- 07 3月, 2016 2 次提交
-
-
由 yui-knk 提交于
After 9d378747 `ActionDispatch::IntegrationTest` class is loaded and defined in all Rails environments, not only test but also production. This is not-intended loading of a class which is only used in test environment. To prevent not-intended loading, add `ActiveSupport.run_load_hooks` to `ActionDispatch::IntegrationTest` with `action_dispatch_integration_test` name and use it in `ActionMailer`.
-
由 Tony Miller 提交于
It's probably obvious to most, but clarify that `:helper_method` will make both of these methods available to the view.
-
- 05 3月, 2016 1 次提交
-
-
由 Jean Boussier 提交于
-
- 04 3月, 2016 2 次提交
-
-
由 Kasper Timm Hansen 提交于
Forgot to update the documentation on the line just above the one I was changing in 49331322. Well done, Kasper
👍 -
由 Kasper Timm Hansen 提交于
`ActionDispatch::SSL` redirects all HTTP requests to HTTPS, not just some. The `constrain_to` option inverts this, so it sounds like the middleware only handles a few requests, rather than the majority with a few routes to opt out of the redirect. Renaming to `exclude` matches this intent more closely.
-
- 03 3月, 2016 3 次提交
-
-
由 Santosh Wadghule 提交于
-
由 Jon Atack 提交于
Follow-up to #23980. - Fix grammar: "be remove" -> "be removed". - Wrap lines at 80 chars. Lurvely ;-)
-
This reverts changes made to integration tests in PR #23807. The issue happens when using capybara with a driver that needs to start a server in a separate thread like (poltergeist, selenium, etc). Both threads the capybara server one and the test thread end running syncronize over the interlock.
-
- 02 3月, 2016 1 次提交
-
-
由 Max Woolf 提交于
When trying to make a request and the request doesn't have a suitable template, the new error messages are really helpful but there's a small (and I mean, VERY small) typo that has been bugging me for the last few days. This adds the space and restores order to the universe.
❤
-
- 01 3月, 2016 3 次提交
-
-
由 Matthew Draper 提交于
-
由 Matthew Draper 提交于
These should allow external code to run blocks of user code to do "work", at a similar unit size to a web request, without needing to get intimate with ActionDipatch.
-
由 Andrew White 提交于
Allowing :controller and :action values to be specified via the path in config/routes.rb has been an underlying cause of a number of issues in Rails that have resulted in security releases. In light of this it's better that controllers and actions are explicitly whitelisted rather than trying to blacklist or sanitize 'bad' values.
-
- 29 2月, 2016 3 次提交
-
-
由 Genadi Samokovarov 提交于
We only reference the Action Controller error classes by name in ActionDispatch::ExceptionWrapper, so there is no need to explicitly require them. It drops a tiny coupling between Action Dispatch and Action Controller, so it makes me feel warm inside. We still have a lot of others AC requires in the AD code base, but here, we can save it. [ci skip]
-
由 Bart de Water 提交于
-
由 Greg Molnar 提交于
-
- 26 2月, 2016 3 次提交
-
-
由 Rafael Mendonça França 提交于
-
由 Matthew Draper 提交于
This reverts commit 22db455d, reversing changes made to 40be61df. This finishes off what I meant to do in 6216a092.
-
由 Matthew Draper 提交于
This reverts commit 45a75a3f. HWIAs are better than silently deeply-stringified hashes... but that's a reaction to a shortcoming of one particular session store: we should not break the basic behaviour of other, more featureful, session stores in the process. Fixes #23884
-
- 25 2月, 2016 6 次提交
-
-
由 Kasper Timm Hansen 提交于
* Fixes typos in error message and release notes. * Removes unused template test file.
-
由 Godfrey Chan 提交于
1. Conceptually revert #20276 The feature was implemented for the `responders` gem. In the end, they did not need that feature, and have found a better fix (see plataformatec/responders#131). `ImplicitRender` is the place where Rails specifies our default policies for the case where the user did not explicitly tell us what to render, essentially describing a set of heuristics. If the gem (or the user) knows exactly what they want, they could just perform the correct `render` to avoid falling through to here, as `responders` did (the user called `respond_with`). Reverting the patch allows us to avoid exploding the complexity and defining “the fallback for a fallback” policies. 2. `respond_to` and templates are considered exhaustive enumerations If the user specified a list of formats/variants in a `respond_to` block, anything that is not explicitly included should result in an `UnknownFormat` error (which is then caught upstream to mean “406 Not Acceptable” by default). This is already how it works before this commit. Same goes for templates – if the user defined a set of templates (usually in the file system), that set is now considered exhaustive, which means that “missing” templates are considered `UnknownFormat` errors (406). 3. To keep API endpoints simple, the implicit render behavior for actions with no templates defined at all (regardless of formats, locales, variants, etc) are defaulted to “204 No Content”. This is a strictly narrower version of the feature landed in #19036 and #19377. 4. To avoid confusion when interacting in the browser, these actions will raise an `UnknownFormat` error for “interactive” requests instead. (The precise definition of “interactive” requests might change – the spirit here is to give helpful messages and avoid confusions.) Closes #20666, #23062, #23077, #23564 [Godfrey Chan, Jon Moss, Kasper Timm Hansen, Mike Clark, Matthew Draper]
-
由 Prathamesh Sonpatki 提交于
-
由 Prathamesh Sonpatki 提交于
- For old apps which are not setting any value for hsts[:subdomains], a deprecation warning will be shown saying that hsts[:subdomains] will be turned on by default in Rails 5.1. Currently it will be set to false for backward compatibility. - Adjusted tests to reflect this change.
-
由 Egor Homakov 提交于
1) Because if you forget to add Secure; to the session cookie, it will leak to http:// subdomain in some cases 2) Because http:// subdomain can Cookie Bomb/cookie force main domain or be used for phishing. That's why *by default* it must include subdomains as it's much more common scenario. Very few websites *intend* to leave their blog.app.com working over http:// while having everything else encrypted. Yes, many developers forget to add subdomains=true by default, believe me :)
-
由 Abhishek Jain 提交于
-
- 24 2月, 2016 10 次提交
-
-
由 eileencodes 提交于
-
由 Prathamesh Sonpatki 提交于
- Fixes #23822.
-
由 Rafael Mendonça França 提交于
-
由 Rafael Mendonça França 提交于
Abstract Controller is the common component between Action Mailer and Action Controller so if we need to share the caching component it need to be there.
-
由 Stan Lo 提交于
-
由 Stan Lo 提交于
Remove useless helper in ActionDispatch::Caching and fix indentation
-
由 Stan Lo 提交于
-
由 Stan Lo 提交于
Move most caching methods to ActionDispatch::Caching, and let ActionMailer and ActionController to include it
-
由 Stan Lo 提交于
-
- 23 2月, 2016 3 次提交
-
-
由 Jon Moss 提交于
This is meant to provide a way for Action Cable, Sprockets, and possibly other Rack applications to mark themselves as internal, and to exclude themselves from the routing inspector, and thus `rails routes` / `rake routes`. I think this is the only way to have mounted Rack apps be marked as internal, within AD/Journey. Another option would be to create an array of regexes for internal apps, and then to iterate over that everytime a request comes through. Also, I only had the first `add_route` method set `internal`'s default to false, to avoid littering it all over the codebase.
-
由 Rafael Mendonça França 提交于
This will keep our current API working without having the users to change their codebases.
-
由 Mehmet Emin İNAÇ 提交于
After registering new `:json` mime type `parsers.fetch` can't find the mime type because new mime type is not equal to old one. Using symbol of the mime type as key on parsers hash solves the problem. Closes #23766
-
- 22 2月, 2016 1 次提交
-
-
由 Gustavo Villa 提交于
-
- 19 2月, 2016 2 次提交
-
-
由 Benjamin Quorning 提交于
-
由 Benjamin Quorning 提交于
Creating a protected getter method for `@parameters`.
-