kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity

Fix list item indentation [ci-skip] 

This fixes the formatting of list items that include code snippets and
multiple paragraphs.
This commit is contained in:
Jonathan Hefner 2020-12-23 15:14:18 -06:00
parent c008a36492
commit 384c0d4b2f
7 changed files with 259 additions and 238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
guides/source/4_0_release_notes.md
View File

@ -184,15 +184,15 @@ Please refer to the [Changelog](https://github.com/rails/rails/blob/4-0-stable/a
* `String#to_date` now raises `ArgumentError: invalid date` instead of `NoMethodError: undefined method 'div' for nil:NilClass`
when given an invalid date. It is now the same as `Date.parse`, and it accepts more invalid dates than 3.x, such as:
```ruby
# ActiveSupport 3.x
"asdf".to_date # => NoMethodError: undefined method `div' for nil:NilClass
"333".to_date # => NoMethodError: undefined method `div' for nil:NilClass
```ruby
# ActiveSupport 3.x
"asdf".to_date # => NoMethodError: undefined method `div' for nil:NilClass
"333".to_date # => NoMethodError: undefined method `div' for nil:NilClass
# ActiveSupport 4
"asdf".to_date # => ArgumentError: invalid date
"333".to_date # => Fri, 29 Nov 2013
```
# ActiveSupport 4
"asdf".to_date # => ArgumentError: invalid date
"333".to_date # => Fri, 29 Nov 2013
```
### Deprecations

16
guides/source/4_2_release_notes.md
View File

@ -109,17 +109,17 @@ Caching is not used in the following scenarios:
- The model uses single table inheritance
- `find` with a list of ids, e.g.:
```ruby
# not cached
Post.find(1, 2, 3)
Post.find([1,2])
```
```ruby
# not cached
Post.find(1, 2, 3)
Post.find([1,2])
```
- `find_by` with SQL fragments:
```ruby
Post.find_by('published_at < ?', 2.weeks.ago)
```
```ruby
Post.find_by('published_at < ?', 2.weeks.ago)
```
### Web Console

20
guides/source/6_1_release_notes.md
View File

@ -279,20 +279,20 @@ Please refer to the [Changelog][active-record] for detailed changes.
* `where.not` now generates NAND predicates instead of NOR.
Before:
Before:
User.where.not(name: "Jon", role: "admin")
# SELECT * FROM users WHERE name != 'Jon' AND role != 'admin'
User.where.not(name: "Jon", role: "admin")
# SELECT * FROM users WHERE name != 'Jon' AND role != 'admin'
After:
After:
User.where.not(name: "Jon", role: "admin")
# SELECT * FROM users WHERE NOT (name == 'Jon' AND role == 'admin')
User.where.not(name: "Jon", role: "admin")
# SELECT * FROM users WHERE NOT (name == 'Jon' AND role == 'admin')
* To use the new per-database connection handling applications must change
`legacy_connection_handling` to false and remove deprecated accessors on
`connection_handlers`. Public methods for `connects_to` and `connected_to`
require no changes.
* To use the new per-database connection handling applications must change
`legacy_connection_handling` to false and remove deprecated accessors on
`connection_handlers`. Public methods for `connects_to` and `connected_to`
require no changes.
Active Storage
--------------

28
guides/source/asset_pipeline.md
View File

@ -789,23 +789,23 @@ $ RAILS_ENV=production rails assets:precompile
Note the following caveats:
* If precompiled assets are available, they will be served — even if they no
longer match the original (uncompiled) assets, _even on the development
server._
* If precompiled assets are available, they will be served — even if they no
longer match the original (uncompiled) assets, _even on the development
server._
To ensure that the development server always compiles assets on-the-fly (and
thus always reflects the most recent state of the code), the development
environment _must be configured to keep precompiled assets in a different
location than production does._ Otherwise, any assets precompiled for use in
production will clobber requests for them in development (_i.e.,_ subsequent
changes you make to assets will not be reflected in the browser).
To ensure that the development server always compiles assets on-the-fly (and
thus always reflects the most recent state of the code), the development
environment _must be configured to keep precompiled assets in a different
location than production does._ Otherwise, any assets precompiled for use in
production will clobber requests for them in development (_i.e.,_ subsequent
changes you make to assets will not be reflected in the browser).
You can do this by adding the following line to
`config/environments/development.rb`:
You can do this by adding the following line to
`config/environments/development.rb`:
```ruby
config.assets.prefix = "/dev-assets"
```
```ruby
config.assets.prefix = "/dev-assets"
```
* The asset precompile task in your deployment tool (_e.g.,_ Capistrano) should
be disabled.
* Any necessary compressors or minifiers must be available on your development

201
guides/source/configuring.md
View File

@ -232,47 +232,47 @@ The full set of methods that can be used in this block are as follows:
Every Rails application comes with a standard set of middleware which it uses in this order in the development environment:
* `ActionDispatch::HostAuthorization` prevents against DNS rebinding and other `Host` header attacks.
It is included in the development environment by default with the following configuration:
* `ActionDispatch::HostAuthorization` prevents against DNS rebinding and other `Host` header attacks.
It is included in the development environment by default with the following configuration:
```ruby
Rails.application.config.hosts = [
IPAddr.new("0.0.0.0/0"), # All IPv4 addresses.
IPAddr.new("::/0"), # All IPv6 addresses.
"localhost" # The localhost reserved domain.
]
```
```ruby
Rails.application.config.hosts = [
IPAddr.new("0.0.0.0/0"), # All IPv4 addresses.
IPAddr.new("::/0"), # All IPv6 addresses.
"localhost" # The localhost reserved domain.
]
```
In other environments `Rails.application.config.hosts` is empty and no
`Host` header checks will be done. If you want to guard against header
attacks on production, you have to manually permit the allowed hosts
with:
In other environments `Rails.application.config.hosts` is empty and no
`Host` header checks will be done. If you want to guard against header
attacks on production, you have to manually permit the allowed hosts
with:
```ruby
Rails.application.config.hosts << "product.com"
```
```ruby
Rails.application.config.hosts << "product.com"
```
The host of a request is checked against the `hosts` entries with the case
operator (`#===`), which lets `hosts` support entries of type `Regexp`,
`Proc` and `IPAddr` to name a few. Here is an example with a regexp.
The host of a request is checked against the `hosts` entries with the case
operator (`#===`), which lets `hosts` support entries of type `Regexp`,
`Proc` and `IPAddr` to name a few. Here is an example with a regexp.
```ruby
# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << /.*\.product\.com/
```
```ruby
# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << /.*\.product\.com/
```
The provided regexp will be wrapped with both anchors (`\A` and `\z`) so it
must match the entire hostname. `/product.com/`, for example, once anchored,
would fail to match `www.product.com`.
The provided regexp will be wrapped with both anchors (`\A` and `\z`) so it
must match the entire hostname. `/product.com/`, for example, once anchored,
would fail to match `www.product.com`.
A special case is supported that allows you to permit all sub-domains:
A special case is supported that allows you to permit all sub-domains:
```ruby
# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << ".product.com"
```
```ruby
# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << ".product.com"
```
* `ActionDispatch::SSL` forces every request to be served using HTTPS. Enabled if `config.force_ssl` is set to `true`. Options passed to this can be configured by setting `config.ssl_options`.
* `ActionDispatch::Static` is used to serve static assets. Disabled if `config.public_file_server.enabled` is `false`. Set `config.public_file_server.index_name` if you need to serve a static directory index file that is not named `index`. For example, to serve `main.html` instead of `index.html` for directory requests, set `config.public_file_server.index_name` to `"main"`.
@ -471,8 +471,8 @@ in controllers and views. This defaults to `false`.
when traversing `belongs_to` to `has_many` associations.
* `config.active_record.legacy_connection_handling` allows to enable new connection
handling API. For applications using multiple databases, this new API provides
support for granular connection swapping.
handling API. For applications using multiple databases, this new API provides
support for granular connection swapping.
* `config.active_record.destroy_association_async_job` allows specifying the job that will be used to destroy the associated records in background. It defaults to `ActiveRecord::DestroyAssociationAsyncJob`.
@ -613,29 +613,46 @@ Defaults to `'signed cookie'`.
* `config.action_dispatch.rescue_responses` configures what exceptions are assigned to an HTTP status. It accepts a hash and you can specify pairs of exception/status. By default, this is defined as:
```ruby
config.action_dispatch.rescue_responses = {
'ActionController::RoutingError' => :not_found,
'AbstractController::ActionNotFound' => :not_found,
'ActionController::MethodNotAllowed' => :method_not_allowed,
'ActionController::UnknownHttpMethod' => :method_not_allowed,
'ActionController::NotImplemented' => :not_implemented,
'ActionController::UnknownFormat' => :not_acceptable,
'ActionController::InvalidAuthenticityToken' => :unprocessable_entity,
'ActionController::InvalidCrossOriginRequest' => :unprocessable_entity,
'ActionDispatch::Http::Parameters::ParseError' => :bad_request,
'ActionController::BadRequest' => :bad_request,
'ActionController::ParameterMissing' => :bad_request,
'Rack::QueryParser::ParameterTypeError' => :bad_request,
'Rack::QueryParser::InvalidParameterError' => :bad_request,
'ActiveRecord::RecordNotFound' => :not_found,
'ActiveRecord::StaleObjectError' => :conflict,
'ActiveRecord::RecordInvalid' => :unprocessable_entity,
'ActiveRecord::RecordNotSaved' => :unprocessable_entity
}
```
```ruby
config.action_dispatch.rescue_responses = {
'ActionController::RoutingError'
=> :not_found,
'AbstractController::ActionNotFound'
=> :not_found,
'ActionController::MethodNotAllowed'
=> :method_not_allowed,
'ActionController::UnknownHttpMethod'
=> :method_not_allowed,
'ActionController::NotImplemented'
=> :not_implemented,
'ActionController::UnknownFormat'
=> :not_acceptable,
'ActionController::InvalidAuthenticityToken'
=> :unprocessable_entity,
'ActionController::InvalidCrossOriginRequest'
=> :unprocessable_entity,
'ActionDispatch::Http::Parameters::ParseError'
=> :bad_request,
'ActionController::BadRequest'
=> :bad_request,
'ActionController::ParameterMissing'
=> :bad_request,
'Rack::QueryParser::ParameterTypeError'
=> :bad_request,
'Rack::QueryParser::InvalidParameterError'
=> :bad_request,
'ActiveRecord::RecordNotFound'
=> :not_found,
'ActiveRecord::StaleObjectError'
=> :conflict,
'ActiveRecord::RecordInvalid'
=> :unprocessable_entity,
'ActiveRecord::RecordNotSaved'
=> :unprocessable_entity
}
```
Any exceptions that are not configured will be mapped to 500 Internal Server Error.
Any exceptions that are not configured will be mapped to 500 Internal Server Error.
* `config.action_dispatch.cookies_same_site_protection` configures the default
value of the `SameSite` attribute when setting cookies. When set to `nil`, the
@ -723,16 +740,16 @@ Defaults to `'signed cookie'`.
* `config.action_mailbox.logger` contains the logger used by Action Mailbox. It accepts a logger conforming to the interface of Log4r or the default Ruby Logger class. The default is `Rails.logger`.
```ruby
config.action_mailbox.logger = ActiveSupport::Logger.new(STDOUT)
```
```ruby
config.action_mailbox.logger = ActiveSupport::Logger.new(STDOUT)
```
* `config.action_mailbox.incinerate_after` accepts an `ActiveSupport::Duration` indicating how long after processing `ActionMailbox::InboundEmail` records should be destroyed. It defaults to `30.days`.
```ruby
# Incinerate inbound emails 14 days after processing.
config.action_mailbox.incinerate_after = 14.days
```
```ruby
# Incinerate inbound emails 14 days after processing.
config.action_mailbox.incinerate_after = 14.days
```
* `config.action_mailbox.queues.incineration` accepts a symbol indicating the Active Job queue to use for incineration jobs. When this option is `nil`, incineration jobs are sent to the default Active Job queue (see `config.active_job.default_queue_name`). It defaults to `:action_mailbox_incineration`.
@ -952,9 +969,9 @@ You can find more detailed configuration options in the
* `:mutool` - The location of the mutool executable.
* `:ffmpeg` - The location of the ffmpeg executable.
```ruby
config.active_storage.paths[:ffprobe] = '/usr/local/bin/ffprobe'
```
```ruby
config.active_storage.paths[:ffprobe] = '/usr/local/bin/ffprobe'
```
* `config.active_storage.variable_content_types` accepts an array of strings indicating the content types that Active Storage can transform through ImageMagick. The default is `%w(image/png image/gif image/jpg image/jpeg image/pjpeg image/tiff image/bmp image/vnd.adobe.photoshop image/vnd.microsoft.icon image/webp)`.
@ -967,42 +984,43 @@ text/javascript image/svg+xml application/postscript application/x-shockwave-fla
* `config.active_storage.queues.analysis` accepts a symbol indicating the Active Job queue to use for analysis jobs. When this option is `nil`, analysis jobs are sent to the default Active Job queue (see `config.active_job.default_queue_name`). The default is `nil`.
```ruby
config.active_storage.queues.analysis = :low_priority
```
```ruby
config.active_storage.queues.analysis = :low_priority
```
* `config.active_storage.queues.purge` accepts a symbol indicating the Active Job queue to use for purge jobs. When this option is `nil`, purge jobs are sent to the default Active Job queue (see `config.active_job.default_queue_name`). The default is `nil`.
```ruby
config.active_storage.queues.purge = :low_priority
```
```ruby
config.active_storage.queues.purge = :low_priority
```
* `config.active_storage.queues.mirror` accepts a symbol indicating the Active Job queue to use for direct upload mirroring jobs. When this option is `nil`, mirroring jobs are sent to the default Active Job queue (see `config.active_job.default_queue_name`). The default is `nil`.
```ruby
config.active_storage.queues.mirror = :low_priority
```
```ruby
config.active_storage.queues.mirror = :low_priority
```
* `config.active_storage.logger` can be used to set the logger used by Active Storage. Accepts a logger conforming to the interface of Log4r or the default Ruby Logger class.
```ruby
config.active_storage.logger = ActiveSupport::Logger.new(STDOUT)
```
```ruby
config.active_storage.logger = ActiveSupport::Logger.new(STDOUT)
```
* `config.active_storage.service_urls_expire_in` determines the default expiry of URLs generated by:
* `ActiveStorage::Blob#url`
* `ActiveStorage::Blob#service_url_for_direct_upload`
* `ActiveStorage::Variant#url`
The default is 5 minutes.
* `ActiveStorage::Blob#url`
* `ActiveStorage::Blob#service_url_for_direct_upload`
* `ActiveStorage::Variant#url`
The default is 5 minutes.
* `config.active_storage.routes_prefix` can be used to set the route prefix for the routes served by Active Storage. Accepts a string that will be prepended to the generated routes.
```ruby
config.active_storage.routes_prefix = '/files'
```
```ruby
config.active_storage.routes_prefix = '/files'
```
The default is `/rails/active_storage`.
The default is `/rails/active_storage`.
* `config.active_storage.replace_on_assign_to_many` determines whether assigning to a collection of attachments declared with `has_many_attached` replaces any existing attachments or appends to them. The default is `true`.
@ -1012,11 +1030,12 @@ text/javascript image/svg+xml application/postscript application/x-shockwave-fla
* `config.active_storage.resolve_model_to_route` can be used to globally change how Active Storage files are delivered.
Allowed values are:
* `:rails_storage_redirect`: Redirect to signed, short-lived service URLs.
* `:rails_storage_proxy`: Proxy files by downloading them.
Allowed values are:
The default is `:rails_storage_redirect`.
* `:rails_storage_redirect`: Redirect to signed, short-lived service URLs.
* `:rails_storage_proxy`: Proxy files by downloading them.
The default is `:rails_storage_redirect`.
### Results of `config.load_defaults`

28
guides/source/layouts_and_rendering.md
View File

@ -1213,27 +1213,27 @@ To pass a local variable to a partial in only specific cases use the `local_assi
* `index.html.erb`
```erb
<%= render user.articles %>
```
```erb
<%= render user.articles %>
```
* `show.html.erb`
```erb
<%= render article, full: true %>
```
```erb
<%= render article, full: true %>
```
* `_article.html.erb`
```erb
<h2><%= article.title %></h2>
```erb
<h2><%= article.title %></h2>
<% if local_assigns[:full] %>
<%= simple_format article.body %>
<% else %>
<%= truncate article.body %>
<% end %>
```
<% if local_assigns[:full] %>
<%= simple_format article.body %>
<% else %>
<%= truncate article.body %>
<% end %>
```
This way it is possible to use the partial without the need to declare all local variables.

188
guides/source/upgrading_ruby_on_rails.md
View File

@ -267,28 +267,30 @@ Action Cable JavaScript API:
If you are configuring these adapters you will need to make
these changes:
```diff
- ActionCable.WebSocket = MyWebSocket
+ ActionCable.adapters.WebSocket = MyWebSocket
```
```diff
- ActionCable.logger = myLogger
+ ActionCable.adapters.logger = myLogger
```
```diff
- ActionCable.WebSocket = MyWebSocket
+ ActionCable.adapters.WebSocket = MyWebSocket
```
```diff
- ActionCable.logger = myLogger
+ ActionCable.adapters.logger = myLogger
```
- The `ActionCable.startDebugging()` and `ActionCable.stopDebugging()`
methods have been removed and replaced with the property
`ActionCable.logger.enabled`. If you are using these methods you
will need to make these changes:
```diff
- ActionCable.startDebugging()
+ ActionCable.logger.enabled = true
```
```diff
- ActionCable.stopDebugging()
+ ActionCable.logger.enabled = false
```
```diff
- ActionCable.startDebugging()
+ ActionCable.logger.enabled = true
```
```diff
- ActionCable.stopDebugging()
+ ActionCable.logger.enabled = false
```
### `ActionDispatch::Response#content_type` now returns the Content-Type header without modification
@ -1764,12 +1766,12 @@ this gem such as `whitelist_attributes` or `mass_assignment_sanitizer` options.
* Rails 4.0 requires that scopes use a callable object such as a Proc or lambda:
```ruby
scope :active, where(active: true)
```ruby
scope :active, where(active: true)
# becomes
scope :active, -> { where active: true }
```
# becomes
scope :active, -> { where active: true }
```
* Rails 4.0 has deprecated `ActiveRecord::Fixtures` in favor of `ActiveRecord::FixtureSet`.
@ -1795,15 +1797,15 @@ this gem such as `whitelist_attributes` or `mass_assignment_sanitizer` options.
* Rails 4.0 has changed to default join table for `has_and_belongs_to_many` relations to strip the common prefix off the second table name. Any existing `has_and_belongs_to_many` relationship between models with a common prefix must be specified with the `join_table` option. For example:
```ruby
CatalogCategory < ActiveRecord::Base
has_and_belongs_to_many :catalog_products, join_table: 'catalog_categories_catalog_products'
end
```ruby
CatalogCategory < ActiveRecord::Base
has_and_belongs_to_many :catalog_products, join_table: 'catalog_categories_catalog_products'
end
CatalogProduct < ActiveRecord::Base
has_and_belongs_to_many :catalog_categories, join_table: 'catalog_categories_catalog_products'
end
```
CatalogProduct < ActiveRecord::Base
has_and_belongs_to_many :catalog_categories, join_table: 'catalog_categories_catalog_products'
end
```
* Note that the prefix takes scopes into account as well, so relations between `Catalog::Category` and `Catalog::Product` or `Catalog::Category` and `CatalogProduct` need to be updated similarly.
@ -1817,30 +1819,30 @@ Rails 4.0 extracted Active Resource to its own gem. If you still need the featur
* Rails 4.0 has changed `ActiveModel::Serializers::JSON.include_root_in_json` default value to `false`. Now, Active Model Serializers and Active Record objects have the same default behavior. This means that you can comment or remove the following option in the `config/initializers/wrap_parameters.rb` file:
```ruby
# Disable root element in JSON by default.
# ActiveSupport.on_load(:active_record) do
# self.include_root_in_json = false
# end
```
```ruby
# Disable root element in JSON by default.
# ActiveSupport.on_load(:active_record) do
# self.include_root_in_json = false
# end
```
### Action Pack
* Rails 4.0 introduces `ActiveSupport::KeyGenerator` and uses this as a base from which to generate and verify signed cookies (among other things). Existing signed cookies generated with Rails 3.x will be transparently upgraded if you leave your existing `secret_token` in place and add the new `secret_key_base`.
* Rails 4.0 introduces `ActiveSupport::KeyGenerator` and uses this as a base from which to generate and verify signed cookies (among other things). Existing signed cookies generated with Rails 3.x will be transparently upgraded if you leave your existing `secret_token` in place and add the new `secret_key_base`.
```ruby
# config/initializers/secret_token.rb
Myapp::Application.config.secret_token = 'existing secret token'
Myapp::Application.config.secret_key_base = 'new secret key base'
```
```ruby
# config/initializers/secret_token.rb
Myapp::Application.config.secret_token = 'existing secret token'
Myapp::Application.config.secret_key_base = 'new secret key base'
```
Please note that you should wait to set `secret_key_base` until you have 100% of your userbase on Rails 4.x and are reasonably sure you will not need to rollback to Rails 3.x. This is because cookies signed based on the new `secret_key_base` in Rails 4.x are not backwards compatible with Rails 3.x. You are free to leave your existing `secret_token` in place, not set the new `secret_key_base`, and ignore the deprecation warnings until you are reasonably sure that your upgrade is otherwise complete.
Please note that you should wait to set `secret_key_base` until you have 100% of your userbase on Rails 4.x and are reasonably sure you will not need to rollback to Rails 3.x. This is because cookies signed based on the new `secret_key_base` in Rails 4.x are not backwards compatible with Rails 3.x. You are free to leave your existing `secret_token` in place, not set the new `secret_key_base`, and ignore the deprecation warnings until you are reasonably sure that your upgrade is otherwise complete.
If you are relying on the ability for external applications or JavaScript to be able to read your Rails app's signed session cookies (or signed cookies in general) you should not set `secret_key_base` until you have decoupled these concerns.
If you are relying on the ability for external applications or JavaScript to be able to read your Rails app's signed session cookies (or signed cookies in general) you should not set `secret_key_base` until you have decoupled these concerns.
* Rails 4.0 encrypts the contents of cookie-based sessions if `secret_key_base` has been set. Rails 3.x signed, but did not encrypt, the contents of cookie-based session. Signed cookies are "secure" in that they are verified to have been generated by your app and are tamper-proof. However, the contents can be viewed by end users, and encrypting the contents eliminates this caveat/concern without a significant performance penalty.
* Rails 4.0 encrypts the contents of cookie-based sessions if `secret_key_base` has been set. Rails 3.x signed, but did not encrypt, the contents of cookie-based session. Signed cookies are "secure" in that they are verified to have been generated by your app and are tamper-proof. However, the contents can be viewed by end users, and encrypting the contents eliminates this caveat/concern without a significant performance penalty.
Please read [Pull Request #9978](https://github.com/rails/rails/pull/9978) for details on the move to encrypted session cookies.
Please read [Pull Request #9978](https://github.com/rails/rails/pull/9978) for details on the move to encrypted session cookies.
* Rails 4.0 removed the `ActionController::Base.asset_path` option. Use the assets pipeline feature.
@ -1863,69 +1865,69 @@ or `link_to_unless`).
* Rails 4.0 changed how `assert_generates`, `assert_recognizes`, and `assert_routing` work. Now all these assertions raise `Assertion` instead of `ActionController::RoutingError`.
* Rails 4.0 raises an `ArgumentError` if clashing named routes are defined. This can be triggered by explicitly defined named routes or by the `resources` method. Here are two examples that clash with routes named `example_path`:
* Rails 4.0 raises an `ArgumentError` if clashing named routes are defined. This can be triggered by explicitly defined named routes or by the `resources` method. Here are two examples that clash with routes named `example_path`:
```ruby
get 'one' => 'test#example', as: :example
get 'two' => 'test#example', as: :example
```
```ruby
get 'one' => 'test#example', as: :example
get 'two' => 'test#example', as: :example
```
```ruby
resources :examples
get 'clashing/:id' => 'test#example', as: :example
```
```ruby
resources :examples
get 'clashing/:id' => 'test#example', as: :example
```
In the first case, you can simply avoid using the same name for multiple
routes. In the second, you can use the `only` or `except` options provided by
the `resources` method to restrict the routes created as detailed in the
[Routing Guide](routing.html#restricting-the-routes-created).
In the first case, you can simply avoid using the same name for multiple
routes. In the second, you can use the `only` or `except` options provided by
the `resources` method to restrict the routes created as detailed in the
[Routing Guide](routing.html#restricting-the-routes-created).
* Rails 4.0 also changed the way unicode character routes are drawn. Now you can draw unicode character routes directly. If you already draw such routes, you must change them, for example:
* Rails 4.0 also changed the way unicode character routes are drawn. Now you can draw unicode character routes directly. If you already draw such routes, you must change them, for example:
```ruby
get Rack::Utils.escape('こんにちは'), controller: 'welcome', action: 'index'
```
```ruby
get Rack::Utils.escape('こんにちは'), controller: 'welcome', action: 'index'
```
becomes
becomes
```ruby
get 'こんにちは', controller: 'welcome', action: 'index'
```
```ruby
get 'こんにちは', controller: 'welcome', action: 'index'
```
* Rails 4.0 requires that routes using `match` must specify the request method. For example:
* Rails 4.0 requires that routes using `match` must specify the request method. For example:
```ruby
# Rails 3.x
match '/' => 'root#index'
```ruby
# Rails 3.x
match '/' => 'root#index'
# becomes
match '/' => 'root#index', via: :get
# becomes
match '/' => 'root#index', via: :get
# or
get '/' => 'root#index'
```
# or
get '/' => 'root#index'
```
* Rails 4.0 has removed `ActionDispatch::BestStandardsSupport` middleware, `<!DOCTYPE html>` already triggers standards mode per https://msdn.microsoft.com/en-us/library/jj676915(v=vs.85).aspx and ChromeFrame header has been moved to `config.action_dispatch.default_headers`.
* Rails 4.0 has removed `ActionDispatch::BestStandardsSupport` middleware, `<!DOCTYPE html>` already triggers standards mode per https://msdn.microsoft.com/en-us/library/jj676915(v=vs.85).aspx and ChromeFrame header has been moved to `config.action_dispatch.default_headers`.
Remember you must also remove any references to the middleware from your application code, for example:
Remember you must also remove any references to the middleware from your application code, for example:
```ruby
# Raise exception
config.middleware.insert_before(Rack::Lock, ActionDispatch::BestStandardsSupport)
```
```ruby
# Raise exception
config.middleware.insert_before(Rack::Lock, ActionDispatch::BestStandardsSupport)
```
Also check your environment settings for `config.action_dispatch.best_standards_support` and remove it if present.
Also check your environment settings for `config.action_dispatch.best_standards_support` and remove it if present.
* Rails 4.0 allows configuration of HTTP headers by setting `config.action_dispatch.default_headers`. The defaults are as follows:
* Rails 4.0 allows configuration of HTTP headers by setting `config.action_dispatch.default_headers`. The defaults are as follows:
```ruby
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'SAMEORIGIN',
'X-XSS-Protection' => '1; mode=block'
}
```
```ruby
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'SAMEORIGIN',
'X-XSS-Protection' => '1; mode=block'
}
```
Please note that if your application is dependent on loading certain pages in a `<frame>` or `<iframe>`, then you may need to explicitly set `X-Frame-Options` to `ALLOW-FROM ...` or `ALLOWALL`.
Please note that if your application is dependent on loading certain pages in a `<frame>` or `<iframe>`, then you may need to explicitly set `X-Frame-Options` to `ALLOW-FROM ...` or `ALLOWALL`.
* In Rails 4.0, precompiling assets no longer automatically copies non-JS/CSS assets from `vendor/assets` and `lib/assets`. Rails application and engine developers should put these assets in `app/assets` or configure `config.assets.precompile`.
@ -1965,9 +1967,9 @@ The order in which helpers from more than one directory are loaded has changed i
* `assets:precompile:primary` and `assets:precompile:all` have been removed. Use `assets:precompile` instead.
* The `config.assets.compress` option should be changed to `config.assets.js_compressor` like so for instance:
```ruby
config.assets.js_compressor = :uglifier
```
```ruby
config.assets.js_compressor = :uglifier
```
### sass-rails