Jose and Yehuda
56cdc81c08
Remove default match without specified method
...
In the current router DSL, using the +match+ DSL
method will match all verbs for the path to the
specified endpoint.
In the vast majority of cases, people are
currently using +match+ when they actually mean
+get+. This introduces security implications.
This commit disallows calling +match+ without
an HTTP verb constraint by default. To explicitly
match all verbs, this commit also adds a
:via => :all option to +match+.
Closes #5964
2012-04-24 22:52:26 -05:00
José Valim
654df86b7b
Show detailed exceptions no longer returns true if the request is local in production.
2011-12-16 10:45:59 +01:00
José Valim
119e9e2daf
Get rid of update_details in favor of passing details to find_template.
2011-09-22 15:03:05 +02:00
Xavier Noria
799a6fa047
realigns a series of hash arrows
2010-11-21 10:25:23 +01:00
Jan Maurits Faber
f04ec6a227
Added support for Erubis <%== tag
...
<%== x %> is syntactic sugar for <%= raw(x) %>
Signed-off-by: Michael Koziarski <michael@koziarski.com>
[#5918 status:committed]
2010-11-08 09:55:55 +13:00
José Valim
c7760809bf
Allow cache to be temporarily disabled through lookup_context.
2010-10-07 21:31:31 +02:00
José Valim
c563f10f3e
render :template => 'foo/bar.json' now works as it should.
2010-10-07 21:31:31 +02:00
Piotr Sarnacki
c15bb4901b
Fixed routes to use new API in a few more actionpack tests
2010-09-05 13:44:37 +02:00
Yehuda Katz
2092351652
Add support for compile-time <%= raw %>
2010-01-31 23:42:35 -08:00
Joshua Peek
61411f2aeb
Redraw default routes on all internal integration tests. We don't need SimpleRouteCase anymore
2009-10-03 23:18:32 -05:00
Joshua Peek
018b79dd36
File extra test folders into controller, dispatch, or template
2009-10-03 21:05:51 -05:00
