- was exposed as _view, which suggested it was private
- left _view as an alias of view as not to break any extensions that are
relying on _view
[#4932 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
rendering the view.
- Previously, _assigns were locked down the first time _view was
referenced.
[#4931 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
_helper module included in the view.
- ensures that protect_against_forgery? is present when a helper
included in a partial that is rendered by the template under test
calls it (which happens in FormTagHelper#extra_tags_for_form, for
example).
[#4700 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
- decouple tests from the test case class by moving them outside
- split out more TestCase subs as cleaner way of avoiding bleed of
class level concepts
Signed-off-by: José Valim <jose.valim@gmail.com>
ActionView::TestCase::TestController without stubs. Just say:
@controller.controller_path = "path/i/need/for/this/test"
[#4697 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
- enables alternative testing frameworks to include AV::TC::Behavior
instead of subclassing AV::TC
- also added tests and code for:
- test view delegates :notice to request.flash
- useful since generators generate views that use notice
- test case doesn't try to include modules that are actually
classes
Signed-off-by: José Valim <jose.valim@gmail.com>
* Additionally, instead of doing concat("</form>".html_safe), you can do
safe_concat("</form>"), which will skip both the flag set, and the flag
check.
* For the first pass, I converted virtually all #html_safe!s to #html_safe,
and the tests pass. A further optimization would be to try to use
#safe_concat as much as possible, reducing the performance impact if
we know up front that a String is safe.
This consists of:
* String#html_safe! a method to mark a string as 'safe'
* ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it
* Calls to String#html_safe! throughout the rails helpers
* a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB)
* New ERB implementation based on erubis which uses a SafeBuffer instead of a String
Hat tip to Django for the inspiration.