1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/actionview/CHANGELOG.md
yuuji.yaginuma 1694b02909 Make JS views rendered work with content security policy
As of now,  `HTMLElement.nonce` seems to work only in Chrome.
So, it should not be used now.
https://developer.mozilla.org/en-US/docs/Web/API/HTMLElement/nonce#Browser_compatibility

Fixes #32577.
2018-04-20 15:41:56 +09:00

2.3 KiB

  • Fix JavaScript views rendering does not work with Firefox when using Content Security Policy.

    Fixes #32577.

    Yuji Yaginuma

  • Add the nonce: true option for javascript_include_tag helper to support automatic nonce generation for Content Security Policy. Works the same way as javascript_tag nonce: true does.

    Yaroslav Markin

  • Remove ActionView::Helpers::RecordTagHelper.

    Yoshiyuki Hirano

  • Disable ActionView::Template finalizers in test environment.

    Template finalization can be expensive in large view test suites. Add a configuration option, action_view.finalize_compiled_template_methods, and turn it off in the test environment.

    Simon Coffey

  • Extract the confirm call in its own, overridable method in rails_ujs. Example : Rails.confirm = function(message, element) { return (my_bootstrap_modal_confirm(message)); }

    Mathieu Mahé

  • Enable select tag helper to mark prompt option as selected and/or disabled for required field. Example:

    select :post,
           :category,
           ["lifestyle", "programming", "spiritual"],
           { selected: "", disabled: "", prompt: "Choose one" },
           { required: true }
    

    Placeholder option would be selected and disabled. The HTML produced:

    <select required="required" name="post[category]" id="post_category">
    <option disabled="disabled" selected="selected" value="">Choose one</option>
    <option value="lifestyle">lifestyle</option>
    <option value="programming">programming</option>
    <option value="spiritual">spiritual</option></select>
    

    Sergey Prikhodko

  • Don't enforce UTF-8 by default.

    With the disabling of TLS 1.0 by most major websites, continuing to run IE8 or lower becomes increasingly difficult so default to not enforcing UTF-8 encoding as it's not relevant to other browsers.

    Andrew White

  • Change translation key of submit_tag from module_name_class_name to module_name/class_name.

    Rui Onodera

  • Rails 6 requires Ruby 2.4.1 or newer.

    Jeremy Daer

Please check 5-2-stable for previous changes.