In match_head_routes, deleted the routes in which request.request_method was empty (matches all HTTP verbs) when responding to a HEAD request. This prevents catch-all routes (such as Racks) from intercepting the HEAD request. Fixes #18698
5.6 KiB
-
Explicitly ignored wildcard verbs when searching for HEAD routes before fallback
Fixes an issue where a mounted rack app at root would intercept the HEAD request causing an incorrect behavior during the fall back to GET requests.
Example:
draw do get '/home' => 'test#index' mount rack_app, at: '/' end head '/home' assert_response :success
In this case, a HEAD request runs through the routes the first time and fails to match anything. Then, it runs through the list with the fallback and matches
get '/home'
. The original behavior would match the rack app in the first pass.Terence Sun
-
Migrating xhr methods to keyword arguments syntax in
ActionController::TestCase
andActionDispatch::Integration
Old syntax:
xhr :get, :create, params: { id: 1 }
New syntax example:
get :create, params: { id: 1 }, xhr: true
Kir Shatrov
-
Migrating to keyword arguments syntax in
ActionController::TestCase
andActionDispatch::Integration
HTTP request methods.Example:
post :create, params: { y: x }, session: { a: 'b' } get :view, params: { id: 1 } get :view, params: { id: 1 }, format: :json
Kir Shatrov
-
Preserve default url options when generating URLs.
Fixes an issue that would cause default_url_options to be lost when generating URLs with fewer positional arguments than parameters in the route definition.
Tekin Suleyman
-
Deprecate *_via_redirect integration test methods.
Use
follow_redirect!
manually after the request call for the same behavior.Aditya Kapoor
-
Add
ActionController::Renderer
to render arbitrary templates outside controller actions.Its functionality is accessible through class methods
render
andrenderer
ofActionController::Base
.Ravil Bayramgalin
-
Support
:assigns
option when rendering with controllers/mailers.Ravil Bayramgalin
-
Default headers, removed in controller actions, are no longer reapplied on the test response.
Jonas Baumann
-
Deprecate all *_filter callbacks in favor of *_action callbacks.
Rafael Mendonça França
-
Allow you to pass
prepend: false
to protect_from_forgery to have the verification callback appended instead of prepended to the chain. This allows you to let the verification step depend on prior callbacks.Example:
class ApplicationController < ActionController::Base before_action :authenticate protect_from_forgery prepend: false, unless: -> { @authenticated_by.oauth? } private def authenticate if oauth_request? # authenticate with oauth @authenticated_by = 'oauth'.inquiry else # authenticate with cookies @authenticated_by = 'cookie'.inquiry end end end
Josef Šimánek
-
Remove
ActionController::HideActions
.Ravil Bayramgalin
-
Remove
respond_to
/respond_with
placeholder methods, this functionality has been extracted to theresponders
gem.Carlos Antonio da Silva
-
Remove deprecated assertion files.
Rafael Mendonça França
-
Remove deprecated usage of string keys in URL helpers.
Rafael Mendonça França
-
Remove deprecated
only_path
option on*_path
helpers.Rafael Mendonça França
-
Remove deprecated
NamedRouteCollection#helpers
.Rafael Mendonça França
-
Remove deprecated support to define routes with
:to
option that doesn't contain#
.Rafael Mendonça França
-
Remove deprecated
ActionDispatch::Response#to_ary
.Rafael Mendonça França
-
Remove deprecated
ActionDispatch::Request#deep_munge
.Rafael Mendonça França
-
Remove deprecated
ActionDispatch::Http::Parameters#symbolized_path_parameters
.Rafael Mendonça França
-
Remove deprecated option
use_route
in controller tests.Rafael Mendonça França
-
Ensure
append_info_to_payload
is called even if an exception is raised.Fixes an issue where when an exception is raised in the request the additonal payload data is not available.
See:
Dieter Komendera, Margus Pärt
-
Correctly rely on the response's status code to handle calls to
head
.Robin Dupret
-
Using
head
method returns empty response_body instead of returning a single space " ".The old behavior was added as a workaround for a bug in an early version of Safari, where the HTTP headers are not returned correctly if the response body has a 0-length. This is been fixed since and the workaround is no longer necessary.
Fixes #18253.
Prathamesh Sonpatki
-
Fix how polymorphic routes works with objects that implement
to_model
.Travis Grathwell
-
Stop converting empty arrays in
params
tonil
.This behaviour was introduced in response to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155
ActiveRecord now issues a safe query when passing an empty array into a where clause, so there is no longer a need to defend against this type of input (any nils are still stripped from the array).
Chris Sinjakli
-
Fixed usage of optional scopes in url helpers.
Alex Robbin
-
Fixed handling of positional url helper arguments when
format: false
.Fixes #17819.
Andrew White, Tatiana Soukiassian
Please check 4-2-stable for previous changes.