1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/actionpack/CHANGELOG.md
Jean Boussier c1c96a0140 Explicitly fail on attempts to write into disabled sessions
Until now `config.session_store :disabled` simply silently
discard the session hash at the end of the request.

By explictly failing on writes, it can help discovering bugs
earlier.

Reads are still permitted.
2021-05-17 20:02:52 +02:00

3.2 KiB

  • Writing into a disabled session will now raise an error.

    Previously when no session store was set, writing into the session would silently fail.

    Jean Boussier

  • Add support for 'require-trusted-types-for' and 'trusted-types' headers.

    Fixes #42034

    lfalcao

  • Remove inline styles and address basic accessibility issues on rescue templates.

    Jacob Herrington

  • Add support for 'private, no-store' Cache-Control headers.

    Previously, 'no-store' was exclusive; no other directives could be specified.

    Alex Smith

  • Expand payload of unpermitted_parameters.action_controller instrumentation to allow subscribers to know which controller action received unpermitted parameters.

    bbuchalter

  • Add ActionController::Live#send_stream that makes it more convenient to send generated streams:

    send_stream(filename: "subscribers.csv") do |stream|
      stream.writeln "email_address,updated_at"
    
      @subscribers.find_each do |subscriber|
        stream.writeln [ subscriber.email_address, subscriber.updated_at ].join(",")
      end
    end
    

    DHH

  • Add ActionController::Live::Buffer#writeln to write a line to the stream with a newline included.

    DHH

  • ActionDispatch::Request#content_type now returned Content-Type header as it is.

    Previously, ActionDispatch::Request#content_type returned value does NOT contain charset part. This behavior changed to returned Content-Type header containing charset part as it is.

    If you want just MIME type, please use ActionDispatch::Request#media_type instead.

    Before:

    request = ActionDispatch::Request.new("CONTENT_TYPE" => "text/csv; header=present; charset=utf-16", "REQUEST_METHOD" => "GET")
    request.content_type #=> "text/csv"
    

    After:

    request = ActionDispatch::Request.new("Content-Type" => "text/csv; header=present; charset=utf-16", "REQUEST_METHOD" => "GET")
    request.content_type #=> "text/csv; header=present; charset=utf-16"
    request.media_type   #=> "text/csv"
    

    Rafael Mendonça França

  • Change ActionDispatch::Request#media_type to return nil when the request don't have a Content-Type header.

    Rafael Mendonça França

  • Fix error in ActionController::LogSubscriber that would happen when throwing inside a controller action.

    Janko Marohnić

  • Allow anything with #to_str (like Addressable::URI) as a redirect_to location

    ojab

  • Change the request method to a GET when passing failed requests down to config.exceptions_app.

    Alex Robbin

  • Deprecate the ability to assign a single value to config.action_dispatch.trusted_proxies as RemoteIp middleware behaves inconsistently depending on whether this is configured with a single value or an enumerable.

    Fixes #40772

    Christian Sutter

  • Add redirect_back_or_to(fallback_location, **) as a more aesthetically pleasing version of redirect_back fallback_location:, **. The old method name is retained without explicit deprecation.

    DHH

Please check 6-1-stable for previous changes.