4.7 KiB
-
respond_to#anyno longer returns a response's Content-Type based on the request format but based on the block given.Example:
def my_action respond_to do |format| format.any { render(json: { foo: 'bar' }) } end end get('my_action.csv')The previous behaviour was to respond with a
text/csvContent-Type which is inaccurate since a JSON response is being rendered.Now it correctly returns a
application/jsonContent-Type.Edouard Chin
-
Replaces (back)slashes in failure screenshot image paths with dashes.
If a failed test case contained a slash or a backslash, a screenshot would be created in a nested directory, causing issues with
tmp:clear.Damir Zekic
-
Add
params.member?to mimic Hash behavior.Younes Serraj
-
process_action.action_controllernotifications now include the following in their payloads::request- theActionDispatch::Request:response- theActionDispatch::Response
George Claghorn
-
Updated
ActionDispatch::Request.remote_ipsetter to clear set the instanceremote_iptonilbefore setting the header that the value is derived from.Fixes #37383.
Norm Provost
-
ActionController::Base.log_atallows setting a different log level per request.# Use the debug level if a particular cookie is set. class ApplicationController < ActionController::Base log_at :debug, if: -> { cookies[:debug] } endGeorge Claghorn
-
Allow system test screen shots to be taken more than once in a test by prefixing the file name with an incrementing counter.
Add an environment variable
RAILS_SYSTEM_TESTING_SCREENSHOT_HTMLto enable saving of HTML during a screenshot in addition to the image. This uses the same image name, with the extension replaced with.htmlTom Fakes
-
Add
Vary: Acceptheader when usingAcceptheader for responseFor some requests like
/users/1, Rails uses requests'Acceptheader to determine what to return. And if we don't addVaryin the response header, browsers might accidentally cache different types of content, which would cause issues: e.g. javascript got displayed instead of html content. This PR fixes these issues by addingVary: Acceptin these types of requests. For more detailed problem description, please read:https://github.com/rails/rails/pull/36213
Fixes #25842.
Stan Lo
-
Fix IntegrationTest
follow_redirect!to follow redirection using the same HTTP verb when following a 307 redirection.Edouard Chin
-
System tests require Capybara 3.26 or newer.
George Claghorn
-
Reduced log noise handling ActionController::RoutingErrors.
Alberto Fernández-Capel
-
Add DSL for configuring HTTP Feature Policy.
This new DSL provides a way to configure an HTTP Feature Policy at a global or per-controller level. Full details of HTTP Feature Policy specification and guidelines can be found at MDN:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
Example global policy:
Rails.application.config.feature_policy do |f| f.camera :none f.gyroscope :none f.microphone :none f.usb :none f.fullscreen :self f.payment :self, "https://secure.example.com" endExample controller level policy:
class PagesController < ApplicationController feature_policy do |p| p.geolocation "https://example.com" end endJacob Bednarz
-
Add the ability to set the CSP nonce only to the specified directives.
Fixes #35137.
Yuji Yaginuma
-
Keep part when scope option has value.
When a route was defined within an optional scope, if that route didn't take parameters the scope was lost when using path helpers. This commit ensures scope is kept both when the route takes parameters or when it doesn't.
Fixes #33219.
Alberto Almagro
-
Added
deep_transform_keysanddeep_transform_keys!methods to ActionController::Parameters.Gustavo Gutierrez
-
Calling
ActionController::Parameters#transform_keys/!without a block now returns an enumerator for the parameters instead of the underlying hash.Eugene Kenny
-
Fix strong parameters blocks all attributes even when only some keys are invalid (non-numerical). It should only block invalid key's values instead.
Stan Lo
Please check 6-0-stable for previous changes.