rails--rails/actionpack/CHANGELOG.md

*   Ensure the controller is always notified as soon as the client disconnects
    during live streaming, even when the controller is blocked on a write.

    *Nicholas Jakobsen*, *Matthew Draper*

*   Routes specifying 'to:' must be a string that contains a "#" or a rack
    application.  Use of a symbol should be replaced with `action: symbol`.
    Use of a string without a "#" should be replaced with `controller: string`.

*   Fix URL generation with `:trailing_slash` such that it does not add
    a trailing slash after `.:format`

    *Dan Langevin*

*   Build full URI as string when processing path in integration tests for
    performance reasons.

    *Guo Xiang Tan*

*   Fix `'Stack level too deep'` when rendering `head :ok` in an action method
    called 'status' in a controller.

    Fixes #13905.

    *Christiaan Van den Poel*

*   Add MKCALENDAR HTTP method (RFC 4791).

    *Sergey Karpesh*

*   Instrument fragment cache metrics.

    Adds `:controller`: and `:action` keys to the instrumentation payload
    for the `*_fragment.action_controller` notifications. This allows tracking
    e.g. the fragment cache hit rates for each controller action.

    *Daniel Schierbeck*

*   Always use the provided port if the protocol is relative.

    Fixes #15043.

    *Guilherme Cavalcanti*, *Andrew White*

*   Moved `params[request_forgery_protection_token]` into its own method
    and improved tests.

    Fixes #11316.

    *Tom Kadwill*

*   Added verification of route constraints given as a Proc or an object responding
    to `:matches?`. Previously, when given an non-complying object, it would just
    silently fail to enforce the constraint. It will now raise an `ArgumentError`
    when setting up the routes.

    *Xavier Defrang*

*   Properly treat the entire IPv6 User Local Address space as private for
    purposes of remote IP detection. Also handle uppercase private IPv6
    addresses.

    Fixes #12638.

    *Caleb Spare*

*   Fixed an issue with migrating legacy json cookies.

    Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
    cookies are marshal-encoded. This is not the case when `secret_token` is
    used in conjunction with the `:json` or `:hybrid` serializer.

    In those case, when upgrading to use `secret_key_base`, this would cause a
    `TypeError: incompatible marshal file format` and a 500 error for the user.

    Fixes #14774.

    *Godfrey Chan*

*   Make URL escaping more consistent:

    1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers
    2. Add an `escape_segment` helper to `Router::Utils` that escapes '/' characters
    3. Use `escape_segment` rather than `escape_fragment` in optimized URL generation
    4. Use `escape_segment` rather than `escape_path` in URL generation

    For point 4 there are two exceptions. Firstly, when a route uses wildcard segments
    (e.g. `*foo`) then we use `escape_path` as the value may contain '/' characters. This
    means that wildcard routes can't be optimized. Secondly, if a `:controller` segment
    is used in the path then this uses `escape_path` as the controller may be namespaced.

    Fixes #14629, #14636 and #14070.

    *Andrew White*, *Edho Arief*

*   Add alias `ActionDispatch::Http::UploadedFile#to_io` to
    `ActionDispatch::Http::UploadedFile#tempfile`.

    *Tim Linquist*

*   Returns null type format when format is not know and controller is using `any`
    format block.

    Fixes #14462.

    *Rafael Mendonça França*

*   Improve routing error page with fuzzy matching search.

    *Winston*

*   Only make deeply nested routes shallow when parent is shallow.

    Fixes #14684.

    *Andrew White*, *James Coglan*

*   Append link to bad code to backtrace when exception is `SyntaxError`.

    *Boris Kuznetsov*

*   Swapped the parameters of assert_equal in `assert_select` so that the
    proper values were printed correctly.

    Fixes #14422.

    *Vishal Lal*

*   The method `shallow?` returns false if the parent resource is a singleton so
    we need to check if we're not inside a nested scope before copying the :path
    and :as options to their shallow equivalents.

    Fixes #14388.

    *Andrew White*

*   Make logging of CSRF failures optional (but on by default) with the
    `log_warning_on_csrf_failure` configuration setting in
    `ActionController::RequestForgeryProtection`.

    *John Barton*

*   Fix URL generation in controller tests with request-dependent
    `default_url_options` methods.

    *Tony Wooster*


Please check [4-1-stable](https://github.com/rails/rails/blob/4-1-stable/actionpack/CHANGELOG.md) for previous changes.
Handle client disconnect during live streaming .. even when the producer is blocked for a write. 2014-05-31 21:05:00 -04:00			`* Ensure the controller is always notified as soon as the client disconnects`
			`during live streaming, even when the controller is blocked on a write.`

			`Nicholas Jakobsen, Matthew Draper`

Routes specifying 'to:' must be a string that contains a "#" or a rack application. Use of a symbol should be replaced with `action: symbol`. Use of a string without a "#" should be replaced with `controller: string`. 2014-06-03 17:05:16 -04:00			`* Routes specifying 'to:' must be a string that contains a "#" or a rack`
			application. Use of a symbol should be replaced with `action: symbol`.
			Use of a string without a "#" should be replaced with `controller: string`.

Merge pull request #14986 from dlangevin/trailing-slash-url-generation Fixes URL generation with trailing_slash: true Conflicts: actionpack/lib/action_dispatch/http/url.rb 2014-05-24 11:41:28 -04:00			* Fix URL generation with `:trailing_slash` such that it does not add
			a trailing slash after `.:format`

			`Dan Langevin`

Form full URI as string to be parsed in Rack::Test. There are performance gains to be made by avoiding URI setter methods. 2014-05-13 22:30:57 -04:00			`* Build full URI as string when processing path in integration tests for`
			`performance reasons.`

			`Guo Xiang Tan`

Future port c8ddb61 2014-05-23 17:45:21 -04:00			* Fix `'Stack level too deep'` when rendering `head :ok` in an action method
Merge pull request #15118 from khelben/head_with_status_action_stack_level_too_deep fixes stack level too deep exception on action named 'status' rendering 'head :ok' 2014-05-15 15:18:05 -04:00			`called 'status' in a controller.`

			`Fixes #13905.`

			`Christiaan Van den Poel`

Merge pull request #15121 from skarpesh/rfc4791-methods Add RFC 4791 MKCALENDAR method 2014-05-15 13:36:24 -04:00			`* Add MKCALENDAR HTTP method (RFC 4791).`

			`Sergey Karpesh`

Add controller and action name to the instrumentation payload 2014-02-21 05:28:51 -05:00			`* Instrument fragment cache metrics.`

			Adds `:controller`: and `:action` keys to the instrumentation payload
			for the `*_fragment.action_controller` notifications. This allows tracking
			`e.g. the fragment cache hit rates for each controller action.`

			`Daniel Schierbeck`

Always use the provided port for protocol relative urls There may be situations where you need to tunnel SSL connections over port 80 so we shouldn't remove it if it has been explicitly provided. 2014-05-11 07:56:33 -04:00			`* Always use the provided port if the protocol is relative.`

			`Fixes #15043.`

			`Guilherme Cavalcanti, Andrew White`

Moved 'params[request_forgery_protection_token]' into its own method and improved tests. 2014-05-02 10:54:35 -04:00			* Moved `params[request_forgery_protection_token]` into its own method
			`and improved tests.`

			`Fixes #11316.`

			`Tom Kadwill`

Verify that route constraints respond to the expected messages instead of silently failing to enforce the constraint 2013-06-28 09:37:26 -04:00			`* Added verification of route constraints given as a Proc or an object responding`
Improve CHANGELOG entry 2014-05-04 17:47:29 -04:00			to `:matches?`. Previously, when given an non-complying object, it would just
			silently fail to enforce the constraint. It will now raise an `ArgumentError`
Verify that route constraints respond to the expected messages instead of silently failing to enforce the constraint 2013-06-28 09:37:26 -04:00			`when setting up the routes.`

			`Xavier Defrang`

Make remote_ip detection properly handle private IPv6 addresses Fixes #12638. 2013-10-25 17:16:42 -04:00			`* Properly treat the entire IPv6 User Local Address space as private for`
			`purposes of remote IP detection. Also handle uppercase private IPv6`
			`addresses.`

			`Fixes #12638.`

			`Caleb Spare`

Fixed an issue with migrating legacy json cookies. Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming cookies are marshal-encoded. This is not the case when `secret_token` is used in conjunction with the `:json` or `:hybrid` serializer. In those case, when upgrading to use `secret_key_base`, this would cause a `TypeError: incompatible marshal file format` and a 500 error for the user. Fixes #14774. Godfrey Chan 2014-04-23 12:07:50 -04:00			`* Fixed an issue with migrating legacy json cookies.`

			Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
			cookies are marshal-encoded. This is not the case when `secret_token` is
			used in conjunction with the `:json` or `:hybrid` serializer.

			In those case, when upgrading to use `secret_key_base`, this would cause a
			`TypeError: incompatible marshal file format` and a 500 error for the user.

			`Fixes #14774.`

			`Godfrey Chan`

Make URL escaping more consistent 1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers 2. Add an `escape_segment` helper to `Router::Utils` that escapes '/' characters 3. Use `escape_segment` rather than `escape_fragment` in optimized URL generation 4. Use `escape_segment` rather than `escape_path` in URL generation For point 4 there are two exceptions. Firstly, when a route uses wildcard segments (e.g. *foo) then we use `escape_path` as the value may contain '/' characters. This means that wildcard routes can't be optimized. Secondly, if a `:controller` segment is used in the path then this uses `escape_path` as the controller may be namespaced. Fixes #14629, #14636 and #14070. 2014-04-20 05:08:32 -04:00			`* Make URL escaping more consistent:`

			`1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers`
			2. Add an `escape_segment` helper to `Router::Utils` that escapes '/' characters
			3. Use `escape_segment` rather than `escape_fragment` in optimized URL generation
			4. Use `escape_segment` rather than `escape_path` in URL generation

			`For point 4 there are two exceptions. Firstly, when a route uses wildcard segments`
Future port c8ddb61 2014-05-23 17:45:21 -04:00			(e.g. `*foo`) then we use `escape_path` as the value may contain '/' characters. This
Make URL escaping more consistent 1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers 2. Add an `escape_segment` helper to `Router::Utils` that escapes '/' characters 3. Use `escape_segment` rather than `escape_fragment` in optimized URL generation 4. Use `escape_segment` rather than `escape_path` in URL generation For point 4 there are two exceptions. Firstly, when a route uses wildcard segments (e.g. *foo) then we use `escape_path` as the value may contain '/' characters. This means that wildcard routes can't be optimized. Secondly, if a `:controller` segment is used in the path then this uses `escape_path` as the controller may be namespaced. Fixes #14629, #14636 and #14070. 2014-04-20 05:08:32 -04:00			means that wildcard routes can't be optimized. Secondly, if a `:controller` segment
			is used in the path then this uses `escape_path` as the controller may be namespaced.

			`Fixes #14629, #14636 and #14070.`

			`Andrew White, Edho Arief`

Add CHANGELOG entry for #14755 [ci skip] 2014-04-17 13:50:52 -04:00			* Add alias `ActionDispatch::Http::UploadedFile#to_io` to
			`ActionDispatch::Http::UploadedFile#tempfile`.

			`Tim Linquist`

Return null type format when format is not know When requesting a controller with the following code with a unknown format: def my_action respond_to do \|format\| format.json { head :ok } format.any { render text: 'Default response' } end end we should render the default response instead of raising ActionController::UnknownFormat Fixes #14462 Conflicts: actionpack/CHANGELOG.md actionpack/test/controller/mime/respond_with_test.rb Conflicts: actionpack/CHANGELOG.md 2014-04-14 15:59:47 -04:00			* Returns null type format when format is not know and controller is using `any`
			`format block.`

			`Fixes #14462.`

			`Rafael Mendonça França`

Add CHANGELOG entry for #14619 [ci skip] 2014-04-11 10:27:24 -04:00			`* Improve routing error page with fuzzy matching search.`

			`Winston`

Only make deeply nested routes shallow when parent is shallow Since `:shallow` may be set at any point in the resource nesting we should only make the new and collection routes shallow when the parent is shallow. This is a bit of a hack but until the mapper is refactored to an object graph instead of a hash of merged values it's the best we can do. Fixes #14684. 2014-04-11 05:20:54 -04:00			`* Only make deeply nested routes shallow when parent is shallow.`

			`Fixes #14684.`

			`Andrew White, James Coglan`

Future port c8ddb61 2014-05-23 17:45:21 -04:00			* Append link to bad code to backtrace when exception is `SyntaxError`.
Append link to bad code to backtrace when exception is SyntaxError 2014-01-30 09:33:49 -05:00
			`Boris Kuznetsov`
Only make deeply nested routes shallow when parent is shallow Since `:shallow` may be set at any point in the resource nesting we should only make the new and collection routes shallow when the parent is shallow. This is a bit of a hack but until the mapper is refactored to an object graph instead of a hash of merged values it's the best we can do. Fixes #14684. 2014-04-11 05:20:54 -04:00
Swapped parameters of assert_equal in assert_select 2014-03-22 18:50:55 -04:00			* Swapped the parameters of assert_equal in `assert_select` so that the
Missing period from AP/CHANGELOG [ci skip] 2014-05-31 14:21:56 -04:00			`proper values were printed correctly.`
Swapped parameters of assert_equal in assert_select 2014-03-22 18:50:55 -04:00
			`Fixes #14422.`

			`Vishal Lal`

Use nested_scope? not shallow? to determine whether to copy options The method `shallow?` returns false if the parent resource is a singleton so we need to check if we're not inside a nested scope before copying the :path and :as options to their shallow equivalents. Fixes #14388. 2014-03-16 05:15:52 -04:00			* The method `shallow?` returns false if the parent resource is a singleton so
			`we need to check if we're not inside a nested scope before copying the :path`
			`and :as options to their shallow equivalents.`

			`Fixes #14388.`

			`Andrew White`

Make CSRF failure logging optional/configurable. Added the log_warning_on_csrf_failure option to ActionController::RequestForgeryProtection which is on by default. 2014-03-04 19:24:51 -05:00			`* Make logging of CSRF failures optional (but on by default) with the`
			`log_warning_on_csrf_failure` configuration setting in
Move changelog entry to the top, highlight module name [ci skip] 2014-03-08 16:17:49 -05:00			`ActionController::RequestForgeryProtection`.
Make CSRF failure logging optional/configurable. Added the log_warning_on_csrf_failure option to ActionController::RequestForgeryProtection which is on by default. 2014-03-04 19:24:51 -05:00
			`John Barton`
Fix controller test not resetting @_url_options Commit 4f2cd3e9 introduced a bug by reordering the call to `@controller.recycle!` above the call to `build_request_uri`. The impact of this was that the `@_url_options` cache ends up not being reset between building a request URI (occurring within the test controller) and the firing of the actual request. We encountered this bug because we had the following setup: class MinimumReproducibleController < ActionController::Base before_filter { @param = 'param' } def index render text: url_for(params) end def default_url_options { custom_opt: @param } end end def test_index get :index # builds url, then fires actual request end The first step in `get :index` in the test suite would populate the @_url_options cache. The subsequent call to `url_for` inside of the controller action would then utilize the uncleared cache, thus never calling the now-updated default_url_options. This commit fixes this bug calling recycle! twice, and removes a call to set response_body, which should no longer be needed since we're recycling the request object explicitly. 2014-02-18 17:12:11 -05:00
Move changelog entry to the top, highlight module name [ci skip] 2014-03-08 16:17:49 -05:00			`* Fix URL generation in controller tests with request-dependent`
			`default_url_options` methods.

			`Tony Wooster`

Fixes URL generation with trailing_slash: true URL generation with trailing_slash: true was adding a trailing slash after .:format Routes.draw do resources :bars end bars_url(trailing_slash: true, format: 'json') # => /bars.json/ This commit removes that extra trailing slash 2014-05-05 18:25:29 -04:00
Point master changelogs to 4-1-stable branch Remove 4-1 related entries from master [ci skip] 2014-02-25 07:14:35 -05:00			`Please check [4-1-stable](https://github.com/rails/rails/blob/4-1-stable/actionpack/CHANGELOG.md) for previous changes.`