1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/actionpack/CHANGELOG.md
Terence Sun b9c63b0aae Explicitly ignored wildcard verbs from head_routes
In match_head_routes, deleted the routes in which request.request_method was empty (matches all HTTP verbs) when responding to a HEAD request. This prevents catch-all routes (such as Racks) from intercepting the HEAD request.

Fixes #18698
2015-02-08 12:03:56 -05:00

5.6 KiB

  • Explicitly ignored wildcard verbs when searching for HEAD routes before fallback

    Fixes an issue where a mounted rack app at root would intercept the HEAD request causing an incorrect behavior during the fall back to GET requests.

    Example:

    draw do
        get '/home' => 'test#index'
        mount rack_app, at: '/'
    end
    head '/home'
    assert_response :success
    

    In this case, a HEAD request runs through the routes the first time and fails to match anything. Then, it runs through the list with the fallback and matches get '/home'. The original behavior would match the rack app in the first pass.

    Terence Sun

  • Migrating xhr methods to keyword arguments syntax in ActionController::TestCase and ActionDispatch::Integration

    Old syntax:

    xhr :get, :create, params: { id: 1 }
    

    New syntax example:

    get :create, params: { id: 1 }, xhr: true
    

    Kir Shatrov

  • Migrating to keyword arguments syntax in ActionController::TestCase and ActionDispatch::Integration HTTP request methods.

    Example:

    post :create, params: { y: x }, session: { a: 'b' }
    get :view, params: { id: 1 }
    get :view, params: { id: 1 }, format: :json
    

    Kir Shatrov

  • Preserve default url options when generating URLs.

    Fixes an issue that would cause default_url_options to be lost when generating URLs with fewer positional arguments than parameters in the route definition.

    Tekin Suleyman

  • Deprecate *_via_redirect integration test methods.

    Use follow_redirect! manually after the request call for the same behavior.

    Aditya Kapoor

  • Add ActionController::Renderer to render arbitrary templates outside controller actions.

    Its functionality is accessible through class methods render and renderer of ActionController::Base.

    Ravil Bayramgalin

  • Support :assigns option when rendering with controllers/mailers.

    Ravil Bayramgalin

  • Default headers, removed in controller actions, are no longer reapplied on the test response.

    Jonas Baumann

  • Deprecate all *_filter callbacks in favor of *_action callbacks.

    Rafael Mendonça França

  • Allow you to pass prepend: false to protect_from_forgery to have the verification callback appended instead of prepended to the chain. This allows you to let the verification step depend on prior callbacks.

    Example:

    class ApplicationController < ActionController::Base
      before_action :authenticate
      protect_from_forgery prepend: false, unless: -> { @authenticated_by.oauth? }
    
      private
        def authenticate
          if oauth_request?
            # authenticate with oauth
            @authenticated_by = 'oauth'.inquiry
          else
            # authenticate with cookies
            @authenticated_by = 'cookie'.inquiry
          end
        end
    end
    

    Josef Šimánek

  • Remove ActionController::HideActions.

    Ravil Bayramgalin

  • Remove respond_to/respond_with placeholder methods, this functionality has been extracted to the responders gem.

    Carlos Antonio da Silva

  • Remove deprecated assertion files.

    Rafael Mendonça França

  • Remove deprecated usage of string keys in URL helpers.

    Rafael Mendonça França

  • Remove deprecated only_path option on *_path helpers.

    Rafael Mendonça França

  • Remove deprecated NamedRouteCollection#helpers.

    Rafael Mendonça França

  • Remove deprecated support to define routes with :to option that doesn't contain #.

    Rafael Mendonça França

  • Remove deprecated ActionDispatch::Response#to_ary.

    Rafael Mendonça França

  • Remove deprecated ActionDispatch::Request#deep_munge.

    Rafael Mendonça França

  • Remove deprecated ActionDispatch::Http::Parameters#symbolized_path_parameters.

    Rafael Mendonça França

  • Remove deprecated option use_route in controller tests.

    Rafael Mendonça França

  • Ensure append_info_to_payload is called even if an exception is raised.

    Fixes an issue where when an exception is raised in the request the additonal payload data is not available.

    See:

    Dieter Komendera, Margus Pärt

  • Correctly rely on the response's status code to handle calls to head.

    Robin Dupret

  • Using head method returns empty response_body instead of returning a single space " ".

    The old behavior was added as a workaround for a bug in an early version of Safari, where the HTTP headers are not returned correctly if the response body has a 0-length. This is been fixed since and the workaround is no longer necessary.

    Fixes #18253.

    Prathamesh Sonpatki

  • Fix how polymorphic routes works with objects that implement to_model.

    Travis Grathwell

  • Stop converting empty arrays in params to nil.

    This behaviour was introduced in response to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155

    ActiveRecord now issues a safe query when passing an empty array into a where clause, so there is no longer a need to defend against this type of input (any nils are still stripped from the array).

    Chris Sinjakli

  • Fixed usage of optional scopes in url helpers.

    Alex Robbin

  • Fixed handling of positional url helper arguments when format: false.

    Fixes #17819.

    Andrew White, Tatiana Soukiassian

Please check 4-2-stable for previous changes.