kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Upgrade guide pass. [CI SKIP]

Browse source
This commit is contained in:
Guo Xiang Tan 2014-08-21 16:22:16 +08:00
parent 2e355fe0c7
commit 13d4a9bc2a
1 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
guides/source/upgrading_ruby_on_rails.md
View file

@ -148,7 +148,7 @@ Upgrading from Rails 4.0 to Rails 4.1
Or, "whaaat my tests are failing!!!?"
Cross-site request forgery (CSRF) protection now covers GET requests with
JavaScript responses, too. That prevents a third-party site from referencing
JavaScript responses, too. This prevents a third-party site from referencing
your JavaScript URL and attempting to run it to extract sensitive data.
This means that your functional and integration tests that use
@ -199,8 +199,8 @@ secrets, you need to:
```
2. Use your existing `secret_key_base` from the `secret_token.rb` initializer to
set the SECRET_KEY_BASE environment variable for whichever users run the Rails
app in production mode. Alternately, you can simply copy the existing
set the SECRET_KEY_BASE environment variable for whichever users that are running the
Rails application in production mode. Alternatively, you can simply copy the existing
`secret_key_base` from the `secret_token.rb` initializer to `secrets.yml`
under the `production` section, replacing '<%= ENV["SECRET_KEY_BASE"] %>'.
@ -403,8 +403,8 @@ ActiveRecord::FixtureSet.context_class.send :include, FixtureFileHelpers
### I18n enforcing available locales
Rails 4.1 now defaults the I18n option `enforce_available_locales` to `true`,
meaning that it will make sure that all locales passed to it must be declared in
Rails 4.1 now defaults the I18n option `enforce_available_locales` to `true`. This
means that it will make sure that all locales passed to it must be declared in
the `available_locales` list.
To disable it (and allow I18n to accept *any* locale option) add the following
@ -414,9 +414,10 @@ configuration to your application:
config.i18n.enforce_available_locales = false
```
Note that this option was added as a security measure, to ensure user input could
not be used as locale information unless previously known, so it's recommended not
to disable this option unless you have a strong reason for doing so.
Note that this option was added as a security measure, to ensure user input can
not be used as locale information unless it is previously known. Therefore,
it's recommended not to disable this option unless you have a strong reason for
doing so.
### Mutator methods called on Relation
@ -524,7 +525,7 @@ Using `render :text` may pose a security risk, as the content is sent as
### PostgreSQL json and hstore datatypes
Rails 4.1 will map `json` and `hstore` columns to a string-keyed Ruby `Hash`.
In earlier versions a `HashWithIndifferentAccess` was used. This means that
In earlier versions, a `HashWithIndifferentAccess` was used. This means that
symbol access is no longer supported. This is also the case for
`store_accessors` based on top of `json` or `hstore` columns. Make sure to use
string keys consistently.