1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Commit graph

17 commits

Author SHA1 Message Date
George Claghorn
847342c25c Stream blobs from disk 2018-05-02 18:56:09 -04:00
Javan Makhmali
efb7dc65d9 Always exclude JSON root from direct_uploads#create response
The JavaScript component expects a bare response.

Fixes #32365
2018-04-10 06:36:47 -04:00
Andrew White
9436c22e2a
Use a current model to provide the host for service urls
Trying to pass the current request down to the service so that it can
create full urls instead of paths makes the API messy so use a model
based on ActiveSupport::CurrentAttributes to provide the current host
to services that need it (primarily the disk service).
2018-04-06 20:07:52 +01:00
Rafael Mendonça França
03bd370c02
Protect all active storage controllers agains CSRF
Before it was possible to for example use the direct upload controller
without using the site.
2018-04-06 14:28:44 -04:00
Kasper Timm Hansen
0f302b8970
Merge Previews/Variants controller into one Representations controller.
Since ActiveStorage::Blob::Representable unifies the idea of previews and
variants under one roof as representation, we may as well have the
controllers follow suit.

Thus ActiveStorage::RepresenationsController enters the fray. I've copied
the old tests for both previews and variants and unified those as well.
2018-03-03 21:36:43 +01:00
George Claghorn
dbff1cee55 Exclude ActiveStorage::SetBlob from API docs [ci skip] 2018-01-02 22:49:18 -05:00
George Claghorn
af0caadb8d Handle invalid signed blob IDs gracefully 2017-12-15 19:26:53 -05:00
George Claghorn
4d5f0bb30b Fix loading ActiveStorage::DiskController when CSRF protection is disabled by default 2017-11-21 14:59:30 -05:00
George Claghorn
2d20a7696a Fix direct uploads to local service
Disable CSRF protection for ActiveStorage::DiskController#update. The local disk service is intended to imitate a third-party service like S3 or GCS, so we don't care where direct uploads originate: they’re authorized by signed tokens.

Closes #30290.

[Shinichi Maeshima & George Claghorn]
2017-11-20 10:54:46 -05:00
George Claghorn
d30586211b Preview PDFs and videos 2017-09-28 16:43:37 -04:00
George Claghorn
376dd5c001 DRY 2017-08-20 18:09:44 -04:00
Xavier Noria
d8bf5d73c3 restores some double newlines deleted in ae87217
These were intentional, see

https://github.com/rails/rails/pull/30061#issuecomment-320068368
2017-08-15 22:01:24 +02:00
Xavier Noria
ae87217382 minor tweaks in Active Storage after a walkthrough 2017-08-15 18:50:46 +02:00
Koichi ITO
d02844f249 Use frozen string literal in Active Storage 2017-08-12 21:43:42 +09:00
Anton Khamets
e25466b142 Enable browser caching for blobs and variants (#30196) 2017-08-11 13:18:12 -04:00
Rafael Mendonça França
f601a01b2c Do not eager load ActiveRecord::Base
Everything inside the app directory of a engine is autoload/eager loaded automatically so we don't need to require them.
2017-08-03 16:57:48 -04:00
Rafael Mendonça França
9330d01ada Add 'activestorage/' from commit '3f4a7218a4a4923a0e7ce1b2eb0d2888ce30da58'
git-subtree-dir: activestorage
git-subtree-mainline: 0d58e7e478
git-subtree-split: 3f4a7218a4
2017-07-31 15:21:22 -04:00