kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
20209 commits 72 branches 493 tags 355 MiB
Commit graph

27 commits

Author SHA1 Message Date
Carlos Antonio da Silva
c915ddd386 Start cleanup of deprecations in ActionView 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-06 13:42:46 +02:00
Carlos Antonio da Silva
b01df28413 Do not wrap hidden fields with error proc [#4962 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-06-25 09:49:29 +02:00
Rizwan Reza
1a0dc267f1 Action View is now titled. 2010-06-21 00:50:08 +04:30
David Heinemeier Hansson
ea037ff557 Base options cant live in lazy loaded helpers as they then wont be available to set for config 2010-05-31 13:48:47 -05:00
Santiago Pastorino
aacf2581cd refactor evals and adds some __FILE__ and __LINE__ 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-20 15:18:57 +02:00
Jeremy Kemper
72a3e4b77b Rename fieldWithErrors style to field_with_errors. Remove unused alert style. 2010-04-24 15:02:12 -07:00
José Valim
ece157e950 Move verification to a plugin as well: http://github.com/rails/verification.git 2010-04-10 11:47:20 +02:00
José Valim
cd79a46174 Remove input, form, error_messages_for and error_message_on from the framework. If you think you will miss them, feel free to use the dynamic_form plugin available at http://github.com/rails/dynamic_form 2010-04-10 10:53:05 +02:00
wycats
4aded43b73 Replace the placeholder base_hook API with on_load. To specify some code that 
should run during framework load do:

ActiveSupport.on_load(:action_controller) do
  # Code run in the context of AC::Base
end
 2010-03-29 17:08:50 -07:00
Paco Guzman
878a9e02f6 html_tag option to wrap error_message_on text [#4283 state:resolved] 
Signed-off-by: wycats <wycats@gmail.com>
 2010-03-28 17:27:10 -07:00
wycats
fdebc7f55b Missing require 2010-03-27 12:39:28 -07:00
wycats
0a352056a4 Fixes a bug where error_messages_for was returning an empty div [#4048 state:resolved] (ht: Geoff Garside) 2010-03-27 03:10:05 -07:00
Daniel Rodríguez Troitiño
334983eca0 Recovers error_messages for ActiveRecordInstanceTag. [#4078 state:resolved] 
Signed-off-by: wycats <wycats@gmail.com>
 2010-03-27 01:56:20 -07:00
Santiago Pastorino
beeb02076a Making escaped things more readable 2010-03-14 12:07:15 -05:00
wycats
39d6f9e112 Make many parts of Rails lazy. In order to facilitate this, 
add lazy_load_hooks.rb, which allows us to declare code that
should be run at some later time. For instance, this allows
us to defer requiring ActiveRecord::Base at boot time purely
to apply configuration. Instead, we register a hook that should
apply configuration once ActiveRecord::Base is loaded.

With these changes, brings down total boot time of a
new app to 300ms in production and 400ms in dev.

TODO: rename base_hook
 2010-03-07 06:24:30 -08:00
José Valim
250c809246 Require persisted? in ActiveModel::Lint and remove new_record? and destroyed? methods. ActionPack does not care if the resource is new or if it was destroyed, it cares only if it's persisted somewhere or not. 2010-02-21 11:12:14 +01:00
Santiago Pastorino and José Ignacio Costa
98a5bf8ff2 Explicit html_escape removed when not needed 
Signed-off-by: Yehuda Katz <yehudakatz@YK.local>
 2010-02-14 12:03:39 -08:00
Bruno Michel
f86421fb28 content_tag should escape its input 
Signed-off-by: Yehuda Katz <yehudakatz@YK.local>
 2010-02-14 12:03:28 -08:00
Yehuda Katz
4cbb9db0a5 For performance reasons, you can no longer call html_safe! on Strings. Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self). 
* Additionally, instead of doing concat("</form>".html_safe), you can do
    safe_concat("</form>"), which will skip both the flag set, and the flag
    check.
  * For the first pass, I converted virtually all #html_safe!s to #html_safe,
    and the tests pass. A further optimization would be to try to use
    #safe_concat as much as possible, reducing the performance impact if
    we know up front that a String is safe.
 2010-01-31 19:39:13 -08:00
José Valim
a091e2e4f6 errors in ActionView should not be namespaced as well. 2010-01-07 15:31:50 +01:00
José Valim
9fbb2c571b Fix error_messages_for when instance variable names are given. 
Signed-off-by: Joshua Peek <josh@joshpeek.com>
 2009-10-21 11:18:36 -05:00
José Valim
cb87302689 Bring agnosticism to error_messages_for. 2009-10-17 13:03:28 -03:00
Michael Koziarski
c352ec060c error procs have to be safe too 2009-10-08 12:13:48 +13:00
Michael Koziarski
9415935902 Switch to on-by-default XSS escaping for rails. 
This consists of:

  * String#html_safe! a method to mark a string as 'safe'
  * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it
  * Calls to String#html_safe! throughout the rails helpers
  * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB)
  * New ERB implementation based on erubis which uses a SafeBuffer instead of a String

Hat tip to Django for the inspiration.
 2009-10-08 09:31:20 +13:00
Jeremy Kemper
12c271d1d2 Ruby 1.9.2: implicit argument passing of super from method defined by define_method() is not supported 2009-08-07 17:04:56 -07:00
Yehuda Katz
c4d1075bd3 Add support for error_messages_for(@obj) 2009-07-28 19:06:14 -07:00
Yehuda Katz
f2f5cdc8bc Rename ActiveRecordHelper to ActiveModelHelper 2009-07-20 01:30:49 +09:00
Renamed from actionpack/lib/action_view/helpers/active_record_helper.rb (Browse further)