Merge branch 'master' of github.com:rails/docrails
Conflicts: guides/source/4_0_release_notes.md
This commit is contained in:
commit
c26ee64b92
|
@ -141,6 +141,7 @@ module ActionView
|
|||
# will get expanded to
|
||||
#
|
||||
# <%= text_field :person, :first_name %>
|
||||
#
|
||||
# which results in an HTML <tt><input></tt> tag whose +name+ attribute is
|
||||
# <tt>person[first_name]</tt>. This means that when the form is submitted,
|
||||
# the value entered by the user will be available in the controller as
|
||||
|
|
|
@ -21,7 +21,7 @@ module ActionView
|
|||
# Also available through the alias j(). This is particularly helpful in JavaScript
|
||||
# responses, like:
|
||||
#
|
||||
# $('some_element').replaceWith('<%=j render 'some/element_template' %>');
|
||||
# $('some_element').replaceWith('<%= j render 'some/element_template' %>');
|
||||
def escape_javascript(javascript)
|
||||
if javascript
|
||||
result = javascript.gsub(/(\\|<\/|\r\n|\342\200\250|\342\200\251|[\n\r"'])/u) {|match| JS_ESCAPE_MAP[match] }
|
||||
|
|
|
@ -154,23 +154,23 @@ module ActionView
|
|||
# specified globally for the entire action, but they work in a similar fashion. Imagine a list with two types
|
||||
# of users:
|
||||
#
|
||||
# <%# app/views/users/index.html.erb &>
|
||||
# <%# app/views/users/index.html.erb %>
|
||||
# Here's the administrator:
|
||||
# <%= render partial: "user", layout: "administrator", locals: { user: administrator } %>
|
||||
#
|
||||
# Here's the editor:
|
||||
# <%= render partial: "user", layout: "editor", locals: { user: editor } %>
|
||||
#
|
||||
# <%# app/views/users/_user.html.erb &>
|
||||
# <%# app/views/users/_user.html.erb %>
|
||||
# Name: <%= user.name %>
|
||||
#
|
||||
# <%# app/views/users/_administrator.html.erb &>
|
||||
# <%# app/views/users/_administrator.html.erb %>
|
||||
# <div id="administrator">
|
||||
# Budget: $<%= user.budget %>
|
||||
# <%= yield %>
|
||||
# </div>
|
||||
#
|
||||
# <%# app/views/users/_editor.html.erb &>
|
||||
# <%# app/views/users/_editor.html.erb %>
|
||||
# <div id="editor">
|
||||
# Deadline: <%= user.deadline %>
|
||||
# <%= yield %>
|
||||
|
@ -233,7 +233,7 @@ module ActionView
|
|||
#
|
||||
# You can also apply a layout to a block within any template:
|
||||
#
|
||||
# <%# app/views/users/_chief.html.erb &>
|
||||
# <%# app/views/users/_chief.html.erb %>
|
||||
# <%= render(layout: "administrator", locals: { user: chief }) do %>
|
||||
# Title: <%= chief.title %>
|
||||
# <% end %>
|
||||
|
@ -250,13 +250,13 @@ module ActionView
|
|||
# If you pass arguments to "yield" then this will be passed to the block. One way to use this is to pass
|
||||
# an array to layout and treat it as an enumerable.
|
||||
#
|
||||
# <%# app/views/users/_user.html.erb &>
|
||||
# <%# app/views/users/_user.html.erb %>
|
||||
# <div class="user">
|
||||
# Budget: $<%= user.budget %>
|
||||
# <%= yield user %>
|
||||
# </div>
|
||||
#
|
||||
# <%# app/views/users/index.html.erb &>
|
||||
# <%# app/views/users/index.html.erb %>
|
||||
# <%= render layout: @users do |user| %>
|
||||
# Title: <%= user.title %>
|
||||
# <% end %>
|
||||
|
@ -265,14 +265,14 @@ module ActionView
|
|||
#
|
||||
# You can also yield multiple times in one layout and use block arguments to differentiate the sections.
|
||||
#
|
||||
# <%# app/views/users/_user.html.erb &>
|
||||
# <%# app/views/users/_user.html.erb %>
|
||||
# <div class="user">
|
||||
# <%= yield user, :header %>
|
||||
# Budget: $<%= user.budget %>
|
||||
# <%= yield user, :footer %>
|
||||
# </div>
|
||||
#
|
||||
# <%# app/views/users/index.html.erb &>
|
||||
# <%# app/views/users/index.html.erb %>
|
||||
# <%= render layout: @users do |user, section| %>
|
||||
# <%- case section when :header -%>
|
||||
# Title: <%= user.title %>
|
||||
|
|
|
@ -258,7 +258,7 @@ module ActiveRecord #:nodoc:
|
|||
# <tt>attributes=</tt> method. The +errors+ property of this exception contains an array of
|
||||
# AttributeAssignmentError
|
||||
# objects that should be inspected to determine which attributes triggered the errors.
|
||||
# * RecordInvalid - raised by save! and create! when the record is invalid.
|
||||
# * RecordInvalid - raised by <tt>save!</tt> and <tt>create!</tt> when the record is invalid.
|
||||
# * RecordNotFound - No record responded to the +find+ method. Either the row with the given ID doesn't exist
|
||||
# or the row didn't meet the additional restrictions. Some +find+ calls do not raise this exception to signal
|
||||
# nothing was found, please check its documentation for further details.
|
||||
|
|
|
@ -13,7 +13,7 @@ class ERB
|
|||
# This method is also aliased as <tt>h</tt>.
|
||||
#
|
||||
# In your ERB templates, use this method to escape any unsafe content. For example:
|
||||
# <%=h @person.name %>
|
||||
# <%= h @person.name %>
|
||||
#
|
||||
# puts html_escape('is a > 0 & a < 10?')
|
||||
# # => is a > 0 & a < 10?
|
||||
|
|
|
@ -59,25 +59,25 @@ Major Features
|
|||
|
||||
### Upgrade
|
||||
|
||||
* **Ruby 1.9.3** ([commit](https://github.com/rails/rails/commit/a0380e808d3dbd2462df17f5d3b7fcd8bd812496)) - Ruby 2.0 preferred; 1.9.3+ required
|
||||
* **[New deprecation policy](http://www.youtube.com/watch?v=z6YgD6tVPQs)** - Deprecated features are warnings in Rails 4.0 and will be removed in Rails 4.1.
|
||||
* **ActionPack page and action caching** ([commit](https://github.com/rails/rails/commit/b0a7068564f0c95e7ef28fc39d0335ed17d93e90)) - Page and action caching are extracted to a separate gem. Page and action caching requires too much manual intervention (manually expiring caches when the underlying model objects are updated). Instead, use Russian doll caching.
|
||||
* **ActiveRecord observers** ([commit](https://github.com/rails/rails/commit/ccecab3ba950a288b61a516bf9b6962e384aae0b)) - Observers are extracted to a separate gem. Observers are only needed for page and action caching, and can lead to spaghetti code.
|
||||
* **ActiveRecord session store** ([commit](https://github.com/rails/rails/commit/0ffe19056c8e8b2f9ae9d487b896cad2ce9387ad)) - The ActiveRecord session store is extracted to a separate gem. Storing sessions in SQL is costly. Instead, use cookie sessions, memcache sessions, or a custom session store.
|
||||
* **ActiveModel mass assignment protection** ([commit](https://github.com/rails/rails/commit/f8c9a4d3e88181cee644f91e1342bfe896ca64c6)) - Rails 3 mass assignment protection is deprecated. Instead, use strong parameters.
|
||||
* **ActiveResource** ([commit](https://github.com/rails/rails/commit/f1637bf2bb00490203503fbd943b73406e043d1d)) - ActiveResource is extracted to a separate gem. ActiveResource was not widely used.
|
||||
* **vendor/plugins removed** ([commit](https://github.com/rails/rails/commit/853de2bd9ac572735fa6cf59fcf827e485a231c3)) - Use a Gemfile to manage installed gems.
|
||||
* **Ruby 1.9.3** ([commit](https://github.com/rails/rails/commit/a0380e808d3dbd2462df17f5d3b7fcd8bd812496)) - Ruby 2.0 preferred; 1.9.3+ required
|
||||
* **[New deprecation policy](http://www.youtube.com/watch?v=z6YgD6tVPQs)** - Deprecated features are warnings in Rails 4.0 and will be removed in Rails 4.1.
|
||||
* **ActionPack page and action caching** ([commit](https://github.com/rails/rails/commit/b0a7068564f0c95e7ef28fc39d0335ed17d93e90)) - Page and action caching are extracted to a separate gem. Page and action caching requires too much manual intervention (manually expiring caches when the underlying model objects are updated). Instead, use Russian doll caching.
|
||||
* **ActiveRecord observers** ([commit](https://github.com/rails/rails/commit/ccecab3ba950a288b61a516bf9b6962e384aae0b)) - Observers are extracted to a separate gem. Observers are only needed for page and action caching, and can lead to spaghetti code.
|
||||
* **ActiveRecord session store** ([commit](https://github.com/rails/rails/commit/0ffe19056c8e8b2f9ae9d487b896cad2ce9387ad)) - The ActiveRecord session store is extracted to a separate gem. Storing sessions in SQL is costly. Instead, use cookie sessions, memcache sessions, or a custom session store.
|
||||
* **ActiveModel mass assignment protection** ([commit](https://github.com/rails/rails/commit/f8c9a4d3e88181cee644f91e1342bfe896ca64c6)) - Rails 3 mass assignment protection is deprecated. Instead, use strong parameters.
|
||||
* **ActiveResource** ([commit](https://github.com/rails/rails/commit/f1637bf2bb00490203503fbd943b73406e043d1d)) - ActiveResource is extracted to a separate gem. ActiveResource was not widely used.
|
||||
* **vendor/plugins removed** ([commit](https://github.com/rails/rails/commit/853de2bd9ac572735fa6cf59fcf827e485a231c3)) - Use a Gemfile to manage installed gems.
|
||||
|
||||
### ActionPack
|
||||
|
||||
* **Strong parameters** ([commit](https://github.com/rails/rails/commit/a8f6d5c6450a7fe058348a7f10a908352bb6c7fc)) - Only allow whitelisted parameters to update model objects (`params.permit(:title, :text)`).
|
||||
* **Routing concerns** ([commit](https://github.com/rails/rails/commit/0dd24728a088fcb4ae616bb5d62734aca5276b1b)) - In the routing DSL, factor out common subroutes (`comments` from `/posts/1/comments` and `/videos/1/comments`).
|
||||
* **ActionController::Live** ([commit](https://github.com/rails/rails/commit/af0a9f9eefaee3a8120cfd8d05cbc431af376da3)) - Stream JSON with `response.stream`.
|
||||
* **Declarative ETags** ([commit](https://github.com/rails/rails/commit/ed5c938fa36995f06d4917d9543ba78ed506bb8d)) - Add controller-level etag additions that will be part of the action etag computation.
|
||||
* **[Russian doll caching](http://37signals.com/svn/posts/3113-how-key-based-cache-expiration-works)** ([commit](https://github.com/rails/rails/commit/4154bf012d2bec2aae79e4a49aa94a70d3e91d49)) - Cache nested fragments of views. Each fragment expires based on a set of dependencies (a cache key). The cache key is usually a template version number and a model object.
|
||||
* **Turbolinks** ([commit](https://github.com/rails/rails/commit/e35d8b18d0649c0ecc58f6b73df6b3c8d0c6bb74)) - Serve only one initial HTML page. When the user navigates to another page, use pushState to update the URL and use AJAX to update the title and body.
|
||||
* **Decouple ActionView from ActionController** ([commit](https://github.com/rails/rails/commit/78b0934dd1bb84e8f093fb8ef95ca99b297b51cd)) - ActionView was decoupled from ActionPack and will be moved to a separated gem in Rails 4.1.
|
||||
* **Do not depend on ActiveModel** ([commit](https://github.com/rails/rails/commit/166dbaa7526a96fdf046f093f25b0a134b277a68)) - ActionPack no longer depends on ActiveModel.
|
||||
* **Strong parameters** ([commit](https://github.com/rails/rails/commit/a8f6d5c6450a7fe058348a7f10a908352bb6c7fc)) - Only allow whitelisted parameters to update model objects (`params.permit(:title, :text)`).
|
||||
* **Routing concerns** ([commit](https://github.com/rails/rails/commit/0dd24728a088fcb4ae616bb5d62734aca5276b1b)) - In the routing DSL, factor out common subroutes (`comments` from `/posts/1/comments` and `/videos/1/comments`).
|
||||
* **ActionController::Live** ([commit](https://github.com/rails/rails/commit/af0a9f9eefaee3a8120cfd8d05cbc431af376da3)) - Stream JSON with `response.stream`.
|
||||
* **Declarative ETags** ([commit](https://github.com/rails/rails/commit/ed5c938fa36995f06d4917d9543ba78ed506bb8d)) - Add controller-level etag additions that will be part of the action etag computation.
|
||||
* **[Russian doll caching](http://37signals.com/svn/posts/3113-how-key-based-cache-expiration-works)** ([commit](https://github.com/rails/rails/commit/4154bf012d2bec2aae79e4a49aa94a70d3e91d49)) - Cache nested fragments of views. Each fragment expires based on a set of dependencies (a cache key). The cache key is usually a template version number and a model object.
|
||||
* **Turbolinks** ([commit](https://github.com/rails/rails/commit/e35d8b18d0649c0ecc58f6b73df6b3c8d0c6bb74)) - Serve only one initial HTML page. When the user navigates to another page, use pushState to update the URL and use AJAX to update the title and body.
|
||||
* **Decouple ActionView from ActionController** ([commit](https://github.com/rails/rails/commit/78b0934dd1bb84e8f093fb8ef95ca99b297b51cd)) - ActionView was decoupled from ActionPack and will be moved to a separated gem in Rails 4.1.
|
||||
* **Do not depend on ActiveModel** ([commit](https://github.com/rails/rails/commit/166dbaa7526a96fdf046f093f25b0a134b277a68)) - ActionPack no longer depends on ActiveModel.
|
||||
|
||||
### General
|
||||
|
||||
|
@ -95,9 +95,9 @@ NOTE: Check that the gems you are using are threadsafe.
|
|||
|
||||
### Security
|
||||
|
||||
* **match do not catch all** ([commit](https://github.com/rails/rails/commit/90d2802b71a6e89aedfe40564a37bd35f777e541)) - In the routing DSL, match requires the HTTP verb or verbs to be specified.
|
||||
* **html entities escaped by default** ([commit](https://github.com/rails/rails/commit/5f189f41258b83d49012ec5a0678d827327e7543)) - Strings rendered in erb are escaped unless wrapped with `raw` or `html_safe` is called.
|
||||
* **New security headers** ([commit](https://github.com/rails/rails/commit/6794e92b204572d75a07bd6413bdae6ae22d5a82)) - Rails sends the following headers with every HTTP request: `X-Frame-Options` (prevents clickjacking by forbidding the browser from embedding the page in a frame), `X-XSS-Protection` (asks the browser to halt script injection) and `X-Content-Type-Options` (prevents the browser from opening a jpeg as an exe).
|
||||
* **match do not catch all** ([commit](https://github.com/rails/rails/commit/90d2802b71a6e89aedfe40564a37bd35f777e541)) - In the routing DSL, match requires the HTTP verb or verbs to be specified.
|
||||
* **html entities escaped by default** ([commit](https://github.com/rails/rails/commit/5f189f41258b83d49012ec5a0678d827327e7543)) - Strings rendered in erb are escaped unless wrapped with `raw` or `html_safe` is called.
|
||||
* **New security headers** ([commit](https://github.com/rails/rails/commit/6794e92b204572d75a07bd6413bdae6ae22d5a82)) - Rails sends the following headers with every HTTP request: `X-Frame-Options` (prevents clickjacking by forbidding the browser from embedding the page in a frame), `X-XSS-Protection` (asks the browser to halt script injection) and `X-Content-Type-Options` (prevents the browser from opening a jpeg as an exe).
|
||||
|
||||
Extraction of features to gems
|
||||
---------------------------
|
||||
|
|
|
@ -257,7 +257,7 @@ application is using any of these spellings, you will need to update them:
|
|||
* Values in attribute selectors may need to be quoted if they contain
|
||||
non-alphanumeric characters.
|
||||
|
||||
```
|
||||
```ruby
|
||||
# before
|
||||
a[href=/]
|
||||
a[href$=/]
|
||||
|
@ -272,7 +272,7 @@ application is using any of these spellings, you will need to update them:
|
|||
|
||||
For example:
|
||||
|
||||
``` ruby
|
||||
```ruby
|
||||
# content: <div><i><p></i></div>
|
||||
|
||||
# before:
|
||||
|
@ -290,7 +290,7 @@ application is using any of these spellings, you will need to update them:
|
|||
used to be raw (e.g. `AT&T`), and now is evaluated
|
||||
(e.g. `AT&T`).
|
||||
|
||||
``` ruby
|
||||
```ruby
|
||||
# content: <p>AT&T</p>
|
||||
|
||||
# before:
|
||||
|
|
|
@ -402,7 +402,7 @@ INFO: You can also use `rake -T` to get the list of tasks.
|
|||
$ bin/rake about
|
||||
About your application's environment
|
||||
Rails version 5.0.0
|
||||
Ruby version 2.2.0 (x86_64-linux)
|
||||
Ruby version 2.2.1 (x86_64-linux)
|
||||
RubyGems version 2.4.5
|
||||
Rack version 1.6
|
||||
JavaScript Runtime Node.js (V8)
|
||||
|
|
|
@ -241,7 +241,7 @@ Upon form submission the value entered by the user will be stored in `params[:pe
|
|||
|
||||
WARNING: You must pass the name of an instance variable, i.e. `:person` or `"person"`, not an actual instance of your model object.
|
||||
|
||||
Rails provides helpers for displaying the validation errors associated with a model object. These are covered in detail by the [Active Record Validations](./active_record_validations.html#displaying-validation-errors-in-views) guide.
|
||||
Rails provides helpers for displaying the validation errors associated with a model object. These are covered in detail by the [Active Record Validations](active_record_validations.html#displaying-validation-errors-in-views) guide.
|
||||
|
||||
### Binding a Form to an Object
|
||||
|
||||
|
|
|
@ -1522,7 +1522,7 @@ This command will generate four files:
|
|||
| -------------------------------------------- | ------------------------------------------------------------------------------------------------------ |
|
||||
| db/migrate/20140120201010_create_comments.rb | Migration to create the comments table in your database (your name will include a different timestamp) |
|
||||
| app/models/comment.rb | The Comment model |
|
||||
| test/models/comment_test.rb | Testing harness for the comments model |
|
||||
| test/models/comment_test.rb | Testing harness for the comment model |
|
||||
| test/fixtures/comments.yml | Sample comments for use in testing |
|
||||
|
||||
First, take a look at `app/models/comment.rb`:
|
||||
|
|
|
@ -909,7 +909,7 @@ The `:as` option lets you override the normal naming for the named route helpers
|
|||
resources :photos, as: 'images'
|
||||
```
|
||||
|
||||
will recognize incoming paths beginning with `/photos` and route the requests to `PhotosController`, but use the value of the :as option to name the helpers.
|
||||
will recognize incoming paths beginning with `/photos` and route the requests to `PhotosController`, but use the value of the `:as` option to name the helpers.
|
||||
|
||||
| HTTP Verb | Path | Controller#Action | Named Helper |
|
||||
| --------- | ---------------- | ----------------- | -------------------- |
|
||||
|
|
|
@ -162,7 +162,7 @@ project is created.
|
|||
|
||||
We will cover each of types Rails tests listed above in this guide.
|
||||
|
||||
Unit Testing your Models
|
||||
Model Testing
|
||||
------------------------
|
||||
|
||||
In Rails, unit tests are what you write to test your models.
|
||||
|
@ -929,7 +929,7 @@ assert_select_email do
|
|||
end
|
||||
```
|
||||
|
||||
Testing helpers
|
||||
Testing Helpers
|
||||
---------------
|
||||
|
||||
In order to test helpers, all you need to do is check that the output of the
|
||||
|
|
Loading…
Reference in New Issue