… This is the same API that ActiveModel ended up using and that won't be changing.
+ Fixed deprecated usage in gemspecs. Bumped the version to 2.3.12 so I could test locally with actual installs. If this is bad form for this project, please beat me up and I'll split them out.
This may cause problems. I dunno. The real solution is to get rid of all of this mess and use gem paths properly.
name and requirement. Better, just activate the spec for the dependency (1.8 only)
…VER change the semantics of the parent (returning nil if default).
…the find_by_* method. Closes issue #330. Commit fdfc8e3 introduced a bugfix to prevent additional values passed to a dynamic find_or_create_by_x methods from confusing the finder. This patch also broke the essential behavior of this method on an association by incorrectly sending arguments to the find_by_x methods. The finder method would always see its inputs as a single array of values instead of individual arguments, almost guaranteeing that the finder call would be incorrect, and that we'd always create a new record instead. This patch adds a splat operator to the parameter array we send along to the dynamic finder so that it receives its inputs correctly, and includes an additional test to ensure that repeated calls to find_or_create_by_x only creates one new record.
- it was broken after [commit](rails@e0eb8e9) - there's also [issue](https://rails.lighthouseapp.com/projects/8994/tickets/6634-railsrack-inconsistency-about-expires_afterexpires-cookie-option) - also: maybe it worth making Rack understand :expire_after as we duplicate same logic in [cookie_store](https://github.com/gmarik/rails/blob/v2.3.11/actionpack/lib/action_controller/session/cookie_store.rb#L114) Signed-off-by: José Valim <firstname.lastname@example.org>
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets. To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header: X-CSRF-Token: ... This fixes CVE-2011-0447
This reverts commit 8378a44.
This reverts commit b5cf2b4.
… second" This reverts commit a0c761d.