* Added ActionController.filter_parameter_logging that makes it easy to remove passwords, credit card numbers, and other sensitive information from being logged when a request is handled #1897 [jeremye@bsa.ca.gov]
*1.13.3* (March 12th, 2007)
* Apply [5709] to stable.
* session_enabled? works with session :off. #6680 [Catfish]
* Performance: patch cgi/session to require digest/md5 once rather than per #create_new_id. [Stefan Kaes]
* link_to_unless_current works with full URLs as well as paths. #6891 [Jarkko Laine, manfred, idrifter]
* Fix HTML::Node to output double quotes instead of single quotes. Closes #6845 [mitreandy]
* Fix no method error with error_messages_on. Closes #6935 [nik.wakelin Koz]
* Slight doc tweak to the ActionView::Helpers::PrototypeHelper#replace docs. Closes #6922 [Steven Bristol]
* Slight doc tweak to #prepend_filter. Closes #6493 [Jeremy Voorhis]
* Add more extensive documentation to the AssetTagHelper. Closes #6452 [Bob Silva]
* Clean up multiple calls to #stringify_keys in TagHelper, add better documentation and testing for TagHelper. Closes #6394 [Bob Silva]
* [DOCS] fix reference to ActionController::Macros::AutoComplete for #text_field_with_auto_complete. Closes #2578 [Jan Prill]
* Make sure html_document is reset between integration test requests. [ctm]
* Set session to an empty hash if :new_session => false and no session cookie or param is present. CGI::Session was raising an unrescued ArgumentError. [Josh Susser]
* Fix assert_redirected_to bug where redirecting from a nested to to a top-level controller incorrectly added the current controller'snesting.Closes#6128.[RickOlson]
*AddedGET-masquaradingforHEAD,sorequest.methodwillreturn:getevenforHEADs.Thiswillhelpanyonerelyingoncaserequest.methodtoautomaticallyworkwithHEADandmap.resourceswillalsoallowHEADstoallGETactions.RailsautomaticallythrowsawaytheresponsecontentinareplytoHEAD,soyoudon't even need to worry about that. If you, for whatever reason, still need to distinguish between GET and HEAD in some edge case, you can use Request#head? and even Request.headers["REQUEST_METHOD"] for get the "real" answer. Closes #6694 [DHH]
*1.13.0 RC1* (r5619, November 22nd, 2006)
* Update Routing to complain when :controller is not specified by a route. Closes #6669. [Nicholas Seckar]
* Ensure render_to_string cleans up after itself when an exception is raised. #6658 [rsanheim]
* Update to Prototype and script.aculo.us [5579]. [Sam Stephenson, Thomas Fuchs]
*Deprecatedtheauto-appendingof.pngtoAssetTagHelper#image_tagcallsthatdoesn't have an extension [DHH]
* Fixed FormOptionsHelper#select to respect :selected value #5813
* Fixed TextHelper#simple_format to deal with multiple single returns within a single paragraph #5835 [moriq@moriq.com]
* Fixed TextHelper#pluralize to handle 1 as a string #5909 [rails@bencurtis.com]
* Improved resolution of DateHelper#distance_of_time_in_words for better precision #5994 [Bob Silva]
* Changed that uncaught exceptions raised any where in the application will cause RAILS_ROOT/public/500.html to be read and shown instead of just the static "Application error (Rails)" [DHH]
* Added deprecation language for pagination which will become a plugin by Rails 2.0 [DHH]
* Added deprecation language for in_place_editor and auto_complete_field that both pieces will become plugins by Rails 2.0 [DHH]
* Deprecated all of ActionController::Dependencies. All dependency loading is now handled from Active Support [DHH]
*Integrationtests:headersbeginningwithXaren't excluded from the HTTP_ prefix, so X-Requested-With becomes HTTP_X_REQUESTED_WITH as expected. [Mike Clark]
* Switch to using FormEncodedPairParser for parsing request parameters. [Nicholas Seckar, DHH]
* respond_to .html now always renders #{action_name}.rhtml so that registered custom template handlers do not override it in priority. Custom mime types require a block and throw proper error now. [Tobias Luetke]
* Deprecation: test deprecated instance vars in partials. [Jeremy Kemper]
* Add UrlWriter to allow writing urls from Mailers and scripts. [Nicholas Seckar]
*Deprecation! @params, @session, @flash will be removed after 1.2. Use the corresponding instance methods instead. You'll get printed warnings during tests and logged warnings in dev mode when you access either instance variable directly. [Jeremy Kemper]
*Makeactioncachingawareofdifferentformatsforthesameactionsothat,e.g.foo.xmliscachedseparatelyfromfoo.html.Implicitlysetcontenttypewhenreadingincachedcontentwithmimerevealingextensionssotheentireonousisn't on the webserver. [Marcel Molina Jr.]
* Restrict Request Method hacking with ?_method to POST requests. [Rick Olson]
* Fixed the new_#{resource}_url route and added named route tests for Simply Restful. [Rick Olson]
* Added map.resources from the Simply Restful plugin [DHH]. Examples (the API has changed to use plurals!):
*Fixstrip_linkssothatitdoesn't hang on multiline <acronym> tags [Jamis Buck]
* Remove problematic control chars in rescue template. #5316 [Stefan Kaes]
* Make sure passed routing options are not mutated by routing code. #5314 [Blair Zajac]
* Make sure changing the controller from foo/bar to bing/bang does not change relative to foo. [Jamis Buck]
* Escape the path before routing recognition. #3671
* Make sure :id and friends are unescaped properly. #5275 [me@julik.nl]
* Rewind readable CGI params so others may reread them (such as CGI::Session when passing the session id in a multipart form). #210 [mklame@atxeu.com, matthew@walker.wattle.id.au]
* Added Mime::TEXT (text/plain) and Mime::ICS (text/calendar) as new default types [DHH]
* Added Mime::Type.register(string, symbol, synonyms = []) for adding new custom mime types [DHH]. Example: Mime::Type.register("image/gif", :gif)
* Added support for Mime objects in render :content_type option [DHH]. Example: render :text => some_atom, :content_type => Mime::ATOM
* Add :status option to send_data and send_file. Defaults to '200OK'. #5243 [Manfred Stienstra <m.stienstra@fngtps.com>]
* Routing rewrite. Simpler, faster, easier to understand. The published API for config/routes.rb is unchanged, but nearly everything else is different, so expect breakage in plugins and libs that try to fiddle with routes. [Nicholas Seckar, Jamis Buck]
* Cope with missing content type and length headers. Parse parameters from multipart and urlencoded request bodies only. [Jeremy Kemper]
* Accept multipart PUT parameters. #5235 [guy.naor@famundo.com]
* Added interrogation of params[:format] to determine Accept type. If :format is specified and matches a declared extension, like "rss" or "xml", that mime type will be put in front of the accept handler. This means you can link to the same action from different extensions and use that fact to determine output [DHH]. Example:
class WeblogController < ActionController::Base
def index
@posts = Post.find :all
respond_to do |format|
format.html
format.xml { render :xml => @posts.to_xml }
format.rss { render :action => "feed.rxml" }
end
end
end
# returns HTML when requested by a browser, since the browser
# has the HTML mimetype at the top of its priority list
Accept: text/html
GET /weblog
# returns the XML
Accept: application/xml
GET /weblog
# returns the HTML
Accept: application/xml
GET /weblog.html
# returns the XML
Accept: text/html
GET /weblog.xml
All this relies on the fact that you have a route that includes .:format.
* Expanded :method option in FormTagHelper#form_tag, FormHelper#form_for, PrototypeHelper#remote_form_for, PrototypeHelper#remote_form_tag, and PrototypeHelper#link_to_remote to allow for verbs other than GET and POST by automatically creating a hidden form field named _method, which will simulate the other verbs over post [DHH]
* Added :method option to UrlHelper#link_to, which allows for using other verbs than GET for the link. This replaces the :post option, which is now deprecated. Example: link_to "Destroy", person_url(:id => person), :method => :delete [DHH]
* Diff compared options with #assert_redirected_to [Rick]
* Add support in routes for semicolon delimited "subpaths", like /books/:id;:action [Jamis Buck]
* Change link_to_function and button_to_function to (optionally) take an update_page block instead of a JavaScript string. Closes #4804. [zraii@comcast.net, Sam Stephenson]
* Modify routing so that you can say :require => { :method => :post } for a route, and the route will never be selected unless the request method is POST. Only works for route recognition, not for route generation. [Jamis Buck]
* Added :add_headers option to verify which merges a hash of name/value pairs into the response'sheadershashiftheprerequisitescannotbesatisfied.[SamStephenson]
* Fixed that remote_form_for can leave out the object parameter and default to the instance variable of the object_name, just like form_for [DHH]
* Added ActionController.filter_parameter_logging that makes it easy to remove passwords, credit card numbers, and other sensitive information from being logged when a request is handled. #1897 [jeremye@bsa.ca.gov]
* Fixed that real files and symlinks should be treated the same when compiling templates. #5438 [zachary@panandscan.com]
* Add :status option to send_data and send_file. Defaults to '200OK'. #5243 [Manfred Stienstra <m.stienstra@fngtps.com>]
* Update documentation for erb trim syntax. #5651 [matt@mattmargolis.net]
* Short documentation to mention use of Mime::Type.register. #5710 [choonkeat@gmail.com]
*1.12.3* (June 28th, 2006)
* Fix broken traverse_to_controller. We now:
Look for a _controller.rb file under RAILS_ROOT to load.
If we find it, we require_dependency it and return the controller it defined. (If none was defined we stop looking.)
If we don'tfindit,welookfora.rbfileunderRAILS_ROOTtoload.Ifwefindit,anditloadsaconstantwekeeplooking.