- 18 12月, 2015 1 次提交
-
-
由 Derek Prior 提交于
If you're not familiar with how the `Referer` header works, you likely won't understand why you need to provide a fallback or under what circumstances it would be used. Hopefully this clarifies things a bit.
-
- 17 12月, 2015 2 次提交
-
-
由 Derek Prior 提交于
Applications that use `redirect_to :back` can be forced to 500 by clients that do not send the HTTP `Referer` (sic) header. `redirect_back` requires the user to consider this possibility up front and avoids this trivially-caused application error.
-
由 Derek Prior 提交于
`redirect_to :back` is a somewhat common pattern in Rails apps, but it is not completely safe. There are a number of circumstances where HTTP referrer information is not available on the request. This happens often with bot traffic and occasionally to user traffic depending on browser security settings. When there is no referrer available on the request, `redirect_to :back` will raise `ActionController::RedirectBackError`, usually resulting in an application error. `redirect_back` takes a required `fallback_location` keyword argument that specifies the redirect when the referrer information is not available. This prevents 500 errors caused by `ActionController::RedirectBackError`.
-
- 27 8月, 2015 1 次提交
-
-
由 Aaron Patterson 提交于
Since all controller instances are required to have a request and response object, RackDelegation is no longer needed (we always have to delegate to the response)
-
- 07 8月, 2014 1 次提交
-
-
由 Aaron Patterson 提交于
-
- 16 7月, 2014 1 次提交
-
-
由 Santiago Pastorino 提交于
Closes #16170
-
- 07 6月, 2014 1 次提交
-
-
由 Aaron Patterson 提交于
-
- 21 5月, 2014 1 次提交
-
-
由 Laurel Fan 提交于
-
- 14 12月, 2013 1 次提交
-
-
由 Philipe Fatio 提交于
Without parenthesis, ruby assumes that curly braces denote the beginning of a block.
-
- 19 9月, 2013 2 次提交
-
-
由 Derek Prior 提交于
The previous regex was allowing `_` in the URI scheme, which is not allowed by RFC 3986. This change brings the regex in line with the RFC.
-
由 Derek Prior 提交于
In some instances, `assert_redirected_to` assertion was returning an incorrect and misleading failure message when the assertion failed. This was due to a disconnect in how the assertion computes the redirect string for the failure message and how `redirect_to` computes the string that is actually used for redirection. I made the `_compute_redirect_to_loaction` method used by `redirect_to` public and call that from the method `assert_redirect_to` uses to calculate the URL. The reveals a new test failure due to the regex used by `_compute_redirect_to_location` allow `_` in the URL scheme.
-
- 01 2月, 2013 1 次提交
-
-
由 Egor Homakov 提交于
So, if there is redirect_to params[:q] i can send ?q=javascript:asdf()%0A/localpath Or something more nasty, so please use \A
-
- 15 1月, 2013 1 次提交
-
-
由 Carlos Antonio da Silva 提交于
This reverts commit 3fa00070. Reason: This message is usually not accurate and annoying: Redirected by ~/.rbenv/versions/1.9.3-p327-perf/lib/ruby/1.9.1/logger.rb:371:in `add'`
-
- 06 1月, 2013 1 次提交
-
-
由 Chase DuBois 提交于
-
- 13 12月, 2012 1 次提交
-
-
由 Carlos Antonio da Silva 提交于
* Avoid calling class_eval when not needed * Remove helpers_path attr accessor, it's defined as a class attribute a few lines later * Avoid creating extra arrays when finding helpers, use flat_map and sort! * Remove not required refer variable when redirecting :back
-
- 12 12月, 2012 1 次提交
-
-
由 Carlos Antonio da Silva 提交于
-
- 28 10月, 2012 1 次提交
-
-
由 AvnerCohen 提交于
-
- 17 5月, 2012 1 次提交
-
-
由 Jack Dempsey 提交于
-
- 15 5月, 2012 1 次提交
-
-
由 Francesco Rodriguez 提交于
-
- 30 4月, 2012 1 次提交
-
-
由 Andrew White 提交于
IE since version 6 and recently Chrome and Firefox have started following 302 redirects from XHR requests other than GET/POST using the original request method. This can lead to DELETE requests being redirected amongst other things. Although it doesn't directly affect the Rails framework since it doesn't return a 302 redirect to any non-GET/POST request a note has been added to raise awareness of the issue. Some references: Original article from @technoweenie: http://techno-weenie.net/2011/8/19/ie9-deletes-stuff/ Hacker News discussion of the article: http://news.ycombinator.com/item?id=2903493 WebKit bug report: https://bugs.webkit.org/show_bug.cgi?id=46183 Firefox bug report and changeset: https://bugzilla.mozilla.org/show_bug.cgi?id=598304 https://hg.mozilla.org/mozilla-central/rev/9525d7e2d20d Chrome bug report: http://code.google.com/p/chromium/issues/detail?id=56373 HTTPbis bug report and changeset: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/160 http://trac.tools.ietf.org/wg/httpbis/trac/changeset/1428 Roy T. Fielding's history of the issue: http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1997q3/0611.html Automated browser tests for the issue: http://www.mnot.net/javascript/xmlhttprequest/ Fixes #4144
-
- 03 4月, 2012 1 次提交
-
-
由 Jurriaan Pruis 提交于
-
- 16 3月, 2012 1 次提交
-
-
由 Brian Lopez 提交于
add tests for stripping \r\n chars since that's already happening
-
- 05 12月, 2011 2 次提交
-
-
由 Overbryd 提交于
Minor enhancement by not unnecessarely escaping forward slashing within a curly regexp and by mentoining the protocol relative scheme in the internal comment
-
由 Overbryd 提交于
Fix for redirect_to to respect urls with a network path reference like "//asset.host.com/resources/1235" see issue #3856
-
- 26 10月, 2011 1 次提交
-
-
由 Nick Howard 提交于
-
- 04 9月, 2011 1 次提交
-
-
由 Milan Dobrota 提交于
-
- 20 8月, 2011 1 次提交
-
-
由 dharmatech 提交于
-
- 15 6月, 2011 2 次提交
-
-
由 Christine Yen 提交于
-
由 Christine Yen 提交于
-
- 24 9月, 2010 2 次提交
-
-
由 José Valim 提交于
-
由 Nando Vieira 提交于
Signed-off-by: NJosé Valim <jose.valim@gmail.com>
-
- 09 9月, 2010 1 次提交
-
-
由 Mikel Lindsaar 提交于
-
- 03 9月, 2010 1 次提交
-
-
由 José Valim 提交于
Booting a new Rails application does not work after this commit [#5359 state:open] This reverts commit 38a421b3.
-
- 02 9月, 2010 1 次提交
-
-
由 Łukasz Strzałkowski 提交于
Signed-off-by: NJosé Valim <jose.valim@gmail.com>
-
- 17 3月, 2010 1 次提交
-
-
由 wycats 提交于
-
- 27 2月, 2010 1 次提交
-
-
由 Carlhuda 提交于
Including UrlFor in Redirecting and Head will warn usefully if a controller is wired up without a router included (and still support redirect_to "omg")
-
- 26 2月, 2010 1 次提交
-
-
由 Carlhuda 提交于
-
- 22 2月, 2010 1 次提交
-
-
由 José Valim 提交于
-
- 13 1月, 2010 1 次提交
-
-
由 José Valim 提交于
-
- 07 1月, 2010 1 次提交
-
-
由 José Valim 提交于
Remove duplicated url_for code and move methods shared between ActionMailer and ActionController up to AbstractController.
-