- 25 4月, 2012 1 次提交
-
-
由 Jose and Yehuda 提交于
In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964
-
- 24 4月, 2012 3 次提交
-
-
由 Alexey Vakhov 提交于
-
由 Marcelo Casiraghi 提交于
-
由 Alexey Vakhov 提交于
-
- 17 4月, 2012 3 次提交
-
-
由 Rafael Mendonça França 提交于
ActionController::RoutingError are raised in router execution time and can not be rescued in a controller.
-
由 Tieg Zaharia 提交于
-
由 Tieg Zaharia 提交于
-
- 12 4月, 2012 1 次提交
-
-
由 Jorge Bejar 提交于
Add index method to FormBuilder. Useful when you use field_for and need to know the index number into the iteration.
-
- 09 4月, 2012 3 次提交
-
-
由 Frankie Roberto 提交于
'itemscope' is defined within HTML5 for use in microdata markup. See http://www.whatwg.org/specs/web-apps/current-work/multipage/microdata.ht ml#attr-itemscope
-
由 Rafael Mendonça França 提交于
-
由 Santiago Pastorino 提交于
This reverts commit 174cf8b2, reversing changes made to 7ecd6a73. The reverted commit improved the performance in the wrong place, now we have added this 6ddbd184 improvement.
-
- 06 4月, 2012 1 次提交
-
-
由 Rafael Mendonça França 提交于
stringified keys
-
- 05 4月, 2012 2 次提交
-
-
由 Andrey A.I. Sitnik 提交于
-
由 ara.t.howard 提交于
-
- 02 4月, 2012 1 次提交
-
-
由 Sergey Nartimov 提交于
closes #5672
-
- 01 4月, 2012 2 次提交
-
-
由 Alexey Vakhov 提交于
-
由 Alexey Vakhov 提交于
-
- 30 3月, 2012 1 次提交
-
-
由 Santiago Pastorino 提交于
-
- 29 3月, 2012 9 次提交
-
-
由 ayaya 提交于
-
由 Grant Hutchins 提交于
config.action_view.prefix_partial_path_with_controller_namespace This allows you to choose to render @post using /posts/_post.erb instead of /admin/posts/_post.erb inside Admin::PostsController.
-
由 Grant Hutchins 提交于
-
由 Santiago Pastorino 提交于
Closes #5632
-
由 Joe Van Dyk 提交于
-
由 José Valim 提交于
-
由 Piotr Sarnacki 提交于
If embedding auth_token in remote forms is off and we pass a value for auth_token it should respect it.
-
由 Piotr Sarnacki 提交于
Changed default value for `config.action_view.embed_authenticity_token_in_remote_forms` to `false`. This change breaks remote forms that need to work also without javascript, so if you need such behavior, you can either set it to `true` or explicitly pass `:authenticity_token => true` in form options
-
由 Piotr Sarnacki 提交于
There is a regression introduced in 16ee611f, which breaks remote forms that should also work without javascript. This commit introduces config option that allows to configure this behavior defaulting to the old behavior (ie. include authenticity token in remote forms by default) Conflicts: actionpack/CHANGELOG.md
-
- 28 3月, 2012 4 次提交
-
-
由 Aaron Suggs 提交于
-
由 Rafael Mendonça França 提交于
hash. Closes #2492 and #5615
-
由 James Coleman 提交于
See issue #393, issue #4000, issue #5190, and issue #5191. Adds a newline after the textarea opening tag based on @codykrieger's original patch so that we don't cause regressions in Haml-using apps. The regression caused textarea tags to add newlines to the field unintentionally (each update/save added an extra newline.) Also fix 6 more tests that didn't yet have the newline expectation.
-
由 Jens Fahnenbruck 提交于
if you want to read the file you may need to ask if there is something to read from
-
- 27 3月, 2012 6 次提交
-
-
由 Andrey Samsonov 提交于
objectify_options method should be applied to the proper options arg. See explanation and example of the bug - https://github.com/kryzhovnik/rails_field_error_proc_bug_example
-
由 Piotr Sarnacki 提交于
Previously `rendered_format` was set only based on mime types passed in Accept header, which was wrong if first type from Accept was different than rendered partial. The fix is to simply move setting rendered_format to the place where template is available and grab format from the template. If it fails we can fallback to formats passed by Accept header.
-
由 Tim McEwan 提交于
-
由 Piotr Sarnacki 提交于
When someone accidentally passes a string to sanitize like: sanitize("<span>foo</span>", :tags => "b") there is no indication that it's the wrong way and span will not be removed.
-
由 Carlos Antonio da Silva 提交于
Commit: 7a0cf2f5
-
由 Sergey Nartimov 提交于
-
- 26 3月, 2012 1 次提交
-
-
由 Jamie Macey 提交于
By default, resources routes are created with :resource/:id. A model defining to_param can make prettier urls by using something more readable than an integer ID, but since the route picks it up as :id you wind up with awkward User.find_by_username(params[:id]) calls. By overriding the key to be used in @request.params you can be more obvious in your intent.
-
- 23 3月, 2012 2 次提交
-
-
由 Rafael Mendonça França 提交于
-
由 Carlos Antonio da Silva 提交于
Commit 56089ca9 introduced a backward incompatible change by changing the method signature of the FormBuilder. This brings back the same method signature warning in case someone gives a block to the builder. More info: https://github.com/rails/rails/commit/56089ca986c767763f29159c8de0aa1ebabfd4d2#commitcomment-1116166
-