- 02 4月, 2018 2 次提交
-
-
由 Yuji Yaginuma 提交于
Fix typo in rails-ujs HTML content test
-
由 Raymond Zhou 提交于
`</ps>` is not a valid closing tag for `<p>`.
-
- 01 4月, 2018 8 次提交
-
-
由 Kasper Timm Hansen 提交于
Use consistent spacing in actionview helper docs
-
由 Olivier Lacan 提交于
The spacing in these comments is fairly inconsistent. Array argument contents are often separated with a space from the array literal brackets but in several cases the Hash literal curly braces are tangent to their contents which makes the documentation harder to read in some cases.
-
由 Kasper Timm Hansen 提交于
Pass HTML responses as plain-text in rails-ujs
-
由 Kasper Timm Hansen 提交于
Change temporary file name extension while editing encrypted file.
-
由 Andrew White 提交于
Remove leftover blank sqlite3 file after in memory handler tests.
-
由 utilum 提交于
-
由 Ryuta Kamizono 提交于
Move implementation of `before?` and `after?` to `DateAndTime::Calculations`
-
由 Eileen M. Uchitelle 提交于
Fix two-level database configurations with URLs
-
- 31 3月, 2018 22 次提交
-
-
由 Xavier Noria 提交于
Remove needless images in guides
-
由 bogdanvlviv 提交于
This prevents duplication of code. Prevent duplication of tests by moving them to `DateAndTimeBehavior`. Related to #32185.
-
由 Yoshiyuki Hirano 提交于
-
由 Yoshiyuki Hirano 提交于
-
由 Andrew White 提交于
Deriving `secret_key_base` breaks `key_generator` defined in 5.1.
-
由 Eugene Kenny 提交于
An entry in `ActiveRecord::Base.configurations` can either be a connection spec ("two-level") or a hash of specs ("three-level"). We were detecting two-level configurations by looking for the `database` key, but the database can also be specified as part of the `url` key, which meant we incorrectly treated those configurations as three-level.
-
由 Andrew White 提交于
[ci skip] Use Oxford comma style in guide
-
由 Yoshiyuki Kinjo 提交于
If one created Rails 5.1 app and then updated to 5.2, `secret_key_base` defined in `config/secrets.yml` is ignored for `development` and `test` environment. A change in `secret_key_base` in turn breaks `Rails.application.key_generator`. If one encrypt data in Rails 5.1, she cannot decrypt it in Rails 5.2 for `development` and `test` environment.
-
由 Andrew White 提交于
Fix: FileStoreTest#test_filename_max_size fails in Ruby 2.5.1
-
由 utilum 提交于
-
由 Andrew White 提交于
The text is a continuation of the sentence before the listing so doesn't need to begin with a capital letter. This reverts commit 77a7acaf.
-
由 Yoshiyuki Hirano 提交于
-
由 Andrew White 提交于
[ci skip] Capitalize sentence of first char in AS guide
-
由 Ryuta Kamizono 提交于
Add earlier releases v3.0, v3.1 in guides
-
由 Yoshiyuki Hirano 提交于
-
由 Ryuta Kamizono 提交于
Remove useless stylesheet file in guide
-
由 Andrew White 提交于
-
由 Ryuta Kamizono 提交于
[ci skip] Modify twitter api link in api guide
-
由 Yoshiyuki Hirano 提交于
* The twitter developer site's url was changed.
-
由 Yoshiyuki Hirano 提交于
-
由 Yoshiyuki Hirano 提交于
-
由 Andrew White 提交于
Use current_config in structure_dump
-
- 30 3月, 2018 8 次提交
-
-
由 Guillermo Iguaran 提交于
Deprecate controller level force_ssl
-
由 Derek Prior 提交于
Today there are two common ways for Rails developers to force their applications to communicate over HTTPS: * `config.force_ssl` is a setting in environment configurations that enables the `ActionDispatch::SSL` middleware. With this middleware enabled, all HTTP communication to your application will be redirected to HTTPS. The middleware also takes care of other best practices by setting HSTS headers, upgrading all cookies to secure only, etc. * The `force_ssl` controller method redirects HTTP requests to certain controllers to HTTPS. As a consultant, I've seen many applications with misconfigured HTTPS setups due to developers adding `force_ssl` to `ApplicationController` and not enabling `config.force_ssl`. With this configuration, many application requests can be served over HTTP such as assets, requests that hit mounted engines, etc. In addition, because cookies are not upgraded to secure only in this configuration and HSTS headers are not set, it's possible for cookies that are meant to be secure to be sent over HTTP. The confusion between these two methods of forcing HTTPS is compounded by the fact that they share an identical name. This makes finding documentation on the "right" method confusing. HTTPS throughout is quickly becomming table stakes for all web sites. Sites are expected to operate over HTTPS for all communication, sensitive or otherwise. Let's encourage use of the broader-reaching `ActionDispatch::SSL` middleware and elminate this source of user confusion. If, for some reason, applications need to expose certain endpoints over HTTP they can do so by properly configuring `config.ssl_options`.
-
由 Andrew White 提交于
Remove expired explanation [ci skip]
-
由 Andrew White 提交于
-
由 Shia 提交于
Override callback doesn't work anymore.
-
由 Ryuta Kamizono 提交于
Adding missing extension for `cattr_accessor` method
-
由 Wojciech Wnętrzak 提交于
-
-