2015-02-12 15:24:45 -05:00
|
|
|
* Non-string authenticity tokens do not raise NoMethodError when decoding
|
|
|
|
the masked token.
|
|
|
|
|
|
|
|
*Ville Lautanala*
|
|
|
|
|
2015-01-07 21:23:55 -05:00
|
|
|
* Add http_cache_forever to Action Controller, so we can cache a response that never gets expired.
|
|
|
|
|
|
|
|
*arthurnn*
|
|
|
|
|
2013-10-22 10:14:50 -04:00
|
|
|
* ActionController#translate supports symbols as shortcuts.
|
|
|
|
When shortcut is given it also lookups without action name.
|
2013-08-07 04:33:28 -04:00
|
|
|
|
|
|
|
*Max Melentiev*
|
|
|
|
|
2015-01-06 15:14:49 -05:00
|
|
|
* Expand `ActionController::ConditionalGet#fresh_when` and `stale?` to also
|
|
|
|
accept a collection of records as the first argument, so that the
|
|
|
|
following code can be written in a shorter form.
|
|
|
|
|
|
|
|
# Before
|
|
|
|
def index
|
2015-02-12 02:54:01 -05:00
|
|
|
@articles = Article.all
|
|
|
|
fresh_when(etag: @articles, last_modified: @articles.maximum(:updated_at))
|
2015-01-06 15:14:49 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
# After
|
|
|
|
def index
|
2015-02-12 02:54:01 -05:00
|
|
|
@articles = Article.all
|
2015-01-06 15:14:49 -05:00
|
|
|
fresh_when(@articles)
|
|
|
|
end
|
|
|
|
|
|
|
|
*claudiob*
|
|
|
|
|
2015-01-31 22:15:42 -05:00
|
|
|
* Explicitly ignored wildcard verbs when searching for HEAD routes before fallback
|
|
|
|
|
|
|
|
Fixes an issue where a mounted rack app at root would intercept the HEAD
|
|
|
|
request causing an incorrect behavior during the fall back to GET requests.
|
|
|
|
|
|
|
|
Example:
|
|
|
|
```ruby
|
|
|
|
draw do
|
|
|
|
get '/home' => 'test#index'
|
|
|
|
mount rack_app, at: '/'
|
|
|
|
end
|
|
|
|
head '/home'
|
|
|
|
assert_response :success
|
|
|
|
```
|
|
|
|
In this case, a HEAD request runs through the routes the first time and fails
|
|
|
|
to match anything. Then, it runs through the list with the fallback and matches
|
|
|
|
`get '/home'`. The original behavior would match the rack app in the first pass.
|
|
|
|
|
|
|
|
*Terence Sun*
|
|
|
|
|
2015-02-01 08:07:42 -05:00
|
|
|
* Migrating xhr methods to keyword arguments syntax
|
|
|
|
in `ActionController::TestCase` and `ActionDispatch::Integration`
|
|
|
|
|
|
|
|
Old syntax:
|
|
|
|
|
|
|
|
xhr :get, :create, params: { id: 1 }
|
|
|
|
|
|
|
|
New syntax example:
|
|
|
|
|
|
|
|
get :create, params: { id: 1 }, xhr: true
|
|
|
|
|
|
|
|
*Kir Shatrov*
|
|
|
|
|
2015-01-29 08:52:10 -05:00
|
|
|
* Migrating to keyword arguments syntax in `ActionController::TestCase` and
|
2015-01-31 05:54:00 -05:00
|
|
|
`ActionDispatch::Integration` HTTP request methods.
|
2015-01-04 04:35:06 -05:00
|
|
|
|
2015-01-31 05:54:00 -05:00
|
|
|
Example:
|
2015-01-29 08:52:10 -05:00
|
|
|
|
|
|
|
post :create, params: { y: x }, session: { a: 'b' }
|
|
|
|
get :view, params: { id: 1 }
|
|
|
|
get :view, params: { id: 1 }, format: :json
|
2015-01-04 04:35:06 -05:00
|
|
|
|
|
|
|
*Kir Shatrov*
|
|
|
|
|
2015-01-31 05:54:00 -05:00
|
|
|
* Preserve default url options when generating URLs.
|
2015-01-21 10:40:02 -05:00
|
|
|
|
|
|
|
Fixes an issue that would cause default_url_options to be lost when
|
|
|
|
generating URLs with fewer positional arguments than parameters in the
|
|
|
|
route definition.
|
|
|
|
|
|
|
|
*Tekin Suleyman*
|
|
|
|
|
2015-01-28 15:50:01 -05:00
|
|
|
* Deprecate *_via_redirect integration test methods.
|
|
|
|
|
|
|
|
Use `follow_redirect!` manually after the request call for the same behavior.
|
|
|
|
|
|
|
|
*Aditya Kapoor*
|
|
|
|
|
2015-01-17 19:06:10 -05:00
|
|
|
* Add `ActionController::Renderer` to render arbitrary templates
|
|
|
|
outside controller actions.
|
|
|
|
|
2015-01-21 16:23:22 -05:00
|
|
|
Its functionality is accessible through class methods `render` and
|
|
|
|
`renderer` of `ActionController::Base`.
|
|
|
|
|
2015-01-17 19:06:10 -05:00
|
|
|
*Ravil Bayramgalin*
|
|
|
|
|
2015-01-15 08:52:46 -05:00
|
|
|
* Support `:assigns` option when rendering with controllers/mailers.
|
|
|
|
|
|
|
|
*Ravil Bayramgalin*
|
|
|
|
|
2015-01-09 11:01:04 -05:00
|
|
|
* Default headers, removed in controller actions, are no longer reapplied on
|
2015-01-09 10:55:02 -05:00
|
|
|
the test response.
|
|
|
|
|
|
|
|
*Jonas Baumann*
|
|
|
|
|
2015-01-08 15:51:51 -05:00
|
|
|
* Deprecate all *_filter callbacks in favor of *_action callbacks.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
|
|
|
* Allow you to pass `prepend: false` to protect_from_forgery to have the
|
2015-01-04 19:38:54 -05:00
|
|
|
verification callback appended instead of prepended to the chain.
|
|
|
|
This allows you to let the verification step depend on prior callbacks.
|
2015-01-31 05:54:00 -05:00
|
|
|
|
2015-01-04 19:38:54 -05:00
|
|
|
Example:
|
|
|
|
|
|
|
|
class ApplicationController < ActionController::Base
|
|
|
|
before_action :authenticate
|
2015-01-08 14:18:06 -05:00
|
|
|
protect_from_forgery prepend: false, unless: -> { @authenticated_by.oauth? }
|
2015-01-04 19:38:54 -05:00
|
|
|
|
|
|
|
private
|
|
|
|
def authenticate
|
|
|
|
if oauth_request?
|
|
|
|
# authenticate with oauth
|
|
|
|
@authenticated_by = 'oauth'.inquiry
|
|
|
|
else
|
|
|
|
# authenticate with cookies
|
|
|
|
@authenticated_by = 'cookie'.inquiry
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
*Josef Šimánek*
|
|
|
|
|
2015-01-10 06:17:57 -05:00
|
|
|
* Remove `ActionController::HideActions`.
|
2015-01-06 15:33:31 -05:00
|
|
|
|
|
|
|
*Ravil Bayramgalin*
|
|
|
|
|
2015-01-04 15:20:17 -05:00
|
|
|
* Remove `respond_to`/`respond_with` placeholder methods, this functionality
|
|
|
|
has been extracted to the `responders` gem.
|
|
|
|
|
|
|
|
*Carlos Antonio da Silva*
|
|
|
|
|
2015-01-03 15:39:42 -05:00
|
|
|
* Remove deprecated assertion files.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-03 15:37:03 -05:00
|
|
|
* Remove deprecated usage of string keys in URL helpers.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-03 15:34:50 -05:00
|
|
|
* Remove deprecated `only_path` option on `*_path` helpers.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-02 22:26:36 -05:00
|
|
|
* Remove deprecated `NamedRouteCollection#helpers`.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-02 22:17:17 -05:00
|
|
|
* Remove deprecated support to define routes with `:to` option that doesn't contain `#`.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-02 21:25:57 -05:00
|
|
|
* Remove deprecated `ActionDispatch::Response#to_ary`.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-02 21:22:22 -05:00
|
|
|
* Remove deprecated `ActionDispatch::Request#deep_munge`.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-02 21:19:29 -05:00
|
|
|
* Remove deprecated `ActionDispatch::Http::Parameters#symbolized_path_parameters`.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2015-01-02 21:16:51 -05:00
|
|
|
* Remove deprecated option `use_route` in controller tests.
|
|
|
|
|
|
|
|
*Rafael Mendonça França*
|
|
|
|
|
2014-12-09 04:55:58 -05:00
|
|
|
* Ensure `append_info_to_payload` is called even if an exception is raised.
|
|
|
|
|
|
|
|
Fixes an issue where when an exception is raised in the request the additonal
|
|
|
|
payload data is not available.
|
|
|
|
|
|
|
|
See:
|
2015-01-02 12:16:15 -05:00
|
|
|
* #14903
|
2014-12-09 04:55:58 -05:00
|
|
|
* https://github.com/roidrage/lograge/issues/37
|
|
|
|
|
|
|
|
*Dieter Komendera*, *Margus Pärt*
|
|
|
|
|
2014-12-31 06:21:55 -05:00
|
|
|
* Correctly rely on the response's status code to handle calls to `head`.
|
|
|
|
|
|
|
|
*Robin Dupret*
|
|
|
|
|
2014-12-30 10:04:18 -05:00
|
|
|
* Using `head` method returns empty response_body instead
|
|
|
|
of returning a single space " ".
|
|
|
|
|
|
|
|
The old behavior was added as a workaround for a bug in an early
|
|
|
|
version of Safari, where the HTTP headers are not returned correctly
|
|
|
|
if the response body has a 0-length. This is been fixed since and
|
|
|
|
the workaround is no longer necessary.
|
|
|
|
|
|
|
|
Fixes #18253.
|
|
|
|
|
|
|
|
*Prathamesh Sonpatki*
|
|
|
|
|
2014-12-30 09:15:07 -05:00
|
|
|
* Fix how polymorphic routes works with objects that implement `to_model`.
|
|
|
|
|
|
|
|
*Travis Grathwell*
|
|
|
|
|
2015-01-31 05:54:00 -05:00
|
|
|
* Stop converting empty arrays in `params` to `nil`.
|
2014-09-14 06:22:29 -04:00
|
|
|
|
|
|
|
This behaviour was introduced in response to CVE-2012-2660, CVE-2012-2694
|
|
|
|
and CVE-2013-0155
|
|
|
|
|
|
|
|
ActiveRecord now issues a safe query when passing an empty array into
|
|
|
|
a where clause, so there is no longer a need to defend against this type
|
|
|
|
of input (any nils are still stripped from the array).
|
|
|
|
|
|
|
|
*Chris Sinjakli*
|
|
|
|
|
2014-12-23 02:56:17 -05:00
|
|
|
* Fixed usage of optional scopes in url helpers.
|
2014-12-13 15:46:52 -05:00
|
|
|
|
|
|
|
*Alex Robbin*
|
|
|
|
|
2014-12-23 02:56:17 -05:00
|
|
|
* Fixed handling of positional url helper arguments when `format: false`.
|
2014-12-13 10:34:41 -05:00
|
|
|
|
|
|
|
Fixes #17819.
|
|
|
|
|
|
|
|
*Andrew White*, *Tatiana Soukiassian*
|
|
|
|
|
2014-11-28 12:00:06 -05:00
|
|
|
Please check [4-2-stable](https://github.com/rails/rails/blob/4-2-stable/actionpack/CHANGELOG.md) for previous changes.
|