longer returns true if the request is local in production.	2011-12-16 10:45:59 +01:00
responder.rb	Fix AC responder example	2012-04-04 12:40:39 +06:00
streaming.rb	Use <tt>Foo::Bar</tt> instead of +Foo::Bar+	2012-04-27 00:00:30 -07:00
testing.rb	Fix the issue where default_url_options is being cached on test cases. Closes #1872 . Closes #2031 .	2011-08-01 11:49:24 +02:00
url_for.rb	Clean up module docs [ci skip]	2012-03-07 01:04:14 +05:30