kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/actionpack/CHANGELOG.md
Andrew White 2378f69e69 Always use the provided port for protocol relative urls 
There may be situations where you need to tunnel SSL connections over
port 80 so we shouldn't remove it if it has been explicitly provided.
2014-05-11 12:59:37 +01:00

3.4 KiB
Raw Blame History

  • Always use the provided port if the protocol is relative.

    Fixes #15043.

    Guilherme Cavalcanti, Andrew White

  • Moved params[request_forgery_protection_token] into its own method and improved tests.

    Fixes #11316.

    Tom Kadwill

  • Added verification of route constraints given as a Proc or an object responding to :matches?. Previously, when given an non-complying object, it would just silently fail to enforce the constraint. It will now raise an ArgumentError when setting up the routes.

    Xavier Defrang

  • Properly treat the entire IPv6 User Local Address space as private for purposes of remote IP detection. Also handle uppercase private IPv6 addresses.

    Fixes #12638.

    Caleb Spare

  • Fixed an issue with migrating legacy json cookies.

    Previously, the VerifyAndUpgradeLegacySignedMessage assumes all incoming cookies are marshal-encoded. This is not the case when secret_token is used in conjunction with the :json or :hybrid serializer.

    In those case, when upgrading to use secret_key_base, this would cause a TypeError: incompatible marshal file format and a 500 error for the user.

    Fixes #14774.

    Godfrey Chan

  • Make URL escaping more consistent:

    1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers
    2. Add an escape_segment helper to Router::Utils that escapes '/' characters
    3. Use escape_segment rather than escape_fragment in optimized URL generation
    4. Use escape_segment rather than escape_path in URL generation

    For point 4 there are two exceptions. Firstly, when a route uses wildcard segments (e.g. *foo) then we use escape_path as the value may contain '/' characters. This means that wildcard routes can't be optimized. Secondly, if a :controller segment is used in the path then this uses escape_path as the controller may be namespaced.

    Fixes #14629, #14636 and #14070.

    Andrew White, Edho Arief

  • Add alias ActionDispatch::Http::UploadedFile#to_io to ActionDispatch::Http::UploadedFile#tempfile.

    Tim Linquist

  • Returns null type format when format is not know and controller is using any format block.

    Fixes #14462.

    Rafael Mendonça França

  • Improve routing error page with fuzzy matching search.

    Winston

  • Only make deeply nested routes shallow when parent is shallow.

    Fixes #14684.

    Andrew White, James Coglan

  • Append link to bad code to backtrace when exception is SyntaxError.

    Boris Kuznetsov

  • Swapped the parameters of assert_equal in assert_select so that the proper values were printed correctly

    Fixes #14422.

    Vishal Lal

  • The method shallow? returns false if the parent resource is a singleton so we need to check if we're not inside a nested scope before copying the :path and :as options to their shallow equivalents.

    Fixes #14388.

    Andrew White

  • Make logging of CSRF failures optional (but on by default) with the log_warning_on_csrf_failure configuration setting in ActionController::RequestForgeryProtection.

    John Barton

  • Fix URL generation in controller tests with request-dependent default_url_options methods.

    Tony Wooster

Please check 4-1-stable for previous changes.