Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 5926 lines (3401 sloc) 302.748 kB
8d4f63a @drogus Include routes.mounted_helpers into integration tests
drogus authored
1 ## Rails 3.2.6 (unreleased) ##
2
ceb8ec3 @tenderlove updating changelogs with security fixes
tenderlove authored
3 * nil is removed from array parameter values
4
fc092a9 @carlosgaldino Deprecate `:confirm` in favor of `:data => { :confirm => 'Text' }` op…
carlosgaldino authored
5 * Deprecate `:confirm` in favor of `':data => { :confirm => "Text" }'` option for `button_to`, `button_tag`, `image_submit_tag`, `link_to` and `submit_tag` helpers.
6
7 *Carlos Galdino*
8
f550d4d @drogus Allow to use mounted helpers in ActionView::TestCase
drogus authored
9 * Allow to use mounted_helpers (helpers for accessing mounted engines) in ActionView::TestCase. *Piotr Sarnacki*
10
8d4f63a @drogus Include routes.mounted_helpers into integration tests
drogus authored
11 * Include mounted_helpers (helpers for accessing mounted engines) in ActionDispatch::IntegrationTest by default. *Piotr Sarnacki*
12
b13d89e @rafaelfranca Add release date of 3.2.5 on the CHANGELOG
rafaelfranca authored
13
14 ## Rails 3.2.5 (Jun 1, 2012) ##
15
16 * No changes.
17
18
d3e5d1c @tenderlove updating changelogs
tenderlove authored
19 ## Rails 3.2.4 (May 31, 2012) ##
342b54a @rafaelfranca Add CHANGELOG entry.
rafaelfranca authored
20
616c91d @iHiD Deprecate old APIs for highlight, excerpt and word_wrap
iHiD authored
21 * Deprecate old APIs for highlight, excerpt and word_wrap *Jeremy Walker*
22
e9051e2 Deprecate `:disable_with` for `button_tag` too
Carlos Galdino + Rafael Mendonça França authored
23 * Deprecate `:disable_with` in favor of `'data-disable-with'` option for `button_to`, `button_tag` and `submit_tag` helpers.
21141e7 Deprecate `:disable_with` in favor of `'data-disable-with'` option fo…
Carlos Galdino + Rafael Mendonça França authored
24
25 *Carlos Galdino + Rafael Mendonça França*
26
d47d6e7 Fix typo
Carlos Galdino + Rafael Mendonça França authored
27 * Deprecate `:mouseover` option for `image_tag` helper. *Rafael Mendonça França*
1aff772 @rafaelfranca Deprecate `:mouseover` options for `image_tag` helper.
rafaelfranca authored
28
342b54a @rafaelfranca Add CHANGELOG entry.
rafaelfranca authored
29 * Deprecate `button_to_function` and `link_to_function` helpers. *Rafael Mendonça França*
30
d3e5d1c @tenderlove updating changelogs
tenderlove authored
31 * Don't break Haml with textarea newline fix. GH #393, #4000, #5190, #5191
32
33 * Fix options handling on labels. GH #2492, #5614
34
35 * Added config.action_view.embed_authenticity_token_in_remote_forms to deal
36 with regression from 16ee611fa
37
38 * Set rendered_format when doing render :inline. GH #5632
39
40 * Fix the redirect when it receive blocks with arity of 1. Closes #5677
342b54a @rafaelfranca Add CHANGELOG entry.
rafaelfranca authored
41
44aca7b @tenderlove adding security notifications to CHANGELOGs
tenderlove authored
42 * Strip [nil] from parameters hash. Thanks to Ben Murphy for
43 reporting this! CVE-2012-2660
44
b13d89e @rafaelfranca Add release date of 3.2.5 on the CHANGELOG
rafaelfranca authored
45
342b54a @rafaelfranca Add CHANGELOG entry.
rafaelfranca authored
46 ## Rails 3.2.3 (March 30, 2012) ##
8674823 @spastorino Add CHANGELOG entry
spastorino authored
47
beba826 @drogus Lazy load `default_form_builder` if it's passed as a string
drogus authored
48 * Allow to lazy load `default_form_builder` by passing a `String` instead of a constant. *Piotr Sarnacki*
49
dd69076 @spastorino Add missing CHANGELOG entry
spastorino authored
50 * Fix #5632, render :inline set the proper rendered format. *Santiago Pastorino*
51
b395ca1 @spastorino Add missing CHANGELOG entry
spastorino authored
52 * Fix textarea rendering when using plugins like HAML. Such plugins encode the first newline character in the content. This issue was introduced in https://github.com/rails/rails/pull/5191 *James Coleman*
53
13fe190 @spastorino Remove the leading \n added by textarea on assert_select
spastorino authored
54 * Remove the leading \n added by textarea on assert_select. *Santiago Pastorino*
55
d646d9d @drogus Added config.action_view.embed_authenticity_token_in_remote_forms
drogus authored
56 * Add `config.action_view.embed_authenticity_token_in_remote_forms` (defaults to true) which allows to set if authenticity token will be included by default in remote forms. If you change it to false, you can still force authenticity token by passing `:authenticity_token => true` in form options *Piotr Sarnacki*
57
16ee611 @dhh Do not include the authenticity token in forms where remote: true as …
dhh authored
58 * Do not include the authenticity token in forms where remote: true as ajax forms use the meta-tag value *DHH*
59
520571a @spastorino Turn off verbose mode of rack-cache, we still have X-Rack-Cache to ch…
spastorino authored
60 * Turn off verbose mode of rack-cache, we still have X-Rack-Cache to
61 check that info. Closes #5245. *Santiago Pastorino*
62
8674823 @spastorino Add CHANGELOG entry
spastorino authored
63 * Fix #5238, rendered_format is not set when template is not rendered. *Piotr Sarnacki*
64
3bfd651 @vijaydev changelog updates [ci skip]
vijaydev authored
65 * Upgrade rack-cache to 1.2. *José Valim*
66
67 * ActionController::SessionManagement is deprecated. *Santiago Pastorino*
68
db743ff @rafaelfranca Fix my name in the CHANGELOG to follow the convention
rafaelfranca authored
69 * Since the router holds references to many parts of the system like engines, controllers and the application itself, inspecting the route set can actually be really slow, therefore we default alias inspect to to_s. *José Valim*
3bfd651 @vijaydev changelog updates [ci skip]
vijaydev authored
70
db743ff @rafaelfranca Fix my name in the CHANGELOG to follow the convention
rafaelfranca authored
71 * Add a new line after the textarea opening tag. Closes #393 *Rafael Mendonça França*
3bfd651 @vijaydev changelog updates [ci skip]
vijaydev authored
72
73 * Always pass a respond block from to responder. We should let the responder to decide what to do with the given overridden response block, and not short circuit it. *sikachu*
74
75 * Fixes layout rendering regression from 3.2.2. *José Valim*
8674823 @spastorino Add CHANGELOG entry
spastorino authored
76
db743ff @rafaelfranca Fix my name in the CHANGELOG to follow the convention
rafaelfranca authored
77
78 ## Rails 3.2.2 (March 1, 2012) ##
2e5ec3b @josevalim Merge check box fixes from remote-tracking branch 'cantonio/checkbox-…
josevalim authored
79
82d6ded @spastorino Fix CHANGELOG
spastorino authored
80 * Format lookup for partials is derived from the format in which the template is being rendered. Closes #5025 part 2 *Santiago Pastorino*
110b43c @spastorino Add CHANGELOG entry
spastorino authored
81
82d6ded @spastorino Fix CHANGELOG
spastorino authored
82 * Use the right format when a partial is missing. Closes #5025. *Santiago Pastorino*
b122968 @spastorino Add CHANGELOG entry
spastorino authored
83
567ac65 @sikachu Fix override API response bug in respond_with
sikachu authored
84 * Default responder will now always use your overridden block in `respond_with` to render your response. *Prem Sichanugrist*
85
2e5ec3b @josevalim Merge check box fixes from remote-tracking branch 'cantonio/checkbox-…
josevalim authored
86 * check_box helper with :disabled => true will generate a disabled hidden field to conform with the HTML convention where disabled fields are not submitted with the form.
87 This is a behavior change, previously the hidden tag had a value of the disabled checkbox.
88 *Tadas Tamosauskas*
89
8674823 @spastorino Add CHANGELOG entry
spastorino authored
90
97e8d1d @fxn CHANGELOG revision for v3.2.1
fxn authored
91 ## Rails 3.2.1 (January 26, 2012) ##
92
93 * Documentation improvements.
94
95 * Allow `form.select` to accept ranges (regression). *Jeremy Walker*
96
97 * `datetime_select` works with -/+ infinity dates. *Joe Van Dyk*
98
99
f36dcaf @dhh Preparing for 3.2.0 release
dhh authored
100 ## Rails 3.2.0 (January 20, 2012) ##
281272a @jonleighton Convert CHANGELOGs to Markdown format.
jonleighton authored
101
ae7037e @guilleiguaran Update CHANGELOG and docs for config.assets.logger
guilleiguaran authored
102 * Setting config.assets.logger to false turn off Sprockets logger *Guillermo Iguaran*
103
ed0f0ad @carlosantoniodasilva Update changelog
carlosantoniodasilva authored
104 * Add `config.action_dispatch.default_charset` to configure default charset for ActionDispatch::Response. *Carlos Antonio da Silva*
105
106 * Deprecate setting default charset at controller level, use the new `config.action_dispatch.default_charset` instead. *Carlos Antonio da Silva*
107
108 * Deprecate ActionController::UnknownAction in favour of AbstractController::ActionNotFound. *Carlos Antonio da Silva*
109
110 * Deprecate ActionController::DoubleRenderError in favour of AbstractController::DoubleRenderError. *Carlos Antonio da Silva*
111
112 * Deprecate method_missing handling for not found actions, use action_missing instead. *Carlos Antonio da Silva*
113
114 * Deprecate ActionController#rescue_action, ActionController#initialize_template_class, and ActionController#assign_shortcuts.
115 These methods were not being used internally anymore and are going to be removed in Rails 4. *Carlos Antonio da Silva*
116
c4c6beb @rafaelfranca Add option to configure Sprockets logger
rafaelfranca authored
117 * Add config.assets.logger to configure Sprockets logger *Rafael França*
118
c159b01 @spastorino Use a BodyProxy instead of including a Module that responds to close.
spastorino authored
119 * Use a BodyProxy instead of including a Module that responds to
120 close. Closes #4441 if Active Record is disabled assets are delivered
121 correctly *Santiago Pastorino*
122
6f48fb3 @spastorino Add CHANGELOG entry
spastorino authored
123 * Rails initialization with initialize_on_precompile = false should set assets_dir *Santiago Pastorino*
124
0d7d3a6 @spastorino Add font_path helper method
spastorino authored
125 * Add font_path helper method *Santiago Pastorino*
126
a0fd9fb @spastorino Add CHANGELOG entry
spastorino authored
127 * Depends on rack ~> 1.4.0 *Santiago Pastorino*
128
fc42998 @josevalim Update CHANGELOGs.
josevalim authored
129 * Add :gzip option to `caches_page`. The default option can be configured globally using `page_cache_compression` *Andrey Sitnik*
130
6481bc5 @josevalim Update CHANGELOGs and guides.
josevalim authored
131 * The ShowExceptions middleware now accepts a exceptions application that is responsible to render an exception when the application fails. The application is invoked with a copy of the exception in `env["action_dispatch.exception"]` and with the PATH_INFO rewritten to the status code. *José Valim*
132
3f65e7f @wfarr Add button_tag support to ActionView::Helpers::FormBuilder.
wfarr authored
133 * Add `button_tag` support to ActionView::Helpers::FormBuilder.
134
135 This support mimics the default behavior of `submit_tag`.
136
137 Example:
138
139 <%= form_for @post do |f| %>
140 <%= f.button %>
141 <% end %>
142
ed0f0ad @carlosantoniodasilva Update changelog
carlosantoniodasilva authored
143 * Date helpers accept a new option, `:use_two_digit_numbers = true`, that renders select boxes for months and days with a leading zero without changing the respective values.
dc43e40 @DevL Added :use_two_digit_numbers option [Lennart Fridén & Kim Persson]
DevL authored
144 For example, this is useful for displaying ISO8601-style dates such as '2011-08-01'. *Lennart Fridén and Kim Persson*
145
22a6079 @dhh Make ActiveSupport::Benchmarkable a default module for ActionControll…
dhh authored
146 * Make ActiveSupport::Benchmarkable a default module for ActionController::Base, so the #benchmark method is once again available in the controller context like it used to be *DHH*
147
5ad5215 @josevalim Deprecate implicit layout lookup in favor of inheriting the _layout c…
josevalim authored
148 * Deprecated implied layout lookup in controllers whose parent had a explicit layout set:
149
150 class ApplicationController
151 layout "application"
152 end
153
154 class PostsController < ApplicationController
155 end
156
157 In the example above, Posts controller will no longer automatically look up for a posts layout.
158
159 If you need this functionality you could either remove `layout "application"` from ApplicationController or explicitly set it to nil in PostsController. *José Valim*
160
18ceed2 @sikachu Allow layout fallback when using `layout` method
sikachu authored
161 * Rails will now use your default layout (such as "layouts/application") when you specify a layout with `:only` and `:except` condition, and those conditions fail. *Prem Sichanugrist*
162
163 For example, consider this snippet:
164
165 class CarsController
166 layout 'single_car', :only => :show
167 end
168
169 Rails will use 'layouts/single_car' when a request comes in `:show` action, and use 'layouts/application' (or 'layouts/cars', if exists) when a request comes in for any other actions.
170
e29773f @nashby form_for with +:as+ option uses "action_as" as css class and id
nashby authored
171 * form_for with +:as+ option uses "#{action}_#{as}" as css class and id:
172
173 Before:
174
175 form_for(@user, :as => 'client') # => "<form class="client_new">..."
176
177 Now:
178
179 form_for(@user, :as => 'client') # => "<form class="new_client">..."
180
181 *Vasiliy Ermolovich*
182
07f90f6 @josevalim Merge branch 'exceptions' with the following features:
josevalim authored
183 * Allow rescue responses to be configured through a railtie as in `config.action_dispatch.rescue_responses`. Please look at ActiveRecord::Railtie for an example *José Valim*
184
218c272 @dhh Allow fresh_when/stale? to take a record instead of an options hash […
dhh authored
185 * Allow fresh_when/stale? to take a record instead of an options hash *DHH*
186
1e51cd9 @josevalim Update CHANGELOG.
josevalim authored
187 * Assets should use the request protocol by default or default to relative if no request is available *Jonathan del Strother*
188
189 * Log "Filter chain halted as CALLBACKNAME rendered or redirected" every time a before callback halts *José Valim*
38ab982 @josevalim Log 'Filter chain halted as CALLBACKNAME rendered or redirected' ever…
josevalim authored
190
2559256 @nashby update CHANGELOG
nashby authored
191 * You can provide a namespace for your form to ensure uniqueness of id attributes on form elements.
192 The namespace attribute will be prefixed with underscore on the generate HTML id. *Vasiliy Ermolovich*
193
194 Example:
195
196 <%= form_for(@offer, :namespace => 'namespace') do |f| %>
197 <%= f.label :version, 'Version' %>:
198 <%= f.text_field :version %>
199 <% end %>
200
654df86 @josevalim Show detailed exceptions no longer returns true if the request is loc…
josevalim authored
201 * Refactor ActionDispatch::ShowExceptions. The controller is responsible for choosing to show exceptions when `consider_all_requests_local` is false.
3a1d519 @lest deprecation warning, changelog entry
lest authored
202
654df86 @josevalim Show detailed exceptions no longer returns true if the request is loc…
josevalim authored
203 It's possible to override `show_detailed_exceptions?` in controllers to specify which requests should provide debugging information on errors. The default value is now false, meaning local requests in production will no longer show the detailed exceptions page unless `show_detailed_exceptions?` is overridden and set to `request.local?`.
3a1d519 @lest deprecation warning, changelog entry
lest authored
204
281272a @jonleighton Convert CHANGELOGs to Markdown format.
jonleighton authored
205 * Responders now return 204 No Content for API requests without a response body (as in the new scaffold) *José Valim*
206
207 * Added ActionDispatch::RequestId middleware that'll make a unique X-Request-Id header available to the response and enables the ActionDispatch::Request#uuid method. This makes it easy to trace requests from end-to-end in the stack and to identify individual requests in mixed logs like Syslog *DHH*
208
209 * Limit the number of options for select_year to 1000.
210
211 Pass the :max_years_allowed option to set your own limit.
212
213 *Libo Cannici*
214
215 * Passing formats or handlers to render :template and friends is deprecated. For example: *Nick Sutterer & José Valim*
216
217 render :template => "foo.html.erb"
218
219 Instead, you can provide :handlers and :formats directly as option:
220 render :template => "foo", :formats => [:html, :js], :handlers => :erb
221
222 * Changed log level of warning for missing CSRF token from :debug to :warn. *Mike Dillon*
223
224 * content_tag_for and div_for can now take the collection of records. It will also yield the record as the first argument if you set a receiving argument in your block *Prem Sichanugrist*
225
226 So instead of having to do this:
227
228 @items.each do |item|
229 content_tag_for(:li, item) do
230 Title: <%= item.title %>
231 end
232 end
233
234 You can now do this:
235
236 content_tag_for(:li, @items) do |item|
237 Title: <%= item.title %>
238 end
239
240 * send_file now guess the mime type *Esad Hajdarevic*
241
242 * Mime type entries for PDF, ZIP and other formats were added *Esad Hajdarevic*
243
244 * Generate hidden input before select with :multiple option set to true.
245 This is useful when you rely on the fact that when no options is set,
246 the state of select will be sent to rails application. Without hidden field
247 nothing is sent according to HTML spec *Bogdan Gusiev*
248
249 * Refactor ActionController::TestCase cookies *Andrew White*
250
251 Assigning cookies for test cases should now use cookies[], e.g:
252
253 cookies[:email] = 'user@example.com'
254 get :index
255 assert_equal 'user@example.com', cookies[:email]
256
257 To clear the cookies, use clear, e.g:
258
259 cookies.clear
260 get :index
261 assert_nil cookies[:email]
262
263 We now no longer write out HTTP_COOKIE and the cookie jar is
264 persistent between requests so if you need to manipulate the environment
265 for your test you need to do it before the cookie jar is created.
266
677f968 Add information to the changelog about the changes to ActionControlle…
Jean-Francois Turcot authored
267 * ActionController::ParamsWrapper on ActiveRecord models now only wrap
268 attr_accessible attributes if they were set, if not, only the attributes
269 returned by the class method attribute_names will be wrapped. This fixes
270 the wrapping of nested attributes by adding them to attr_accessible.
271
9be2353 @spastorino Sync AP CHANGELOG with 3-1-stable
spastorino authored
272 ## Rails 3.1.4 (unreleased) ##
273
274 * Allow to use asset_path on named_routes aliasing RailsHelper's
275 asset_path to path_to_asset *Adrian Pike*
276
277 * Assets should use the request protocol by default or default to
278 relative if no request is available *Jonathan del Strother*
279
603a679 @jonleighton Don't html-escape the :count option to translate if it's a Numeric. F…
jonleighton authored
280 ## Rails 3.1.3 (unreleased) ##
281
282 * Fix using `tranlate` helper with a html translation which uses the `:count` option for
283 pluralization.
284
285 *Jon Leighton*
286
fc98811 @jonleighton Implement a workaround for a bug in ruby-1.9.3p0.
jonleighton authored
287 ## Rails 3.1.2 (unreleased) ##
288
e8d57f3 @lest _html translation should escape interpolated arguments
lest authored
289 * Fix XSS security vulnerability in the `translate` helper method. When using interpolation
290 in combination with HTML-safe translations, the interpolated input would not get HTML
291 escaped. *GH 3664*
292
293 Before:
294
295 translate('foo_html', :something => '<script>') # => "...<script>..."
296
297 After:
298
299 translate('foo_html', :something => '<script>') # => "...&lt;script&gt;..."
300
301 *Sergey Nartimov*
302
ca3b468 @jonleighton Sync changelog entry
jonleighton authored
303 * Upgrade sprockets dependency to ~> 2.1.0
304
da02f79 @jonleighton Sync CHANGELOGs from 3-1-stable
jonleighton authored
305 * Ensure that the format isn't applied twice to the cache key, else it becomes impossible
306 to target with expire_action.
307
308 *Christopher Meiklejohn*
309
310 * Swallow error when can't unmarshall object from session.
311
312 *Bruno Zanchet*
313
fc98811 @jonleighton Implement a workaround for a bug in ruby-1.9.3p0.
jonleighton authored
314 * Implement a workaround for a bug in ruby-1.9.3p0 where an error would be raised
315 while attempting to convert a template from one encoding to another.
316
317 Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug.
318
319 The workaround is to load all conversions into memory ahead of time, and will
320 only happen if the ruby version is *exactly* 1.9.3p0. The hope is obviously that
321 the underlying problem will be resolved in the next patchlevel release of
322 1.9.3.
323
324 *Jon Leighton*
281272a @jonleighton Convert CHANGELOGs to Markdown format.
jonleighton authored
325
da02f79 @jonleighton Sync CHANGELOGs from 3-1-stable
jonleighton authored
326 * Ensure users upgrading from 3.0.x to 3.1.x will properly upgrade their flash object in session (issues #3298 and #2509)
327
281272a @jonleighton Convert CHANGELOGs to Markdown format.
jonleighton authored
328 ## Rails 3.1.1 (unreleased) ##
329
330 * javascript_path and stylesheet_path now refer to /assets if asset pipelining
331 is on. [Santiago Pastorino]
332 * button_to support form option. Now you're able to pass for example
333 'data-type' => 'json'. [ihower]
334 * image_path and image_tag should use /assets if asset pipelining is turned
335 on. Closes #3126 [Santiago Pastorino and christos]
336 * Avoid use of existing precompiled assets during rake assets:precompile run.
337 Closes #3119 [Guillermo Iguaran]
338 * Copy assets to nondigested filenames too *Santiago Pastorino*
339
340 * Give precedence to `config.digest = false` over the existence of
341 manifest.yml asset digests [christos]
342 * escape options for the stylesheet_link_tag method *Alexey Vakhov*
343
344 * Re-launch assets:precompile task using (Rake.)ruby instead of Kernel.exec so
345 it works on Windows [cablegram]
346 * env var passed to process shouldn't be modified in process method. [Santiago
347 Pastorino]
348 * `rake assets:precompile` loads the application but does not initialize
349 it.
350 To the app developer, this means configuration add in
351 config/initializers/* will not be executed.
352 Plugins developers need to special case their initializers that are
353 meant to be run in the assets group by adding :group => :assets. *José Valim*
354
355 * Sprockets uses config.assets.prefix for asset_path *asee*
356
357 * FileStore key_file_path properly limit filenames to 255 characters. *phuibonhoa*
358
359 * Fix Hash#to_query edge case with html_safe strings. *brainopia*
360
361 * Allow asset tag helper methods to accept :digest => false option in order to completely avoid the digest generation.
362 Useful for linking assets from static html files or from emails when the user could probably look at an older html email with an older asset. [Santiago Pastorino]
363 * Don't mount Sprockets server at config.assets.prefix if config.assets.compile is false. *Mark J. Titorenko*
364
365 * Set relative url root in assets when controller isn't available for Sprockets (eg. Sass files using asset_path). Fixes #2435 *Guillermo Iguaran*
366
367 * Fix basic auth credential generation to not make newlines. GH #2882
368
369 * Fixed the behavior of asset pipeline when config.assets.digest and config.assets.compile are false and requested asset isn't precompiled.
370 Before the requested asset were compiled anyway ignoring that the config.assets.compile flag is false. *Guillermo Iguaran*
371
372 * CookieJar is now Enumerable. Fixes #2795
373
374 * Fixed AssetNotPrecompiled error raised when rake assets:precompile is compiling certain .erb files. See GH #2763 #2765 #2805 *Guillermo Iguaran*
375
376 * Manifest is correctly placed in assets path when default assets prefix is changed. Fixes #2776 *Guillermo Iguaran*
377
378 * Fixed stylesheet_link_tag and javascript_include_tag to respect additional options passed by the users when debug is on. *Guillermo Iguaran*
379
380
381 ## Rails 3.1.0 (August 30, 2011) ##
382
383 * Param values are `paramified` in controller tests. *David Chelimsky*
384
385 * x_sendfile_header now defaults to nil and config/environments/production.rb doesn't set a particular value for it. This allows servers to set it through X-Sendfile-Type. *Santiago Pastorino*
386
387 * The submit form helper does not generate an id "object_name_id" anymore. *fbrusatti*
388
389 * Make sure respond_with with :js tries to render a template in all cases *José Valim*
390
391 * json_escape will now return a SafeBuffer string if it receives SafeBuffer string *tenderlove*
392
393 * Make sure escape_js returns SafeBuffer string if it receives SafeBuffer string *Prem Sichanugrist*
394
395 * Fix escape_js to work correctly with the new SafeBuffer restriction *Paul Gallagher*
396
397 * Brought back alternative convention for namespaced models in i18n *thoefer*
398
399 Now the key can be either "namespace.model" or "namespace/model" until further deprecation.
400
401 * It is prohibited to perform a in-place SafeBuffer mutation *tenderlove*
402
403 The old behavior of SafeBuffer allowed you to mutate string in place via
404 method like `sub!`. These methods can add unsafe strings to a safe buffer,
405 and the safe buffer will continue to be marked as safe.
406
407 An example problem would be something like this:
408
409 <%= link_to('hello world', @user).sub!(/hello/, params[:xss]) %>
410
411 In the above example, an untrusted string (`params[:xss]`) is added to the
412 safe buffer returned by `link_to`, and the untrusted content is successfully
413 sent to the client without being escaped. To prevent this from happening
414 `sub!` and other similar methods will now raise an exception when they are called on a safe buffer.
415
416 In addition to the in-place versions, some of the versions of these methods which return a copy of the string will incorrectly mark strings as safe. For example:
417
418 <%= link_to('hello world', @user).sub(/hello/, params[:xss]) %>
419
420 The new versions will now ensure that *all* strings returned by these methods on safe buffers are marked unsafe.
421
422 You can read more about this change in http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2e516e7acc96c4fb
423
424 * Warn if we cannot verify CSRF token authenticity *José Valim*
425
426 * Allow AM/PM format in datetime selectors *Aditya Sanghi*
427
428 * Only show dump of regular env methods on exception screen (not all the rack crap) *DHH*
429
430 * auto_link has been removed with no replacement. If you still use auto_link
431 please install the rails_autolink gem:
432 http://github.com/tenderlove/rails_autolink
433
434 *tenderlove*
435
436 * Added streaming support, you can enable it with: *José Valim*
437
438 class PostsController < ActionController::Base
439 stream :only => :index
440 end
441
442 Please read the docs at `ActionController::Streaming` for more information.
443
444 * Added `ActionDispatch::Request.ignore_accept_header` to ignore accept headers and only consider the format given as parameter *José Valim*
445
446 * Created `ActionView::Renderer` and specified an API for `ActionView::Context`, check those objects for more information *José Valim*
447
448 * Added `ActionController::ParamsWrapper` to wrap parameters into a nested hash, and will be turned on for JSON request in new applications by default *Prem Sichanugrist*
449
450 This can be customized by setting `ActionController::Base.wrap_parameters` in `config/initializer/wrap_parameters.rb`
451
452 * RJS has been extracted out to a gem. *fxn*
453
454 * Implicit actions named not_implemented can be rendered. *Santiago Pastorino*
455
456 * Wildcard route will always match the optional format segment by default. *Prem Sichanugrist*
457
458 For example if you have this route:
459
460 match '*pages' => 'pages#show'
461
462 by requesting '/foo/bar.json', your `params[:pages]` will be equals to "foo/bar" with the request format of JSON. If you want the old 3.0.x behavior back, you could supply `:format => false` like this:
463
464 match '*pages' => 'pages#show', :format => false
465
466 * Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call *DHH*
467
468 class PostsController < ApplicationController
469 USER_NAME, PASSWORD = "dhh", "secret"
470
471 before_filter :authenticate, :except => [ :index ]
472
473 def index
474 render :text => "Everyone can see me!"
475 end
476
477 def edit
478 render :text => "I'm only accessible if you know the password"
479 end
480
481 private
482 def authenticate
483 authenticate_or_request_with_http_basic do |user_name, password|
484 user_name == USER_NAME && password == PASSWORD
485 end
486 end
487 end
488
489 ..can now be written as
490
491 class PostsController < ApplicationController
492 http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index
493
494 def index
495 render :text => "Everyone can see me!"
496 end
497
498 def edit
499 render :text => "I'm only accessible if you know the password"
500 end
501 end
502
503 * Allow you to add `force_ssl` into controller to force browser to transfer data via HTTPS protocol on that particular controller. You can also specify `:only` or `:except` to specific it to particular action. *DHH and Prem Sichanugrist*
504
505 * Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash *DHH*
506
507 form_for(@post, remote: true, method: :delete) instead of form_for(@post, remote: true, html: { method: :delete })
508
509 * Make JavaScriptHelper#j() an alias for JavaScriptHelper#escape_javascript() -- note this then supersedes the Object#j() method that the JSON gem adds within templates using the JavaScriptHelper *DHH*
510
511 * Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. *Prem Sichanugrist, fxn*
512
513 * URL parameters which return false for to_param now appear in the query string (previously they were removed) *Andrew White*
514
515 * URL parameters which return nil for to_param are now removed from the query string *Andrew White*
516
517 * ActionDispatch::MiddlewareStack now uses composition over inheritance. It is
518 no longer an array which means there may be methods missing that were not tested.
519 * Add an :authenticity_token option to form_tag for custom handling or to omit the token (pass :authenticity_token => false). *Jakub Kuźma, Igor Wiedler*
520
521 * HTML5 button_tag helper. *Rizwan Reza*
522
523 * Template lookup now searches further up in the inheritance chain. *Artemave*
524
525 * Brought back config.action_view.cache_template_loading, which allows to decide whether templates should be cached or not. *Piotr Sarnacki*
526
527 * url_for and named url helpers now accept :subdomain and :domain as options, *Josh Kalderimis*
528
529 * The redirect route method now also accepts a hash of options which will only change the parts of the url in question, or an object which responds to call, allowing for redirects to be reused (check the documentation for examples). *Josh Kalderimis*
530
531 * Added config.action_controller.include_all_helpers. By default 'helper :all' is done in ActionController::Base, which includes all the helpers by default. Setting include_all_helpers to false will result in including only application_helper and helper corresponding to controller (like foo_helper for foo_controller). *Piotr Sarnacki*
532
533 * Added a convenience idiom to generate HTML5 data-* attributes in tag helpers from a :data hash of options:
534
535 tag("div", :data => {:name => 'Stephen', :city_state => %w(Chicago IL)})
536 # => <div data-name="Stephen" data-city-state="[&quot;Chicago&quot;,&quot;IL&quot;]" />
537
538 Keys are dasherized. Values are JSON-encoded, except for strings and symbols. *Stephen Celis*
539
540 * Deprecate old template handler API. The new API simply requires a template handler to respond to call. *José Valim*
541
542 * :rhtml and :rxml were finally removed as template handlers. *José Valim*
543
544 * Moved etag responsibility from ActionDispatch::Response to the middleware stack. *José Valim*
545
546 * Rely on Rack::Session stores API for more compatibility across the Ruby world. This is backwards incompatible since Rack::Session expects #get_session to accept 4 arguments and requires #destroy_session instead of simply #destroy. *José Valim*
547
548 * file_field automatically adds :multipart => true to the enclosing form. *Santiago Pastorino*
549
550 * Renames csrf_meta_tag -> csrf_meta_tags, and aliases csrf_meta_tag for backwards compatibility. *fxn*
551
552 * Add Rack::Cache to the default stack. Create a Rails store that delegates to the Rails cache, so by default, whatever caching layer you are using will be used for HTTP caching. Note that Rack::Cache will be used if you use #expires_in, #fresh_when or #stale with :public => true. Otherwise, the caching rules will apply to the browser only. *Yehuda Katz, Carl Lerche*
553
554
555 ## Rails 3.0.7 (April 18, 2011) ##
556
557 * No changes.
558
559
560 * Rails 3.0.6 (April 5, 2011)
561
562 * Fixed XSS vulnerability in `auto_link`. `auto_link` no longer marks input as
563 html safe. Please make sure that calls to auto_link() are wrapped in a
564 sanitize(), or a raw() depending on the type of input passed to auto_link().
565 For example:
566
567 <%= sanitize(auto_link(some_user_input)) %>
568
569 Thanks to Torben Schulz for reporting this. The fix can be found here:
570 61ee3449674c591747db95f9b3472c5c3bd9e84d
571
572 * Fixes the output of `rake routes` to be correctly match to the behavior of the application, as the regular expression used to match the path is greedy and won't capture the format part by default *Prem Sichanugrist*
573
574 * Fixes an issue with number_to_human when converting values which are less than 1 but greater than -1 *Josh Kalderimis*
575
576 * Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. *Prem Sichanugrist, fxn*
577
578 * URL parameters which return nil for to_param are now removed from the query string *Andrew White*
579
580 * Don't allow i18n to change the minor version, version now set to ~> 0.5.0 *Santiago Pastorino*
581
582 * Make TranslationHelper#translate use the :rescue_format option in I18n 0.5.0 *Sven Fuchs*
583
584 * Fix regression: javascript_include_tag shouldn't raise if you register an expansion key with nil or [] value *Santiago Pastorino*
585
586 * Fix Action caching bug where an action that has a non-cacheable response always renders a nil response body. It now correctly renders the response body. *Cheah Chu Yeow*
587
588
589 ## Rails 3.0.5 (February 26, 2011) ##
590
591 * No changes.
592
593
594 ## Rails 3.0.4 (February 8, 2011) ##
595
596 * No changes.
597
598
599 ## Rails 3.0.3 (November 16, 2010) ##
600
601 * When ActiveRecord::Base objects are sent to predicate methods, the id of the object should be sent to ARel, not the ActiveRecord::Base object.
602
603 * :constraints routing should only do sanity checks against regular expressions. String arguments are OK.
604
605
606 ## Rails 3.0.2 (November 15, 2010) ##
607
608 * The helper number_to_currency accepts a new :negative_format option to be able to configure how to render negative amounts. *Don Wilson*
609
610
611 ## Rails 3.0.1 (October 15, 2010) ##
612
613 * No Changes, just a version bump.
614
615
616 ## Rails 3.0.0 (August 29, 2010) ##
617
618 * password_field renders with nil value by default making the use of passwords secure by default, if you want to render you should do for instance f.password_field(:password, :value => @user.password) *Santiago Pastorino*
619
620 * Symbols and strings in routes should yield the same behavior. Note this may break existing apps that were using symbols with the new routes API. *José Valim*
621
622 * Add clear_helpers as a way to clean up all helpers added to this controller, maintaining just the helper with the same name as the controller. *José Valim*
623
624 * Support routing constraints in functional tests. *Andrew White*
625
626 * Add a header that tells Internet Explorer (all versions) to use the best available standards support. *Yehuda Katz*
627
628 * Allow stylesheet/javascript extensions to be changed through railties. *Josh Kalderimis*
629
630 * link_to, button_to, and tag/tag_options now rely on html_escape instead of escape_once. *fxn*
631
632 * url_for returns always unescaped strings, and the :escape option is gone. *fxn*
633
634 * Added accept-charset parameter and _snowman hidden field to force the contents
635 of Rails POSTed forms to be in UTF-8 *Yehuda Katz*
636
637 * Upgrade to Rack 1.2.1 *Jeremy Kemper*
638
639 * Allow :path to be given to match/get/post/put/delete instead of :path_names in the new router *Carlos Antônio da Silva*
640
641 * Added resources_path_names to the new router DSL *José Valim*
642
643 * Allow options to be given to the namespace method in the new router *Carlos Antônio da Silva*
644
645 * Deprecate :name_prefix in the new router DSL *José Valim*
646
647 * Add shallow routes back to the new router *Diego Carrion, Andrew White*
648
649 resources :posts do
650 shallow do
651 resources :comments
652 end
653 end
654
655 You can now use comment_path for /comments/1 instead of post_comment_path for /posts/1/comments/1.
656
657 * Add support for multi-subdomain session by setting cookie host in session cookie so you can share session between www.example.com, example.com and user.example.com. #4818 *Guillermo Álvarez*
658
659 * Removed textilize, textilize_without_paragraph and markdown helpers. *Santiago Pastorino*
660
661 * Remove middleware laziness *José Valim*
662
663 * Make session stores rely on request.cookie_jar and change set_session semantics to return the cookie value instead of a boolean. *José Valim*
664
665 * OAuth 2: HTTP Token Authorization support to complement Basic and Digest Authorization. *Rick Olson*
666
667 * Fixed inconsistencies in form builder and view helpers #4432 *Neeraj Singh*
668
669 * Both :xml and :json renderers now forwards the given options to the model, allowing you to invoke them as render :xml => @projects, :include => :tasks *José Valim, Yehuda Katz*
670
671 * Renamed the field error CSS class from fieldWithErrors to field_with_errors for consistency. *Jeremy Kemper*
672
673 * Add support for shorthand routes like /projects/status(.:format) #4423 *Diego Carrion*
674
675 * Changed translate helper so that it doesn’t mark every translation as safe HTML. Only keys with a "_html" suffix and keys named "html" are considered to be safe HTML. All other translations are left untouched. *Craig Davey*
676
677 * New option :as added to form_for allows to change the object name. The old <% form_for :client, @post %> becomes <% form_for @post, :as => :client %> *spastorino*
678
679 * Removed verify method in controllers. *JV*
680 It's now available as a plugin at http://github.com/rails/verification
681
682 * Removed input, form, error_messages_for and error_message_on from views. *JV*
683 It's now available as a plugin at http://github.com/rails/dynamic_form
684
685 * Routes can be scoped by controller module. *Jeremy Kemper*
686
687 # /session => Auth::SessionsController
688 scope :module => 'auth' do
689 resource :session
690 end
691
692 * Added #favicon_link_tag, it uses #image_path so in particular the favicon gets an asset ID *fxn*
693
694 * Fixed that default locale templates should be used if the current locale template is missing *DHH*
695
696 * Added all the new HTML5 form types as individual form tag methods (search, url, number, etc) #3646 *Stephen Celis*
697
698 * Changed the object used in routing constraints to be an instance of
699 ActionDispatch::Request rather than Rack::Request *YK*
700
701 * Changed ActionDispatch::Request#method to return a String, to be compatible
702 with Rack::Request. Added ActionDispatch::Request#method_symbol to
703 return a symbol form of the request method. *YK*
704
705 * Changed ActionDispatch::Request#method to return the original
706 method and #request_method to return the overridden method in the
707 case of methodoverride being used (this means that #method returns
708 "HEAD" and #request_method returns "GET" in HEAD requests). This
709 is for compatibility with Rack::Request *YK*
710
711 * #concat is now deprecated in favor of using <%= %> helpers *YK*
712
713 * Block helpers now return Strings, so you can use <%= form_for @foo do |f| %>.
714 <% form_for do |f| %> still works with deprecation notices *YK*
715
716 * Add a new #mount method on the router that does not anchor the PATH_INFO
717 at the end *YK & CL*
718
719 * Create a new LookupContext object that is responsible for performantly
720 finding a template for a given pattern *JV*
721
722 * Removed relative_url_for in favor of respecting SCRIPT_NAME *YK & CL*
723
724 * Changed file streaming to use Rack::Sendfile middleware *YK*
725
726 * ActionDispatch::Request#content_type returns a String to be compatible with
727 Rack::Request. Use #content_mime_type for the Mime::Type instance *YK*
728
729 * Updated Prototype to 1.6.1 and Scriptaculous to 1.8.3 *ML*
730
731 * Change the preferred way that URL helpers are included into a class*YK & CL*
732
733 # for all helpers including named routes
734 include Rails.application.router.url_helpers
735
736 # for just url_for
737 include Rails.application.router.url_for
738
739 * Fixed that PrototypeHelper#update_page should return html_safe *DHH*
740
741 * Fixed that much of DateHelper wouldn't return html_safe? strings *DHH*
742
743 * Fixed that fragment caching should return a cache hit as html_safe (or it would all just get escaped) *DHH*
744
745 * Added that ActionController::Base now does helper :all instead of relying on the default ApplicationController in Rails to do it *DHH*
746
747 * Added ActionDispatch::Request#authorization to access the http authentication header regardless of its proxy hiding *DHH*
748
749 * Added :alert, :notice, and :flash as options to ActionController::Base#redirect_to that'll automatically set the proper flash before the redirection [DHH]. Examples:
750
751 flash[:notice] = 'Post was created'
752 redirect_to(@post)
753
754 ...becomes:
755
756 redirect_to(@post, :notice => 'Post was created')
757
758 * Added ActionController::Base#notice/= and ActionController::Base#alert/= as a convenience accessors in both the controller and the view for flash[:notice]/= and flash[:alert]/= *DHH*
759
760
761 * Introduce grouped_collection_select helper. #1249 *Dan Codeape, Erik Ostrom*
762
763 * Make sure javascript_include_tag/stylesheet_link_tag does not append ".js" or ".css" onto external urls. #1664 *Matthew Rudy Jacobs*
764
765 * Ruby 1.9: fix Content-Length for multibyte send_data streaming. #2661 *Sava Chankov*
766
767 * Ruby 1.9: ERB template encoding using a magic comment at the top of the file. *Jeremy Kemper*
768 <%# encoding: utf-8 %>
769
770 * Change integration test helpers to accept Rack environment instead of just HTTP Headers *Pratik Naik*
771
772 Before : get '/path', {}, 'Accept' => 'text/javascript'
773 After : get '/path', {}, 'HTTP_ACCEPT' => 'text/javascript'
774
775 * Instead of checking Rails.env.test? in Failsafe middleware, check env["rails.raise_exceptions"] *Bryan Helmkamp*
776
777 * Fixed that TestResponse.cookies was returning cookies unescaped #1867 *Doug McInnes*
778
779
780 ## 2.3.2 Final (March 15, 2009) ##
781
782 * Fixed that redirection would just log the options, not the final url (which lead to "Redirected to #<Post:0x23150b8>") *DHH*
783
784 * Don't check authenticity tokens for any AJAX requests *Ross Kaffenberger/Bryan Helmkamp*
785
786 * Added ability to pass in :public => true to fresh_when, stale?, and expires_in to make the request proxy cachable #2095 *Gregg Pollack*
787
788 * Fixed that passing a custom form builder would be forwarded to nested fields_for calls #2023 *Eloy Duran/Nate Wiger*
789
790 * Form option helpers now support disabled option tags and the use of lambdas for selecting/disabling option tags from collections #837 *Tekin*
791
792 * Added partial scoping to TranslationHelper#translate, so if you call translate(".foo") from the people/index.html.erb template, you'll actually be calling I18n.translate("people.index.foo") *DHH*
793
794 * Fix a syntax error in current_page?() that was prevent matches against URL's with multiple query parameters #1385, #1868 *chris finne/Andrew White*
795
796 * Added localized rescue template when I18n.locale is set (ex: public/404.da.html) #1835 *José Valim*
797
798 * Make the form_for and fields_for helpers support the new Active Record nested update options. #1202 *Eloy Duran*
799
800 <% form_for @person do |person_form| %>
801 ...
802 <% person_form.fields_for :projects do |project_fields| %>
803 <% if project_fields.object.active? %>
804 Name: <%= project_fields.text_field :name %>
805 <% end %>
806 <% end %>
807 <% end %>
808
809
810 * Added grouped_options_for_select helper method for wrapping option tags in optgroups. #977 *Jon Crawford*
811
812 * Implement HTTP Digest authentication. #1230 [Gregg Kellogg, Pratik Naik] Example :
813
814 class DummyDigestController < ActionController::Base
815 USERS = { "lifo" => 'world' }
816
817 before_filter :authenticate
818
819 def index
820 render :text => "Hello Secret"
821 end
822
823 private
824
825 def authenticate
826 authenticate_or_request_with_http_digest("Super Secret") do |username|
827 # Return the user's password
828 USERS[username]
829 end
830 end
831 end
832
833 * Improved i18n support for the number_to_human_size helper. Changes the storage_units translation data; update your translations accordingly. #1634 *Yaroslav Markin*
834 storage_units:
835 # %u is the storage unit, %n is the number (default: 2 MB)
836 format: "%n %u"
837 units:
838 byte:
839 one: "Byte"
840 other: "Bytes"
841 kb: "KB"
842 mb: "MB"
843 gb: "GB"
844 tb: "TB"
845
846 * Added :silence option to BenchmarkHelper#benchmark and turned log_level into a hash parameter and deprecated the old use *DHH*
847
848 * Fixed the AssetTagHelper cache to use the computed asset host as part of the cache key instead of just assuming the its a string #1299 *DHH*
849
850 * Make ActionController#render(string) work as a shortcut for render :file/:template/:action => string. [#1435] [Pratik Naik] Examples:
851
852 \# Instead of render(:action => 'other_action')
853 render('other_action') # argument has no '/'
854 render(:other_action)
855
856 \# Instead of render(:template => 'controller/action')
857 render('controller/action') # argument must not begin with a '/', but contain a '/'
858
859 \# Instead of render(:file => '/Users/lifo/home.html.erb')
860 render('/Users/lifo/home.html.erb') # argument must begin with a '/'
861
862 * Add :prompt option to date/time select helpers. #561 *Sam Oliver*
863
864 * Fixed that send_file shouldn't set an etag #1578 *Hongli Lai*
865
866 * Allow users to opt out of the spoofing checks in Request#remote_ip. Useful for sites whose traffic regularly triggers false positives. *Darren Boyd*
867
868 * Deprecated formatted_polymorphic_url. *Jeremy Kemper*
869
870 * Added the option to declare an asset_host as an object that responds to call (see http://github.com/dhh/asset-hosting-with-minimum-ssl for an example) *David Heinemeier Hansson*
871
872 * Added support for multiple routes.rb files (useful for plugin engines). This also means that draw will no longer clear the route set, you have to do that by hand (shouldn't make a difference to you unless you're doing some funky stuff) *David Heinemeier Hansson*
873
874 * Dropped formatted_* routes in favor of just passing in :format as an option. This cuts resource routes generation in half #1359 *aaronbatalion*
875
876 * Remove support for old double-encoded cookies from the cookie store. These values haven't been generated since before 2.1.0, and any users who have visited the app in the intervening 6 months will have had their cookie upgraded. *Michael Koziarski*
877
878 * Allow helpers directory to be overridden via ActionController::Base.helpers_dir #1424 *Sam Pohlenz*
879
880 * Remove deprecated ActionController::Base#assign_default_content_type_and_charset
881
882 * Changed the default of ActionView#render to assume partials instead of files when not given an options hash [David Heinemeier Hansson]. Examples:
883
884 # Instead of <%= render :partial => "account" %>
885 <%= render "account" %>
886
887 # Instead of <%= render :partial => "account", :locals => { :account => @buyer } %>
888 <%= render "account", :account => @buyer %>
889
890 # @account is an Account instance, so it uses the RecordIdentifier to replace
891 # <%= render :partial => "accounts/account", :locals => { :account => @account } %>
892 <%= render(@account) %>
893
894 # @posts is an array of Post instances, so it uses the RecordIdentifier to replace
895 # <%= render :partial => "posts/post", :collection => @posts %>
896 <%= render(@posts) %>
897
898 * Remove deprecated render_component. Please use the plugin from http://github.com/rails/render_component/tree/master *Pratik Naik*
899
900 * Fixed RedCloth and BlueCloth shouldn't preload. Instead just assume that they're available if you want to use textilize and markdown and let autoload require them *David Heinemeier Hansson*
901
902
903 ## 2.2.2 (November 21st, 2008) ##
904
905 * I18n: translate number_to_human_size. Add storage_units: [Bytes, KB, MB, GB, TB] to your translations. #1448 *Yaroslav Markin*
906
907 * Restore backwards compatible functionality for setting relative_url_root. Include deprecation
908
909 * Switched the CSRF module to use the request content type to decide if the request is forgeable. #1145 *Jeff Cohen*
910
911 * Added :only and :except to map.resources to let people cut down on the number of redundant routes in an application. Typically only useful for huge routesets. #1215 *Tom Stuart*
912
913 map.resources :products, :only => :show do |product|
914 product.resources :images, :except => :destroy
915 end
916
917 * Added render :js for people who want to render inline JavaScript replies without using RJS *David Heinemeier Hansson*
918
919 * Fixed that polymorphic_url should compact given array #1317 *hiroshi*
920
921 * Fixed the sanitize helper to avoid double escaping already properly escaped entities #683 *antonmos/Ryan McGeary*
922
923 * Fixed that FormTagHelper generated illegal html if name contained square brackets #1238 *Vladimir Dobriakov*
924
925 * Fix regression bug that made date_select and datetime_select raise a Null Pointer Exception when a nil date/datetime was passed and only month and year were displayed #1289 *Bernardo Padua/Tor Erik*
926
927 * Simplified the logging format for parameters (don't include controller, action, and format as duplicates) *David Heinemeier Hansson*
928
929 * Remove the logging of the Session ID when the session store is CookieStore *David Heinemeier Hansson*
930
931 * Fixed regex in redirect_to to fully support URI schemes #1247 *Seth Fitzsimmons*
932
933 * Fixed bug with asset timestamping when using relative_url_root #1265 *Joe Goldwasser*
934
935
936 ## 2.2.0 RC1 (October 24th, 2008) ##
937
938 * Fix incorrect closing CDATA delimiter and that HTML::Node.parse would blow up on unclosed CDATA sections *packagethief*
939
940 * Added stale? and fresh_when methods to provide a layer of abstraction above request.fresh? and friends [David Heinemeier Hansson]. Example:
941
942 class ArticlesController < ApplicationController
943 def show_with_respond_to_block
944 @article = Article.find(params[:id])
945
946
947 # If the request sends headers that differs from the options provided to stale?, then
948 # the request is indeed stale and the respond_to block is triggered (and the options
949 # to the stale? call is set on the response).
950 #
951 # If the request headers match, then the request is fresh and the respond_to block is
952 # not triggered. Instead the default render will occur, which will check the last-modified
953 # and etag headers and conclude that it only needs to send a "304 Not Modified" instead
954 # of rendering the template.
955 if stale?(:last_modified => @article.published_at.utc, :etag => @article)
956 respond_to do |wants|
957 # normal response processing
958 end
959 end
960 end
961
962 def show_with_implied_render
963 @article = Article.find(params[:id])
964
965 # Sets the response headers and checks them against the request, if the request is stale
966 # (i.e. no match of either etag or last-modified), then the default render of the template happens.
967 # If the request is fresh, then the default render will return a "304 Not Modified"
968 # instead of rendering the template.
969 fresh_when(:last_modified => @article.published_at.utc, :etag => @article)
970 end
971 end
972
973
974 * Added inline builder yield to atom_feed_helper tags where appropriate [Sam Ruby]. Example:
975
976 entry.summary :type => 'xhtml' do |xhtml|
977 xhtml.p pluralize(order.line_items.count, "line item")
978 xhtml.p "Shipped to #{order.address}"
979 xhtml.p "Paid by #{order.pay_type}"
980 end
981
982 * Make PrototypeHelper#submit_to_remote a wrapper around PrototypeHelper#button_to_remote. *Tarmo Tänav*
983
984 * Set HttpOnly for the cookie session store's cookie. #1046
985
986 * Added FormTagHelper#image_submit_tag confirm option #784 *Alastair Brunton*
987
988 * Fixed FormTagHelper#submit_tag with :disable_with option wouldn't submit the button's value when was clicked #633 *Jose Fernandez*
989
990 * Stopped logging template compiles as it only clogs up the log *David Heinemeier Hansson*
991
992 * Changed the X-Runtime header to report in milliseconds *David Heinemeier Hansson*
993
994 * Changed BenchmarkHelper#benchmark to report in milliseconds *David Heinemeier Hansson*
995
996 * Changed logging format to be millisecond based and skip misleading stats [David Heinemeier Hansson]. Went from:
997
998 Completed in 0.10000 (4 reqs/sec) | Rendering: 0.04000 (40%) | DB: 0.00400 (4%) | 200 OK [http://example.com]
999
1000 ...to:
1001
1002 Completed in 100ms (View: 40, DB: 4) | 200 OK [http://example.com]
1003
1004 * Add support for shallow nesting of routes. #838 *S. Brent Faulkner*
1005
1006 Example :
1007
1008 map.resources :users, :shallow => true do |user|
1009 user.resources :posts
1010 end
1011
1012 - GET /users/1/posts (maps to PostsController#index action as usual)
1013 named route "user_posts" is added as usual.
1014
1015 - GET /posts/2 (maps to PostsController#show action as if it were not nested)
1016 Additionally, named route "post" is added too.
1017
1018 * Added button_to_remote helper. #3641 *Donald Piret, Tarmo Tänav*
1019
1020 * Deprecate render_component. Please use render_component plugin from http://github.com/rails/render_component/tree/master *Pratik Naik*
1021
1022 * Routes may be restricted to lists of HTTP methods instead of a single method or :any. #407 *Brennan Dunn, Gaius Centus Novus*
1023 map.resource :posts, :collection => { :search => [:get, :post] }
1024 map.session 'session', :requirements => { :method => [:get, :post, :delete] }
1025
1026 * Deprecated implicit local assignments when rendering partials *Josh Peek*
1027
1028 * Introduce current_cycle helper method to return the current value without bumping the cycle. #417 *Ken Collins*
1029
1030 * Allow polymorphic_url helper to take url options. #880 *Tarmo Tänav*
1031
1032 * Switched integration test runner to use Rack processor instead of CGI *Josh Peek*
1033
1034 * Made AbstractRequest.if_modified_sense return nil if the header could not be parsed *Jamis Buck*
1035
1036 * Added back ActionController::Base.allow_concurrency flag *Josh Peek*
1037
1038 * AbstractRequest.relative_url_root is no longer automatically configured by a HTTP header. It can now be set in your configuration environment with config.action_controller.relative_url_root *Josh Peek*
1039
1040 * Update Prototype to 1.6.0.2 #599 *Patrick Joyce*
1041
1042 * Conditional GET utility methods. *Jeremy Kemper*
1043 response.last_modified = @post.updated_at
1044 response.etag = [:admin, @post, current_user]
1045
1046 if request.fresh?(response)
1047 head :not_modified
1048 else
1049 # render ...
1050 end
1051
1052 * All 2xx requests are considered successful *Josh Peek*
1053
1054 * Fixed that AssetTagHelper#compute_public_path shouldn't cache the asset_host along with the source or per-request proc's won't run *David Heinemeier Hansson*
1055
1056 * Removed config.action_view.cache_template_loading, use config.cache_classes instead *Josh Peek*
1057
1058 * Get buffer for fragment cache from template's @output_buffer *Josh Peek*
1059
1060 * Set config.action_view.warn_cache_misses = true to receive a warning if you perform an action that results in an expensive disk operation that could be cached *Josh Peek*
1061
1062 * Refactor template preloading. New abstractions include Renderable mixins and a refactored Template class *Josh Peek*
1063
1064 * Changed ActionView::TemplateHandler#render API method signature to render(template, local_assigns = {}) *Josh Peek*
1065
1066 * Changed PrototypeHelper#submit_to_remote to PrototypeHelper#button_to_remote to stay consistent with link_to_remote (submit_to_remote still works as an alias) #8994 *clemens*
1067
1068 * Add :recursive option to javascript_include_tag and stylesheet_link_tag to be used along with :all. #480 *Damian Janowski*
1069
1070 * Allow users to disable the use of the Accept header *Michael Koziarski*
1071
1072 The accept header is poorly implemented by browsers and causes strange
1073 errors when used on public sites where crawlers make requests too. You can use formatted urls (e.g. /people/1.xml) to support API clients in a much simpler way.
1074 To disable the header you need to set:
1075 config.action_controller.use_accept_header = false
1076 * Do not stat template files in production mode before rendering. You will no longer be able to modify templates in production mode without restarting the server *Josh Peek*
1077
1078 * Deprecated TemplateHandler line offset *Josh Peek*
1079
1080 * Allow caches_action to accept cache store options. #416. [José Valim]. Example:
1081
1082 caches_action :index, :redirected, :if => Proc.new { |c| !c.request.format.json? }, :expires_in => 1.hour
1083
1084 * Remove define_javascript_functions, javascript_include_tag and friends are far superior. *Michael Koziarski*
1085
1086 * Deprecate :use_full_path render option. The supplying the option no longer has an effect *Josh Peek*
1087
1088 * Add :as option to render a collection of partials with a custom local variable name. #509 *Simon Jefford, Pratik Naik*
1089
1090 render :partial => 'other_people', :collection => @people, :as => :person
1091
1092 This will let you access objects of @people as 'person' local variable inside 'other_people' partial template.
1093
1094 * time_zone_select: support for regexp matching of priority zones. Resolves #195 *Ernie Miller*
1095
1096 * Made ActionView::Base#render_file private *Josh Peek*
1097
1098 * Refactor and simplify the implementation of assert_redirected_to. Arguments are now normalised relative to the controller being tested, not the root of the application. *Michael Koziarski*
1099
1100 This could cause some erroneous test failures if you were redirecting between controllers
1101 in different namespaces and wrote your assertions relative to the root of the application.
1102
1103 * Remove follow_redirect from controller functional tests.
1104
1105 If you want to follow redirects you can use integration tests. The functional test version was only useful if you were using redirect_to :id=>...
1106 * Fix polymorphic_url with singleton resources. #461 *Tammer Saleh*
1107
1108 * Replaced TemplateFinder abstraction with ViewLoadPaths *Josh Peek*
1109
1110 * Added block-call style to link_to [Sam Stephenson/David Heinemeier Hansson]. Example:
1111
1112 <% link_to(@profile) do %>
1113 <strong><%= @profile.name %></strong> -- <span>Check it out!!</span>
1114 <% end %>
1115
1116 * Performance: integration test benchmarking and profiling. *Jeremy Kemper*
1117
1118 * Make caching more aware of mime types. Ensure request format is not considered while expiring cache. *Jonathan del Strother*
1119
1120 * Drop ActionController::Base.allow_concurrency flag *Josh Peek*
1121
1122 * More efficient concat and capture helpers. Remove ActionView::Base.erb_variable. *Jeremy Kemper*
1123
1124 * Added page.reload functionality. Resolves #277. *Sean Huber*
1125
1126 * Fixed Request#remote_ip to only raise hell if the HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR doesn't match (not just if they're both present) *Mark Imbriaco, Bradford Folkens*
1127
1128 * Allow caches_action to accept a layout option *José Valim*
1129
1130 * Added Rack processor *Ezra Zygmuntowicz, Josh Peek*
1131
1132
1133 ## 2.1.0 (May 31st, 2008) ##
1134
1135 * InstanceTag#default_time_from_options overflows to DateTime *Geoff Buesing*
1136
1137 * Fixed that forgery protection can be used without session tracking (Peter Jones) *#139*
1138
1139 * Added session(:on) to turn session management back on in a controller subclass if the superclass turned it off (Peter Jones) *#136*
1140
1141 * Change the request forgery protection to go by Content-Type instead of request.format so that you can't bypass it by POSTing to "#{request.uri}.xml" *Rick Olson*
1142 * InstanceTag#default_time_from_options with hash args uses Time.current as default; respects hash settings when time falls in system local spring DST gap *Geoff Buesing*
1143
1144 * select_date defaults to Time.zone.today when config.time_zone is set *Geoff Buesing*
1145
1146 * Fixed that TextHelper#text_field would corrypt when raw HTML was used as the value (mchenryc, Kevin Glowacz) *#80*
1147
1148 * Added ActionController::TestCase#rescue_action_in_public! to control whether the action under test should use the regular rescue_action path instead of simply raising the exception inline (great for error testing) *David Heinemeier Hansson*
1149
1150 * Reduce number of instance variables being copied from controller to view. *Pratik Naik*
1151
1152 * select_datetime and select_time default to Time.zone.now when config.time_zone is set *Geoff Buesing*
1153
1154 * datetime_select defaults to Time.zone.now when config.time_zone is set *Geoff Buesing*
1155
1156 * Remove ActionController::Base#view_controller_internals flag. *Pratik Naik*
1157
1158 * Add conditional options to caches_page method. *Paul Horsfall*
1159
1160 * Move missing template logic to ActionView. *Pratik Naik*
1161
1162 * Introduce ActionView::InlineTemplate class. *Pratik Naik*
1163
1164 * Automatically parse posted JSON content for Mime::JSON requests. *Rick Olson*
1165
1166 POST /posts
1167 {"post": {"title": "Breaking News"}}
1168
1169 def create
1170 @post = Post.create params[:post]
1171 # ...
1172 end
1173
1174 * add json_escape ERB util to escape html entities in json strings that are output in HTML pages. *Rick Olson*
1175
1176 * Provide a helper proxy to access helper methods from outside views. Closes #10839 *Josh Peek*
1177 e.g. ApplicationController.helpers.simple_format(text)
1178
1179 * Improve documentation. *Xavier Noria, leethal, jerome*
1180
1181 * Ensure RJS redirect_to doesn't html-escapes string argument. Closes #8546 *Josh Peek, eventualbuddha, Pratik Naik*
1182
1183 * Support render :partial => collection of heterogeneous elements. #11491 *Zach Dennis*
1184
1185 * Avoid remote_ip spoofing. *Brian Candler*
1186
1187 * Added support for regexp flags like ignoring case in the :requirements part of routes declarations #11421 *NeilW*
1188
1189 * Fixed that ActionController::Base#read_multipart would fail if boundary was exactly 10240 bytes #10886 *ariejan*
1190
1191 * Fixed HTML::Tokenizer (used in sanitize helper) didn't handle unclosed CDATA tags #10071 *esad, packagethief*
1192
1193 * Improve documentation. *Ryan Bigg, Jan De Poorter, Cheah Chu Yeow, Xavier Shay, Jack Danger Canty, Emilio Tagua, Xavier Noria, Sunny Ripert*
1194
1195 * Fixed that FormHelper#radio_button would produce invalid ids #11298 *harlancrystal*
1196
1197 * Added :confirm option to submit_tag #11415 *Emilio Tagua*
1198
1199 * Fixed NumberHelper#number_with_precision to properly round in a way that works equally on Mac, Windows, Linux (closes #11409, #8275, #10090, #8027) *zhangyuanyi*
1200
1201 * Allow the #simple_format text_helper to take an html_options hash for each paragraph. #2448 *François Beausoleil, Chris O'Sullivan*
1202
1203 * Fix regression from filter refactoring where re-adding a skipped filter resulted in it being called twice. *Rick Olson*
1204
1205 * Refactor filters to use Active Support callbacks. #11235 *Josh Peek*
1206
1207 * Fixed that polymorphic routes would modify the input array #11363 *thomas.lee*
1208
1209 * Added :format option to NumberHelper#number_to_currency to enable better localization support #11149 *lylo*
1210
1211 * Fixed that TextHelper#excerpt would include one character too many #11268 *Irfy*
1212
1213 * Fix more obscure nested parameter hash parsing bug. #10797 *thomas.lee*
1214
1215 * Added ActionView::Helpers::register_javascript/stylesheet_expansion to make it easier for plugin developers to inject multiple assets. #10350 *lotswholetime*
1216
1217 * Fix nested parameter hash parsing bug. #10797 *thomas.lee*
1218
1219 * Allow using named routes in ActionController::TestCase before any request has been made. Closes #11273 *Eloy Duran*
1220
1221 * Fixed that sweepers defined by cache_sweeper will be added regardless of the perform_caching setting. Instead, control whether the sweeper should be run with the perform_caching setting. This makes testing easier when you want to turn perform_caching on/off *David Heinemeier Hansson*
1222
1223 * Make MimeResponds::Responder#any work without explicit types. Closes #11140 *jaw6*
1224
1225 * Better error message for type conflicts when parsing params. Closes #7962 *spicycode, matt*
1226
1227 * Remove unused ActionController::Base.template_class. Closes #10787 *Pratik Naik*
1228
1229 * Moved template handlers related code from ActionView::Base to ActionView::Template. *Pratik Naik*
1230
1231 * Tests for div_for and content_tag_for helpers. Closes #11223 *Chris O'Sullivan*
1232
1233 * Allow file uploads in Integration Tests. Closes #11091 *RubyRedRick*
1234
1235 * Refactor partial rendering into a PartialTemplate class. *Pratik Naik*
1236
1237 * Added that requests with JavaScript as the priority mime type in the accept header and no format extension in the parameters will be treated as though their format was :js when it comes to determining which template to render. This makes it possible for JS requests to automatically render action.js.rjs files without an explicit respond_to block *David Heinemeier Hansson*
1238
1239 * Tests for distance_of_time_in_words with TimeWithZone instances. Closes #10914 *Ernesto Jimenez*
1240
1241 * Remove support for multivalued (e.g., '&'-delimited) cookies. *Jamis Buck*
1242
1243 * Fix problem with render :partial collections, records, and locals. #11057 *lotswholetime*
1244
1245 * Added support for naming concrete classes in sweeper declarations *David Heinemeier Hansson*
1246
1247 * Remove ERB trim variables from trace template in case ActionView::Base.erb_trim_mode is changed in the application. #10098 *Tim Pope, Chris Kampmeier*
1248
1249 * Fix typo in form_helper documentation. #10650 *Xavier Shay, Chris Kampmeier*
1250
1251 * Fix bug with setting Request#format= after the getter has cached the value. #10889 *cch1*
1252
1253 * Correct inconsistencies in RequestForgeryProtection docs. #11032 *Mislav Marohnić*
1254
1255 * Introduce a Template class to ActionView. #11024 *Pratik Naik*
1256
1257 * Introduce the :index option for form_for and fields_for to simplify multi-model forms (see http://railscasts.com/episodes/75). #9883 *rmm5t*
1258
1259 * Introduce map.resources :cards, :as => 'tarjetas' to use a custom resource name in the URL: cards_path == '/tarjetas'. #10578 *blj*
1260
1261 * TestSession supports indifferent access. #7372 *tamc, Arsen7, mhackett, julik, jean.helou*
1262
1263 * Make assert_routing aware of the HTTP method used. #8039 *mpalmer*
1264 e.g. assert_routing({ :method => 'put', :path => '/product/321' }, { :controller => "product", :action => "update", :id => "321" })
1265
1266 * Make map.root accept a single symbol as an argument to declare an alias. #10818 *bscofield*
1267
1268 e.g. map.dashboard '/dashboard', :controller=>'dashboard'
1269 map.root :dashboard
1270
1271 * Handle corner case with image_tag when passed 'messed up' image names. #9018 *Duncan Beevers, mpalmer*
1272
1273 * Add label_tag helper for generating elements. #10802 *DefV*
1274
1275 * Introduce TemplateFinder to handle view paths and lookups. #10800 *Pratik Naik*
1276
1277 * Performance: optimize route recognition. Large speedup for apps with many resource routes. #10835 *oleganza*
1278
1279 * Make render :partial recognise form builders and use the _form partial. #10814 *Damian Janowski*
1280
1281 * Allow users to declare other namespaces when using the atom feed helpers. #10304 *david.calavera*
1282
1283 * Introduce send_file :x_sendfile => true to send an X-Sendfile response header. *Jeremy Kemper*
1284
1285 * Fixed ActionView::Helpers::ActiveRecordHelper::form for when protect_from_forgery is used #10739 *Jeremy Evans*
1286
1287 * Provide nicer access to HTTP Headers. Instead of request.env["HTTP_REFERRER"] you can now use request.headers["Referrer"]. *Michael Koziarski*
1288
1289 * UrlWriter respects relative_url_root. #10748 *Cheah Chu Yeow*
1290
1291 * The asset_host block takes the controller request as an optional second argument. Example: use a single asset host for SSL requests. #10549 *Cheah Chu Yeow, Peter B, Tom Taylor*
1292
1293 * Support render :text => nil. #6684 *tjennings, PotatoSalad, Cheah Chu Yeow*
1294
1295 * assert_response failures include the exception message. #10688 *Seth Rasmussen*
1296
1297 * All fragment cache keys are now by default prefixed with the "views/" namespace *David Heinemeier Hansson*
1298
1299 * Moved the caching stores from ActionController::Caching::Fragments::* to ActiveSupport::Cache::*. If you're explicitly referring to a store, like ActionController::Caching::Fragments::MemoryStore, you need to update that reference with ActiveSupport::Cache::MemoryStore *David Heinemeier Hansson*
1300
1301 * Deprecated ActionController::Base.fragment_cache_store for ActionController::Base.cache_store *David Heinemeier Hansson*
1302
1303 * Made fragment caching in views work for rjs and builder as well #6642 *Dee Zsombor*
1304
1305 * Fixed rendering of partials with layout when done from site layout #9209 *antramm*
1306
1307 * Fix atom_feed_helper to comply with the atom spec. Closes #10672 *Xavier Shay*
1308
1309 * The tags created do not contain a date (http://feedvalidator.org/docs/error/InvalidTAG.html)
1310 * IDs are not guaranteed unique
1311 * A default self link was not provided, contrary to the documentation
1312 * NOTE: This changes tags for existing atom entries, but at least they validate now.
1313
1314 * Correct indentation in tests. Closes #10671 *Luca Guidi*
1315
1316 * Fix that auto_link looks for ='s in url paths (Amazon urls have them). Closes #10640 *Brad Greenlee*
1317
1318 * Ensure that test case setup is run even if overridden. #10382 *Josh Peek*
1319
1320 * Fix HTML Sanitizer to allow trailing spaces in CSS style attributes. Closes #10566 *wesley.moxam*
1321
1322 * Add :default option to time_zone_select. #10590 *Matt Aimonetti*
1323
1324
1325 ## 2.0.2 (December 16th, 2007) ##
1326
1327 * Added delete_via_redirect and put_via_redirect to integration testing #10497 *philodespotos*
1328
1329 * Allow headers['Accept'] to be set by hand when calling xml_http_request #10461 *BMorearty*
1330
1331 * Added OPTIONS to list of default accepted HTTP methods #10449 *holoway*
1332
1333 * Added option to pass proc to ActionController::Base.asset_host for maximum configurability #10521 [Cheah Chu Yeow]. Example:
1334
1335 ActionController::Base.asset_host = Proc.new { |source|
1336 if source.starts_with?('/images')
1337 "http://images.example.com"
1338 else
1339 "http://assets.example.com"
1340 end
1341 }
1342
1343 * Fixed that ActionView#file_exists? would be incorrect if @first_render is set #10569 *dbussink*
1344
1345 * Added that Array#to_param calls to_param on all it's elements #10473 *brandon*
1346
1347 * Ensure asset cache directories are automatically created. #10337 *Josh Peek, Cheah Chu Yeow*
1348
1349 * render :xml and :json preserve custom content types. #10388 *jmettraux, Cheah Chu Yeow*
1350
1351 * Refactor Action View template handlers. #10437, #10455 *Josh Peek*
1352
1353 * Fix DoubleRenderError message and leave out mention of returning false from filters. Closes #10380 *Frederick Cheung*
1354
1355 * Clean up some cruft around ActionController::Base#head. Closes #10417 *ssoroka*
1356
1357
1358 ## 2.0.1 (December 7th, 2007) ##
1359
1360 * Fixed send_file/binary_content for testing #8044 *tolsen*
1361
1362 * When a NonInferrableControllerError is raised, make the proposed fix clearer in the error message. Closes #10199 *Jack Danger Canty*
1363
1364 * Update Prototype to 1.6.0.1. *sam*
1365
1366 * Update script.aculo.us to 1.8.0.1. *madrobby*
1367
1368 * Add 'disabled' attribute to <OPTION> separators used in time zone and country selects. Closes #10354 *Josh Susser*
1369
1370 * Added the same record identification guessing rules to fields_for as form_for has *David Heinemeier Hansson*
1371
1372 * Fixed that verification violations with no specified action didn't halt the chain (now they do with a 400 Bad Request) *David Heinemeier Hansson*
1373
1374 * Raise UnknownHttpMethod exception for unknown HTTP methods. Closes #10303 *Tarmo Tänav*
1375
1376 * Update to Prototype -r8232. *sam*
1377
1378 * Make sure the optimisation code for routes doesn't get used if :host, :anchor or :port are provided in the hash arguments. [pager, Michael Koziarski] #10292
1379
1380 * Added protection from trailing slashes on page caching #10229 *devrieda*
1381
1382 * Asset timestamps are appended, not prepended. Closes #10276 *Mike Naberezny*
1383
1384 * Minor inconsistency in description of render example. Closes #10029 *ScottSchram*
1385
1386 * Add #prepend_view_path and #append_view_path instance methods on ActionController::Base for consistency with the class methods. *Rick Olson*
1387
1388 * Refactor sanitizer helpers into HTML classes and make it easy to swap them out with custom implementations. Closes #10129. *Rick Olson*
1389
1390 * Add deprecation for old subtemplate syntax for ActionMailer templates, use render :partial *Rick Olson*
1391
1392 * Fix TemplateError so it doesn't bomb on exceptions while running tests *Rick Olson*
1393
1394 * Fixed that named routes living under resources shouldn't have double slashes #10198 *Isaac Feliu*
1395
1396 * Make sure that cookie sessions use a secret that is at least 30 chars in length. *Michael Koziarski*
1397
1398 * Fixed that partial rendering should look at the type of the first render to determine its own type if no other clues are available (like when using text.plain.erb as the extension in AM) #10130 *java*
1399
1400 * Fixed that has_many :through associations should render as collections too #9051 *mathie/Jack Danger Canty*
1401
1402 * Added :mouseover short-cut to AssetTagHelper#image_tag for doing easy image swaps #6893 *joost*
1403
1404 * Fixed handling of non-domain hosts #9479 *purp*
1405
1406 * Fix syntax error in documentation example for cycle method. Closes #8735 *foca*
1407
1408 * Document :with option for link_to_remote. Closes #8765 *Ryan Bates*
1409
1410 * Document :minute_step option for time_select. Closes #8814 *brupm*
1411
1412 * Explain how to use the :href option for link_to_remote to degrade gracefully in the absence of JavaScript. Closes #8911 *vlad*
1413
1414 * Disambiguate :size option for text area tag. Closes #8955 *redbeard*
1415
1416 * Fix broken tag in assert_tag documentation. Closes #9037 *mfazekas*
1417
1418 * Add documentation for route conditions. Closes #9041 *innu, Manfred Stienstra*
1419
1420 * Fix typo left over from previous typo fix in url helper. Closes #9414 *Henrik N*
1421
1422 * Fixed that ActionController::CgiRequest#host_with_port() should handle standard port #10082 *moro*
1423
1424 * Update Prototype to 1.6.0 and script.aculo.us to 1.8.0. *sam, madrobby*
1425
1426 * Expose the cookie jar as a helper method (before the view would just get the raw cookie hash) *David Heinemeier Hansson*
1427
1428 * Integration tests: get_ and post_via_redirect take a headers hash. #9130 *simonjefford*
1429
1430 * Simplfy #view_paths implementation. ActionView templates get the exact object, not a dup. *Rick Olson*
1431
1432 * Update tests for ActiveSupport's JSON escaping change. *Rick Olson*
1433
1434 * FormHelper's auto_index should use #to_param instead of #id_before_type_cast. Closes #9994 *mattly*
1435
1436 * Doc typo fixes for ActiveRecordHelper. Closes #9973 *mikong*
1437
1438 * Make example parameters in restful routing docs idiomatic. Closes #9993 *Jack Danger Canty*
1439
1440 * Make documentation comment for mime responders match documentation example. Closes #9357 *yon*
1441
1442 * Introduce a new test case class for functional tests. ActionController::TestCase. *Michael Koziarski*
1443
1444 * Fix incorrect path in helper rdoc. Closes #9926 *viktor tron*
1445
1446 * Partials also set 'object' to the default partial variable. #8823 *Nick Retallack, Jeremy Kemper*
1447
1448 * Request profiler. *Jeremy Kemper*
1449 $ cat login_session.rb
1450 get_with_redirect '/'
1451 say "GET / => #{path}"
1452 post_with_redirect '/sessions', :username => 'john', :password => 'doe'
1453 say "POST /sessions => #{path}"
1454 $ ./script/performance/request -n 10 login_session.rb
1455
1456 * Disabled checkboxes don't submit a form value. #9301 *vladr, robinjfisher*
1457
1458 * Added tests for options to ActiveRecordHelper#form. Closes #7213 *richcollins, mikong, Mislav Marohnić*
1459
1460 * Changed before_filter halting to happen automatically on render or redirect but no longer on simply returning false *David Heinemeier Hansson*
1461
1462 * Ensure that cookies handle array values correctly. Closes #9937 *queso*
1463
1464 * Make sure resource routes don't clash with internal helpers like javascript_path, image_path etc. #9928 *Geoff Buesing*
1465
1466 * caches_page uses a single after_filter instead of one per action. #9891 *Pratik Naik*
1467
1468 * Update Prototype to 1.6.0_rc1 and script.aculo.us to 1.8.0 preview 0. *sam, madrobby*
1469
1470 * Dispatcher: fix that to_prepare should only run once in production. #9889 *Nathaniel Talbott*
1471
1472 * Memcached sessions: add session data on initialization; don't silently discard exceptions; add unit tests. #9823 *kamk*
1473
1474 * error_messages_for also takes :message and :header_message options which defaults to the old "There were problems with the following fields:" and "<count> errors prohibited this <object_name> from being saved". #8270 *rmm5t, zach-inglis-lt3*
1475
1476 * Make sure that custom inflections are picked up by map.resources. #9815 *Mislav Marohnić*
1477
1478 * Changed SanitizeHelper#sanitize to only allow the custom attributes and tags when specified in the call *David Heinemeier Hansson*
1479
1480 * Extracted sanitization methods from TextHelper to SanitizeHelper *David Heinemeier Hansson*
1481
1482 * rescue_from accepts :with => lambda { |exception| ... } or a normal block. #9827 *Pratik Naik*
1483
1484 * Add :status to redirect_to allowing users to choose their own response code without manually setting headers. #8297 *Coda Hale, chasgrundy*
1485
1486 * Add link_to :back which uses your referrer with a fallback to a javascript link. #7366 *eventualbuddha, Tarmo Tänav*
1487
1488 * error_messages_for and friends also work with local variables. #9699 *Frederick Cheung*
1489
1490 * Fix url_for, redirect_to, etc. with :controller => :symbol instead of 'string'. #8562, #9525 *Justin Lynn, Tarmo Tänav, shoe*
1491
1492 * Use #require_library_or_gem to load the memcache library for the MemCache session and fragment cache stores. Closes #8662. *Rick Olson*
1493
1494 * Move ActionController::Routing.optimise_named_routes to ActionController::Base.optimise_named_routes. Now you can set it in the config. *Rick Olson*
1495
1496 config.action_controller.optimise_named_routes = false
1497
1498 * ActionController::Routing::DynamicSegment#interpolation_chunk should call #to_s on all values before calling URI.escape. *Rick Olson*
1499
1500 * Only accept session ids from cookies, prevents session fixation attacks. *bradediger*
1501
1502
1503 ## 2.0.0 Preview Release (September 29th, 2007) Includes duplicates of changes from 1.12.2 - 1.13.3 ##
1504
1505 * Fixed that render template did not honor exempt_from_layout #9698 *pezra*
1506
1507 * Better error messages if you leave out the :secret option for request forgery protection. Closes #9670 *Rick Olson*
1508
1509 * Allow ability to disable request forgery protection, disable it in test mode by default. Closes #9693 *Pratik Naik*
1510
1511 * Avoid calling is_missing on LoadErrors. Closes #7460. *ntalbott*
1512
1513 * Move Railties' Dispatcher to ActionController::Dispatcher, introduce before_ and after_dispatch callbacks, and warm up to non-CGI requests. *Jeremy Kemper*
1514
1515 * The tag helper may bypass escaping. *Jeremy Kemper*
1516
1517 * Cache asset ids. *Jeremy Kemper*
1518
1519 * Optimized named routes respect AbstractRequest.relative_url_root. #9612 *Daniel Morrison, Jeremy Kemper*
1520
1521 * Introduce ActionController::Base.rescue_from to declare exception-handling methods. Cleaner style than the case-heavy rescue_action_in_public. #9449 *Norbert Crombach*
1522
1523 * Rename some RequestForgeryProtection methods. The class method is now #protect_from_forgery, and the default parameter is now 'authenticity_token'. *Rick Olson*
1524
1525 * Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model that verifies session-specific _tokens for non-GET requests. *Rick Olson*
1526
1527 * Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. Closes #8877. *Rick Olson, Pratik Naik, Jacques Distler*
1528
1529 This merges and renames the popular white_list helper (along with some css sanitizing from Jacques Distler version of the same plugin).
1530 Also applied updated versions of #strip_tags and #strip_links from #8877.
1531
1532 * Remove use of & logic operator. Closes #8114. *watson*
1533
1534 * Fixed JavaScriptHelper#escape_javascript to also escape closing tags #8023 *Ruy Asan*
1535
1536 * Fixed TextHelper#word_wrap for multiline strings with extra carrier returns #8663 *seth*
1537
1538 * Fixed that setting the :host option in url_for would automatically turn off :only_path (since :host would otherwise not be shown) #9586 *Bounga*
1539
1540 * Added FormHelper#label. #8641, #9850 *jcoglan, Jarkko Laine*
1541
1542 * Added AtomFeedHelper (slightly improved from the atom_feed_helper plugin) *David Heinemeier Hansson*
1543
1544 * Prevent errors when generating routes for uncountable resources, (i.e. sheep where plural == singluar). map.resources :sheep now creates sheep_index_url for the collection and sheep_url for the specific item. *Michael Koziarski*
1545
1546 * Added support for HTTP Only cookies (works in IE6+ and FF 2.0.5+) as an improvement for XSS attacks #8895 *Pratik Naik, Mark Somerville*
1547
1548 * Don't warn when a path segment precedes a required segment. Closes #9615. *Nicholas Seckar*
1549
1550 * Fixed CaptureHelper#content_for to work with the optional content parameter instead of just the block #9434 [sandofsky/wildchild].
1551
1552 * Added Mime::Type.register_alias for dealing with different formats using the same mime type [David Heinemeier Hansson]. Example:
1553
1554 class PostsController < ApplicationController
1555 before_filter :adjust_format_for_iphone
1556
1557 def index
1558 @posts = Post.find(:all)
1559
1560 respond_to do |format|
1561 format.html # => renders index.html.erb and uses "text/html" as the content type
1562 format.iphone # => renders index.iphone.erb and uses "text/html" as the content type
1563 end
1564 end
1565
1566
1567 private
1568 def adjust_format_for_iphone
1569 if request.env["HTTP_USER_AGENT"] && request.env["HTTP_USER_AGENT"][/iPhone/]
1570 request.format = :iphone
1571 end
1572 end
1573 end
1574
1575 * Added that render :json will automatically call .to_json unless it's being passed a string [David Heinemeier Hansson].
1576
1577 * Autolink behaves well with emails embedded in URLs. #7313 *Jeremy McAnally, Tarmo Tänav*
1578
1579 * Fixed that default layouts did not take the format into account #9564 *Pratik Naik*
1580
1581 * Fixed optimized route segment escaping. #9562 *wildchild, Jeremy Kemper*
1582
1583 * Added block acceptance to JavaScriptHelper#javascript_tag. #7527 *Bob Silva, Tarmo Tänav, rmm5t*
1584
1585 * root_path returns '/' not ''. #9563 *Pratik Naik*
1586
1587 * Fixed that setting request.format should also affect respond_to blocks *David Heinemeier Hansson*
1588
1589 * Add option to force binary mode on tempfile used for fixture_file_upload. #6380 *Jonathan Viney*
1590
1591 * Fixed that resource namespaces wouldn't stick to all nested resources #9399 *pixeltrix*
1592
1593 * Moved ActionController::Macros::AutoComplete into the auto_complete plugin on the official Rails svn. #9512 *Pratik Naik*
1594
1595 * Moved ActionController::Macros::InPlaceEditing into the in_place_editor plugin on the official Rails svn. #9513 *Pratik Naik*
1596
1597 * Removed deprecated form of calling xml_http_request/xhr without the first argument being the http verb *David Heinemeier Hansson*
1598
1599 * Removed deprecated methods [David Heinemeier Hansson]:
1600
1601 - ActionController::Base#keep_flash (use flash.keep instead)
1602 - ActionController::Base#expire_matched_fragments (just call expire_fragment with a regular expression)
1603 - ActionController::Base.template_root/= methods (use ActionController#Base.view_paths/= instead)
1604 - ActionController::Base.cookie (use ActionController#Base.cookies[]= instead)
1605
1606 * Removed the deprecated behavior of appending ".png" to image_tag/image_path calls without an existing extension *David Heinemeier Hansson*
1607
1608 * Removed ActionController::Base.scaffold -- it went through the whole idea of scaffolding (card board walls you remove and tweak one by one). Use the scaffold generator instead (it does resources too now!) *David Heinemeier Hansson*
1609
1610 * Optimise named route generation when using positional arguments. *Michael Koziarski*
1611
1612 This change delivers significant performance benefits for the most
1613 common usage scenarios for modern rails applications by avoiding the
1614 costly trip through url_for. Initial benchmarks indicate this is
1615 between 6 and 20 times as fast.
1616
1617 * Explicitly require active_record/query_cache before using it. *Jeremy Kemper*
1618
1619 * Fix layout overriding response status. #9476 *lotswholetime*
1620
1621 * Add field_set_tag for generating field_sets, closes #9477. *Damian Janowski*
1622
1623 * Allow additional parameters to be passed to named route helpers when using positional arguments. Closes #8930 *Ian White*
1624
1625 * Make render :partial work with a :collection of Hashes, previously this wasn't possible due to backwards compatibility restrictions. *Pratik Naik*
1626
1627 * request.host works with IPv6 addresses. #9458 *yuya*
1628
1629 * Fix bug where action caching sets the content type to the ActionCachePath object. Closes #9282 *mindforge*
1630
1631 * Find layouts even if they're not in the first view_paths directory. Closes #9258 *caio*
1632
1633 * Major improvement to the documentation for the options / select form helpers. Closes #9038 *Chris Kampmeier, jardeon, wesg*
1634
1635 * Fix number_to_human_size when using different precisions. Closes #7536. *RichardStrand, mpalmer*
1636
1637 * Added partial layouts (see example in action_view/lib/partials.rb) *David Heinemeier Hansson*
1638
1639 * Allow you to set custom :conditions on resource routes. *Rick Olson*
1640
1641 * Fixed that file.content_type for uploaded files would include a trailing \r #9053 *Brad Greenlee*
1642
1643 * url_for now accepts a series of symbols representing the namespace of the record *Josh Knowles*
1644
1645 * Make :trailing_slash work with query parameters for url_for. Closes #4004 *nov*
1646
1647 * Make sure missing template exceptions actually say which template they were looking for. Closes #8683 *dasil003*
1648
1649 * Fix errors with around_filters which do not yield, restore 1.1 behaviour with after filters. Closes #8891 *Stefan Kaes*
1650
1651 After filters will *no longer* be run if an around_filter fails to yield, users relying on
1652 this behaviour are advised to put the code in question after a yield statement in an around filter.
1653
1654
1655 * Allow you to delete cookies with options. Closes #3685 *Josh Peek, Chris Wanstrath*
1656
1657 * Allow you to render views with periods in the name. Closes #8076 *Norbert Crombach*
1658
1659 render :partial => 'show.html.erb'
1660
1661 * Improve capture helper documentation. #8796 *Chris Kampmeier*
1662
1663 * Prefix nested resource named routes with their action name, e.g. new_group_user_path(@group) instead of group_new_user_path(@group). The old nested action named route is deprecated in Rails 1.2.4. #8558 *David Chelimsky*
1664
1665 * Allow sweepers to be created solely for expiring after controller actions, not model changes *David Heinemeier Hansson*
1666
1667 * Added assigns method to ActionController::Caching::Sweeper to easily access instance variables on the controller *David Heinemeier Hansson*
1668
1669 * Give the legacy X-POST_DATA_FORMAT header greater precedence during params parsing for backward compatibility. *Jeremy Kemper*
1670
1671 * Fixed that link_to with an href of # when using :method will not allow for click-through without JavaScript #7037 *Steven Bristol, Josh Peek*
1672
1673 * Fixed that radio_button_tag should generate unique ids #3353 *Bob Silva, Rebecca, Josh Peek*
1674
1675 * Fixed that HTTP authentication should work if the header is called REDIRECT_X_HTTP_AUTHORIZATION as well #6754 *Mislav Marohnić*
1676
1677 * Don't mistakenly interpret the request uri as the query string. #8731 *Pratik Naik, Jeremy Kemper*
1678
1679 * Make ActionView#view_paths an attr_accessor for real this time. Also, don't perform an unnecessary #compact on the @view_paths array in #initialize. Closes #8582 *dasil003, julik, Rick Olson*
1680
1681 * Tolerate missing content type on multipart file uploads. Fix for Safari 3. *Jeremy Kemper*
1682
1683 * Deprecation: remove pagination. Install the classic_pagination plugin for forward compatibility, or move to the superior will_paginate plugin. #8157 *Josh Peek*
1684
1685 * Action caching is limited to GET requests returning 200 OK status. #3335 *tom@craz8.com, halfbyte, Dan Kubb, Josh Peek*
1686
1687 * Improve Text Helper test coverage. #7274 *Rob Sanheim, Josh Peek*
1688
1689 * Improve helper test coverage. #7208, #7212, #7215, #7233, #7234, #7235, #7236, #7237, #7238, #7241, #7243, #7244 *Rich Collins, Josh Peek*
1690
1691 * Improve UrlRewriter tests. #7207 *Rich Collins*
1692
1693 * Resources: url_for([parent, child]) generates /parents/1/children/2 for the nested resource. Likewise with the other simply helpful methods like form_for and link_to. #6432 *mhw, Jonathan Vaught, lotswholetime*
1694
1695 * Assume html format when rendering partials in RJS. #8076 *Rick Olson*
1696
1697 * Don't double-escape url_for in views. #8144 *Rich Collins, Josh Peek*
1698
1699 * Allow JSON-style values for the :with option of observe_field. Closes #8557 *kommen*
1700
1701 * Remove RAILS_ROOT from backtrace paths. #8540 *Tim Pope*
1702
1703 * Routing: map.resource :logo routes to LogosController so the controller may be reused for multiple nestings or namespaces. *Jeremy Kemper*
1704
1705 * render :partial recognizes Active Record associations as Arrays. #8538 *Kamal Fariz Mahyuddin*
1706
1707 * Routing: drop semicolon and comma as route separators. *Jeremy Kemper*
1708
1709 * request.remote_ip understands X-Forwarded-For addresses with nonstandard whitespace. #7386 *moses*
1710
1711 * Don't prepare response when rendering a component. #8493 *jsierles*
1712
1713 * Reduce file stat calls when checking for template changes. #7736 *alex*
1714
1715 * Added custom path cache_page/expire_page parameters in addition to the options hashes [David Heinemeier Hansson]. Example:
1716
1717 def index
1718 caches_page(response.body, "/index.html")
1719 end
1720
1721 * Action Caching speedup. #8231 *Stefan Kaes*
1722
1723 * Wordsmith resources documentation. #8484 *marclove*
1724
1725 * Fix syntax error in code example for routing documentation. #8377. *Norbert Crombach*
1726
1727 * Routing: respond with 405 Method Not Allowed status when the route path matches but the HTTP method does not. #6953 *Josh Peek, defeated, Dan Kubb, Coda Hale*
1728
1729 * Add support for assert_select_rjs with :show and :hide. #7780 *dchelimsky*
1730
1731 * Make assert_select's failure messages clearer about what failed. #7779 *dchelimsky*
1732
1733 * Introduce a default respond_to block for custom types. #8174 *Josh Peek*
1734
1735 * auto_complete_field takes a :method option so you can GET or POST. #8120 *zapnap*
1736
1737 * Added option to suppress :size when using :maxlength for FormTagHelper#text_field #3112 *Tim Pope*
1738
1739 * catch possible WSOD when trying to render a missing partial. Closes #8454 *Jonathan del Strother*
1740
1741 * Rewind request body after reading it, if possible. #8438 *s450r1*
1742
1743 * Resource namespaces are inherited by their has_many subresources. #8280 *marclove, Geoff Garside*
1744
1745 * Fix filtered parameter logging with nil parameter values. #8422 *choonkeat*
1746
1747 * Integration tests: alias xhr to xml_http_request and add a request_method argument instead of always using POST. #7124 *Nik Wakelin, François Beausoleil, Wizard*
1748
1749 * Document caches_action. #5419 *Jarkko Laine*
1750
1751 * Update to Prototype 1.5.1. *Sam Stephenson*
1752
1753 * Allow routes to be decalred under namespaces [Tobias Lütke]:
1754
1755 map.namespace :admin do |admin|
1756 admin.root :controller => "products"
1757 admin.feed 'feed.xml', :controller => 'products', :action => 'feed', :format => 'xml'
1758 end
1759
1760 * Update to script.aculo.us 1.7.1_beta3. *Thomas Fuchs*
1761
1762 * observe_form always sends the serialized form. #5271 *Manfred Stienstra, normelton@gmail.com*
1763
1764 * Parse url-encoded and multipart requests ourselves instead of delegating to CGI. *Jeremy Kemper*
1765
1766 * select :include_blank option can be set to a string instead of true, which just uses an empty string. #7664 *Wizard*
1767
1768 * Added url_for usage on render :location, which allows for record identification [David Heinemeier Hansson]. Example:
1769
1770 render :xml => person, :status => :created, :location => person
1771
1772 ...expands the location to person_url(person).
1773
1774 * Introduce the request.body stream. Lazy-read to parse parameters rather than always setting RAW_POST_DATA. Reduces the memory footprint of large binary PUT requests. *Jeremy Kemper*
1775
1776 * Add some performance enhancements to ActionView.
1777
1778 * Cache base_paths in @@cached_base_paths
1779 * Cache template extensions in @@cached_template_extension
1780 * Remove unnecessary rescues
1781
1782 * Assume that rendered partials go by the HTML format by default
1783
1784 def my_partial
1785 render :update do |page|
1786 # in this order
1787 # _foo.html.erb
1788 # _foo.erb
1789 # _foo.rhtml
1790 page.replace :foo, :partial => 'foo'
1791 end
1792 end
1793
1794 * Added record identifications to FormHelper#form_for and PrototypeHelper#remote_form_for [David Heinemeier Hansson]. Examples:
1795
1796 <% form_for(@post) do |f| %>
1797 ...
1798 <% end %>
1799
1800 This will expand to be the same as:
1801
1802 <% form_for :post, @post, :url => post_path(@post), :html => { :method => :put, :class => "edit_post", :id => "edit_post_45" } do |f| %>
1803 ...
1804 <% end %>
1805
1806 And for new records:
1807
1808 <% form_for(Post.new) do |f| %>
1809 ...
1810 <% end %>
1811
1812 This will expand to be the same as:
1813
1814 <% form_for :post, @post, :url => posts_path, :html => { :class => "new_post", :id => "new_post" } do |f| %>
1815 ...
1816 <% end %>
1817
1818 * Rationalize route path escaping according to RFC 2396 section 3.3. #7544, #8307. *Jeremy Kemper, Chris Roos, begemot, jugend*
1819
1820 * Added record identification with polymorphic routes for ActionController::Base#url_for and ActionView::Base#url_for [David Heinemeier Hansson]. Examples:
1821
1822 redirect_to(post) # => redirect_to(posts_url(post)) => Location: http://example.com/posts/1
1823 link_to(post.title, post) # => link_to(post.title, posts_url(post)) => <a href="/posts/1">Hello world</a>
1824
1825 Any method that calls url_for on its parameters will automatically benefit from this.
1826
1827 * Removed deprecated parameters_for_method_reference concept (legacy from before named routes) *David Heinemeier Hansson*
1828
1829 * Add ActionController::Routing::Helpers, a module to contain common URL helpers such as polymorphic_url. *Nicholas Seckar*
1830
1831 * Included the HttpAuthentication plugin as part of core (ActionController::HttpAuthentication::Basic) *David Heinemeier Hansson*
1832
1833 * Modernize documentation for form helpers. *Jeremy McAnally*
1834
1835 * Add brief introduction to REST to the resources documentation. *fearoffish*
1836
1837 * Fix various documentation typos throughout ActionPack. *Henrik N*
1838
1839 * Enhance documentation and add examples for url_for. *Jeremy McAnally*
1840
1841 * Fix documentation typo in routes. *Norbert Crombach, pam*
1842
1843 * Sweep flash when filter chain is halted. *Caio Chassot <lists@v2studio.com>*
1844
1845 * Fixed that content_tag with a block will just return the result instead of concate it if not used in a ERb view #7857, #7432 *michael.niessner*
1846
1847 * Replace the current block/continuation filter chain handling by an implementation based on a simple loop. #8226 *Stefan Kaes*
1848
1849 * Update UrlWriter to accept :anchor parameter. Closes #6771. *Chris McGrath*
1850
1851 * Added RecordTagHelper for using RecordIdentifier conventions on divs and other container elements [David Heinemeier Hansson]. Example:
1852
1853 <% div_for(post) do %> <div id="post_45" class="post">
1854 <%= post.body %> What a wonderful world!
1855 <% end %> </div>
1856
1857 * Added page[record] accessor to JavaScriptGenerator that relies on RecordIdentifier to find the right dom id [David Heinemeier Hansson]. Example:
1858
1859 format.js do
1860 # Calls: new Effect.fade('post_45');
1861 render(:update) { |page| page[post].visual_effect(:fade) }
1862 end
1863
1864 * Added RecordIdentifier to enforce view conventions on records for dom ids, classes, and partial paths *David Heinemeier Hansson*
1865
1866 * Added map.namespace to deal with the common situation of admin sections and the like *David Heinemeier Hansson*
1867
1868 Before:
1869
1870 map.resources :products, :path_prefix => "admin", :controller => "admin/products", :collection => { :inventory => :get }, :member => { :duplicate => :post }
1871 map.resources :tags, :name_prefix => 'admin_product_', :path_prefix => "admin/products/:product_id", :controller => "admin/product_tags"
1872 map.resources :images, :name_prefix => 'admin_product_', :path_prefix => "admin/products/:product_id", :controller => "admin/product_images"
1873 map.resources :variants, :name_prefix => 'admin_product_', :path_prefix => "admin/products/:product_id", :controller => "admin/product_variants"
1874
1875 After:
1876
1877 map.namespace(:admin) do |admin|
1878 admin.resources :products,
1879 :collection => { :inventory => :get },
1880 :member => { :duplicate => :post },
1881 :has_many => [ :tags, :images, :variants ]
1882 end
1883
1884 * Added :name_prefix as standard for nested resources [David Heinemeier Hansson]. WARNING: May be backwards incompatible with your app
1885
1886 Before:
1887
1888 map.resources :emails do |emails|
1889 emails.resources :comments, :name_prefix => "email_"
1890 emails.resources :attachments, :name_prefix => "email_"
1891 end
1892
1893 After:
1894
1895 map.resources :emails do |emails|
1896 emails.resources :comments
1897 emails.resources :attachments
1898 end
1899
1900 This does mean that if you intended to have comments_url go to /emails/5/comments, then you'll have to set :name_prefix to nil explicitly.
1901
1902 * Added :has_many and :has_one for declaring plural and singular resources beneath the current *David Heinemeier Hansson*
1903
1904 Before:
1905
1906 map.resources :notes do |notes|
1907 notes.resources :comments
1908 notes.resources :attachments
1909 notes.resource :author
1910 end
1911
1912 After:
1913
1914 map.resources :notes, :has_many => [ :comments, :attachments ], :has_one => :author
1915
1916 * Added that render :xml will try to call to_xml if it can [David Heinemeier Hansson]. Makes these work:
1917
1918 render :xml => post
1919 render :xml => comments
1920
1921 * Added :location option to render so that the common pattern of rendering a response after creating a new resource is now a 1-liner *David Heinemeier Hansson*
1922
1923 render :xml => post.to_xml, :status => :created, :location => post_url(post)
1924
1925 * Ensure that render_text only adds string content to the body of the response *David Heinemeier Hansson*
1926
1927 * Return the string representation from an Xml Builder when rendering a partial. Closes #5044 *Tim Pope*
1928
1929 * Fixed that parameters from XML should also be presented in a hash with indifferent access *David Heinemeier Hansson*
1930
1931 * Tweak template format rules so that the ACCEPT header is only used if it's text/javascript. This is so ajax actions without a :format param get recognized as Mime::JS. *Rick Olson*
1932
1933 * The default respond_to blocks don't set a specific extension anymore, so that both 'show.rjs' and 'show.js.rjs' will work. *Rick Olson*
1934
1935 * Allow layouts with extension of .html.erb. Closes #8032 *Josh Knowles*
1936
1937 * Change default respond_to templates for xml and rjs formats. *Rick Olson*
1938
1939 * Default xml template goes from #{action_name}.rxml => #{action_name}.xml.builder.
1940 * Default rjs template goes from #{action_name}.rjs => #{action_name}.js.rjs.
1941
1942 You can still specify your old templates:
1943
1944 respond_to do |format|
1945 format.xml do
1946 render :action => "#{action_name}.rxml"
1947 end
1948 end
1949
1950 * Fix WSOD due to modification of a formatted template extension so that requests to templates like 'foo.html.erb' fail on the second hit. *Rick Olson*
1951
1952 * Fix WSOD when template compilation fails *Rick Olson*
1953
1954 * Change ActionView template defaults. Look for templates using the request format first, such as "show.html.erb" or "show.xml.builder", before looking for the old defaults like "show.erb" or "show.builder" *Rick Olson*
1955
1956 * Highlight helper highlights one or many terms in a single pass. *Jeremy Kemper*
1957
1958 * Dropped the use of ; as a separator of non-crud actions on resources and went back to the vanilla slash. It was a neat idea, but lots of the non-crud actions turned out not to be RPC (as the ; was primarily intended to discourage), but legitimate sub-resources, like /parties/recent, which didn't deserve the uglification of /parties;recent. Further more, the semicolon caused issues with caching and HTTP authentication in Safari. Just Not Worth It *David Heinemeier Hansson*
1959
1960 * Added that FormTagHelper#submit_tag will return to its original state if the submit fails and you're using :disable_with *David Heinemeier Hansson*
1961
1962 * Cleaned up, corrected, and mildly expanded ActionPack documentation. Closes #7190 *Jeremy McAnally*
1963
1964 * Small collection of ActionController documentation cleanups. Closes #7319 *Jeremy McAnally*
1965
1966 * Make sure the route expiry hash is constructed by comparing the to_param-ized values of each hash. *Jamis Buck*
1967
1968 * Allow configuration of the default action cache path for #caches_action calls. *Rick Olson*
1969
1970 class ListsController < ApplicationController
1971 caches_action :index, :cache_path => Proc.new { |controller|
1972 controller.params[:user_id] ?
1973 controller.send(:user_lists_url, c.params[:user_id]) :
1974 controller.send(:lists_url) }
1975 end
1976
1977 * Performance: patch cgi/session/pstore to require digest/md5 once rather than per #initialize. #7583 *Stefan Kaes*
1978
1979 * Cookie session store: ensure that new sessions doesn't reuse data from a deleted session in the same request. *Jeremy Kemper*
1980
1981 * Deprecation: verification with :redirect_to => :named_route shouldn't be deprecated. #7525 *Justin French*
1982
1983 * Cookie session store: raise ArgumentError when :session_key is blank. *Jeremy Kemper*
1984
1985 * Deprecation: remove deprecated request, redirect, and dependency methods. Remove deprecated instance variables. Remove deprecated url_for(:symbol, *args) and redirect_to(:symbol, *args) in favor of named routes. Remove uses_component_template_root for toplevel components directory. Privatize deprecated render_partial and render_partial_collection view methods. Remove deprecated link_to_image, link_image_to, update_element_function, start_form_tag, and end_form_tag helper methods. Remove deprecated human_size helper alias. *Jeremy Kemper*
1986
1987 * Consistent public/protected/private visibility for chained methods. #7813 *Dan Manges*
1988
1989 * Prefer MIME constants to strings. #7707 *Dan Kubb*
1990
1991 * Allow array and hash query parameters. Array route parameters are converted/to/a/path as before. #6765, #7047, #7462 *bgipsy, Jeremy McAnally, Dan Kubb, brendan*
1992
1993 \# Add a #dbman attr_reader for CGI::Session and make CGI::Session::CookieStore#generate_digest public so it's easy to generate digests using the cookie store's secret. [Rick Olson]
1994 * Added Request#url that returns the complete URL used for the request *David Heinemeier Hansson*
1995
1996 * Extract dynamic scaffolding into a plugin. #7700 *Josh Peek*
1997
1998 * Added user/password options for url_for to add http authentication in a URL *David Heinemeier Hansson*
1999
2000 * Fixed that FormTagHelper#text_area_tag should disregard :size option if it's not a string *Brendon Davidson*
2001
2002 * Set the original button value in an attribute of the button when using the :disable_with key with submit_tag, so that the original can be restored later. *Jamis Buck*
2003
2004 * session_enabled? works with session :off. #6680 *Jonathan del Strother*
2005
2006 * Added :port and :host handling to UrlRewriter (which unified url_for usage, regardless of whether it's called in view or controller) #7616 *alancfrancis*
2007
2008 * Allow send_file/send_data to use a registered mime type as the :type parameter #7620 *jonathan*
2009
2010 * Allow routing requirements on map.resource(s) #7633 [quixoten]. Example:
2011
2012 map.resources :network_interfaces, :requirements => { :id => /^\d+\.\d+\.\d+\.\d+$/ }
2013
2014 * Cookie session store: empty and unchanged sessions don't write a cookie. *Jeremy Kemper*
2015
2016 * Added helper(:all) as a way to include all helpers from app/helpers/**/*.rb in ApplicationController *David Heinemeier Hansson*
2017
2018 * Integration tests: introduce methods for other HTTP methods. #6353 *caboose*
2019
2020 * Routing: better support for escaped values in route segments. #7544 [Chris
2021 Roos]
2022 * Introduce a cookie-based session store as the Rails default. Sessions typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure message digest is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the digest). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives. *Jeremy Kemper*
2023
2024 Example config/environment.rb:
2025 # Use an application-wide secret key and the default SHA1 message digest.
2026 config.action_controller.session = { :secret => "can't touch this" }
2027
2028 # Store a secret key per user and employ a stronger message digest.
2029 config.action_controller.session = {
2030 :digest => 'SHA512',
2031 :secret => Proc.new { User.current.secret_key }
2032 }
2033
2034 * Added .erb and .builder as preferred aliases to the now deprecated .rhtml and .rxml extensions [Chad Fowler]. This is done to separate the renderer from the mime type. .erb templates are often used to render emails, atom, csv, whatever. So labeling them .rhtml doesn't make too much sense. The same goes for .rxml, which can be used to build everything from HTML to Atom to whatever. .rhtml and .rxml will continue to work until Rails 3.0, though. So this is a slow phasing out. All generators and examples will start using the new aliases, though.
2035
2036 * Added caching option to AssetTagHelper#stylesheet_link_tag and AssetTagHelper#javascript_include_tag [David Heinemeier Hansson]. Examples:
2037
2038 stylesheet_link_tag :all, :cache => true # when ActionController::Base.perform_caching is false =>
2039 <link href="/stylesheets/style1.css" media="screen" rel="Stylesheet" type="text/css" />
2040 <link href="/stylesheets/styleB.css" media="screen" rel="Stylesheet" type="text/css" />
2041 <link href="/stylesheets/styleX2.css" media="screen" rel="Stylesheet" type="text/css" />
2042
2043 stylesheet_link_tag :all, :cache => true # when ActionController::Base.perform_caching is true =>
2044 <link href="/stylesheets/all.css" media="screen" rel="Stylesheet" type="text/css" />
2045
2046 ...when caching is on, all.css is the concatenation of style1.css, styleB.css, and styleX2.css.
2047 Same deal for JavaScripts.
2048
2049 * Work around the two connection per host browser limit: use asset%d.myapp.com to distribute asset requests among asset[0123].myapp.com. Use a DNS wildcard or CNAMEs to map these hosts to your asset server. See http://www.die.net/musings/page_load_time/ for background. *Jeremy Kemper*
2050
2051 * Added default mime type for CSS (Mime::CSS) *David Heinemeier Hansson*
2052
2053 * Added that rendering will automatically insert the etag header on 200 OK responses. The etag is calculated using MD5 of the response body. If a request comes in that has a matching etag, the response will be changed to a 304 Not Modified and the response body will be set to an empty string. *David Heinemeier Hansson*
2054
2055 * Added X-Runtime to all responses with the request run time *David Heinemeier Hansson*
2056
2057 * Add Mime::Type convenience methods to check the current mime type. *Rick Olson*
2058
2059 request.format.html? # => true if Mime::HTML
2060 request.format.jpg? # => true if Mime::JPG
2061
2062 \# ActionController sample usage:
2063 \# the session will be disabled for non html/ajax requests
2064 session :off, :if => Proc.new { |req| !(req.format.html? || req.format.js?) }
2065
2066 * Performance: patch cgi/session to require digest/md5 once rather than per #create_new_id. *Stefan Kaes*
2067
2068 * Add a :url_based_filename => true option to ActionController::Streaming::send_file, which allows URL-based filenames. *Thomas Fuchs*
2069
2070 * Fix that FormTagHelper#submit_tag using :disable_with should trigger the onsubmit handler of its form if available *David Heinemeier Hansson*
2071
2072 * Fix #render_file so that TemplateError is called with the correct params and you don't get the WSOD. *Rick Olson*
2073
2074 * Fix issue with deprecation messing up #template_root= usage. Add #prepend_view_path and #append_view_path to allow modification of a copy of the
2075 superclass' view_paths. [Rick Olson]
2076 * Allow Controllers to have multiple view_paths instead of a single template_root. Closes #2754 *John Long*
2077
2078 * Add much-needed html-scanner tests. Fixed CDATA parsing bug. *Rick Olson*
2079
2080 * improve error message for Routing for named routes. Closes #7346 *Rob Sanheim*
2081
2082 * Added enhanced docs to routing assertions. Closes #7359 *Rob Sanheim*
2083
2084 * fix form_for example in ActionController::Resources documentation. Closes #7362 *gnarg*
2085
2086 * Make sure that the string returned by TextHelper#truncate is actually a string, not a char proxy -- that should only be used internally while working on a multibyte-safe way of truncating *David Heinemeier Hansson*
2087
2088 * Added FormBuilder#submit as a delegate for FormTagHelper#submit_tag *David Heinemeier Hansson*
2089
2090 * Allow Routes to generate all urls for a set of options by specifying :generate_all => true. Allows caching to properly set or expire all paths for a resource. References #1739. *Nicholas Seckar*
2091
2092 * Change the query parser to map empty GET params to "" rather than nil. Closes #5694. *Nicholas Seckar*
2093
2094 * date_select and datetime_select take a :default option. #7052 *Nik Wakelin*
2095 date_select "post", "written_on", :default => 3.days.from_now
2096 date_select "credit_card", "bill_due", :default => { :day => 20 }
2097
2098 * select :multiple => true suffixes the attribute name with [] unless already suffixed. #6977 *nik.kakelin, ben, julik*
2099
2100 * Improve routes documentation. #7095 *zackchandler*
2101
2102 * mail_to :encode => 'hex' also encodes the mailto: part of the href attribute as well as the linked email when no name is given. #2061 *Jarkko Laine, pfc.pille@gmx.net*
2103
2104 * Resource member routes require :id, eliminating the ambiguous overlap with collection routes. #7229 *dkubb*
2105
2106 * Remove deprecated assertions. *Jeremy Kemper*
2107
2108 * Change session restoration to allow namespaced models to be autoloaded. Closes #6348. *Nicholas Seckar*
2109
2110 * Fix doubly appearing parameters due to string and symbol mixups. Closes #2551. *Anthony Eden*
2111
2112 * Fix overly greedy rescues when loading helpers. Fixes #6268. *Nicholas Seckar*
2113
2114 * Fixed NumberHelper#number_with_delimiter to use "." always for splitting the original number, not the delimiter parameter #7389 *ceefour*
2115
2116 * Autolinking recognizes trailing and embedded . , : ; #7354 *Jarkko Laine*
2117
2118 * Make TextHelper::auto_link recognize URLs with colons in path correctly, fixes #7268. *imajes*
2119
2120 * Update to script.aculo.us 1.7.0. *Thomas Fuchs*
2121
2122 * Modernize cookie testing code, and increase coverage (Heckle++) #7101 *Kevin Clark*
2123
2124 * Improve Test Coverage for ActionController::Routing::Route#matches_controller_and_action? (Heckle++) #7115 *Kevin Clark*
2125
2126 * Heckling ActionController::Resources::Resource revealed that set_prefixes didn't break when :name_prefix was munged. #7081 *Kevin Clark*
2127
2128 * Fix #distance_of_time_in_words to report accurately against the Duration class. #7114 *eventualbuddha*
2129
2130 * Refactor #form_tag to allow easy extending. *Rick Olson*
2131
2132 * Update to Prototype 1.5.0. *Sam Stephenson*
2133
2134 * RecordInvalid, RecordNotSaved => 422 Unprocessable Entity, StaleObjectError => 409 Conflict. #7097 *dkubb*
2135
2136 * Allow fields_for to be nested inside form_for, so that the name and id get properly constructed *Jamis Buck*
2137
2138 * Allow inGroupsOf and eachSlice to be called through rjs. #7046 *Cody Fauser*
2139
2140 * Allow exempt_from_layout :rhtml. #6742, #7026 *Dan Manges, Squeegy*
2141
2142 * Recognize the .txt extension as Mime::TEXT *Rick Olson*
2143
2144 * Fix parsing of array[] CGI parameters so extra empty values aren't included. #6252 *Nicholas Seckar, aiwilliams, brentrowland*
2145
2146 * link_to_unless_current works with full URLs as well as paths. #6891 *Jarkko Laine, Manfred Stienstra, idrifter*
2147
2148 * Lookup the mime type for #auto_discovery_link_tag in the Mime::Type class. Closes #6941 *Josh Peek*
2149
2150 * Fix bug where nested resources ignore a parent singleton parent's path prefix. Closes #6940 *Dan Kubb*
2151
2152 * Fix no method error with error_messages_on. Closes #6935 *nik.wakelin Koz*
2153
2154 * Slight doc tweak to the ActionView::Helpers::PrototypeHelper#replace docs. Closes #6922 *Steven Bristol*
2155
2156 * Slight doc tweak to #prepend_filter. Closes #6493 *Jeremy Voorhis*
2157
2158 * Add more extensive documentation to the AssetTagHelper. Closes #6452 *Bob Silva*
2159
2160 * Clean up multiple calls to #stringify_keys in TagHelper, add better documentation and testing for TagHelper. Closes #6394 *Bob Silva*
2161
2162 * [DOCS] fix reference to ActionController::Macros::AutoComplete for #text_field_with_auto_complete. Closes #2578 *Jan Prill*
2163
2164 * Make sure html_document is reset between integration test requests. *ctm*
2165
2166 * Set session to an empty hash if :new_session => false and no session cookie or param is present. CGI::Session was raising an unrescued ArgumentError. *Josh Susser*
2167
2168 * Routing uses URI escaping for path components and CGI escaping for query parameters. *darix, Jeremy Kemper*
2169
2170 * Fix assert_redirected_to bug where redirecting from a nested to to a top-level controller incorrectly added the current controller's nesting. Closes #6128. *Rick Olson*
2171
2172 * Singleton resources: POST /singleton => create, GET /singleton/new => new. *Jeremy Kemper*
2173
2174 * Use 400 Bad Request status for unrescued ActiveRecord::RecordInvalid exceptions. *Jeremy Kemper*
2175
2176 * Silence log_error deprecation warnings from inspecting deprecated instance variables. *Nate Wiger*
2177
2178 * Only cache GET requests with a 200 OK response. #6514, #6743 *RSL, anamba*
2179
2180 * Add a 'referer' attribute to TestRequest. *Jamis Buck*
2181
2182 * Ensure render :json => ... skips the layout. Closes #6808 *Josh Peek*
2183
2184 * Fix HTML::Node to output double quotes instead of single quotes. Closes #6845 *mitreandy*
2185
2186 * Correctly report which filter halted the chain. #6699 *Martin Emde*
2187
2188 * Fix a bug in Routing where a parameter taken from the path of the current request could not be used as a query parameter for the next. Closes #6752. *Nicholas Seckar*
2189
2190 * Unrescued ActiveRecord::RecordNotFound responds with 404 instead of 500. *Jeremy Kemper*
2191
2192 * Improved auto_link to match more valid urls correctly *Tobias Lütke*
2193
2194 * Add singleton resources. *Rick Olson*
2195
2196 map.resource :account
2197
2198 GET /account
2199 GET /account;edit
2200 UPDATE /account
2201 DELETE /account
2202
2203 * respond_to recognizes JSON. render :json => @person.to_json automatically sets the content type and takes a :callback option to specify a client-side function to call using the rendered JSON as an argument. #4185 *Scott Raymond, eventualbuddha*
2204 # application/json response with body 'Element.show({:name: "David"})'
2205 respond_to do |format|
2206 format.json { render :json => { :name => "David" }.to_json, :callback => 'Element.show' }
2207 end
2208
2209 * Makes :discard_year work without breaking multi-attribute parsing in AR. #1260, #3800 *sean@ardismg.com, jmartin@desertflood.com, stephen@touset.org, Bob Silva*
2210
2211 * Adds html id attribute to date helper elements. #1050, #1382 *mortonda@dgrmm.net, David North, Bob Silva*
2212
2213 * Add :index and @auto_index capability to model driven date/time selects. #847, #2655 *moriq, Doug Fales, Bob Silva*
2214
2215 * Add :order to datetime_select, select_datetime, and select_date. #1427 *Timothee Peignier, Patrick Lenz, Bob Silva*
2216
2217 * Added time_select to work with time values in models. Update scaffolding. #2489, #2833 *Justin Palmer, Andre Caum, Bob Silva*
2218
2219 * Added :include_seconds to select_datetime, datetime_select and time_select. #2998 *csn, Bob Silva*
2220
2221 * All date/datetime selects can now accept an array of month names with :use_month_names. Allows for localization. #363 *tomasj, Bob Silva*
2222
2223 * Adds :time_separator to select_time and :date_separator to select_datetime. Preserves BC. #3811 *Bob Silva*
2224
2225 * Added map.root as an alias for map.connect '' *David Heinemeier Hansson*
2226
2227 * Added Request#format to return the format used for the request as a mime type. If no format is specified, the first Request#accepts type is used. This means you can stop using respond_to for anything else than responses [David Heinemeier Hansson]. Examples:
2228
2229 GET /posts/5.xml | request.format => Mime::XML
2230 GET /posts/5.xhtml | request.format => Mime::HTML
2231 GET /posts/5 | request.format => request.accepts.first (usually Mime::HTML for browsers)
2232
2233 * Added the option for extension aliases to mime type registration [David Heinemeier Hansson]. Example (already in the default routes):
2234
2235 Mime::Type.register "text/html", :html, %w( application/xhtml+xml ), %w( xhtml )
2236
2237 ...will respond on both .html and .xhtml.
2238
2239 * @response.redirect_url works with 201 Created responses: just return headers['Location'] rather than checking the response status. *Jeremy Kemper*
2240
2241 * Added CSV to Mime::SET so that respond_to csv will work *Cody Fauser*
2242
2243 * Fixed that HEAD should return the proper Content-Length header (that is, actually use @body.size, not just 0) *David Heinemeier Hansson*
2244
2245 * Added GET-masquarading for HEAD, so request.method will return :get even for HEADs. This will help anyone relying on case request.method to automatically work with HEAD and map.resources will also allow HEADs to all GET actions. Rails automatically throws away the response content in a reply to HEAD, so you don't even need to worry about that. If you, for whatever reason, still need to distinguish between GET and HEAD in some edge case, you can use Request#head? and even Request.headers["REQUEST_METHOD"] for get the "real" answer. Closes #6694 *David Heinemeier Hansson*
2246
2247 * Update Routing to complain when :controller is not specified by a route. Closes #6669. *Nicholas Seckar*
2248
2249 * Ensure render_to_string cleans up after itself when an exception is raised. #6658 *Rob Sanheim*
2250
2251 * Extract template_changed_since? from compile_template? so plugins may override its behavior for non-file-based templates. #6651 *Jeff Barczewski*
2252
2253 * Update to Prototype and script.aculo.us [5579]. *Thomas Fuchs*
2254
2255 * simple_format helper doesn't choke on nil. #6644 *jerry426*
2256
2257 * Update to Prototype 1.5.0_rc2 [5550] which makes it work in Opera again *Thomas Fuchs*
2258
2259 * Reuse named route helper module between Routing reloads. Use remove_method to delete named route methods after each load. Since the module is never collected, this fixes a significant memory leak. *Nicholas Seckar*
2260
2261 * ActionView::Base.erb_variable accessor names the buffer variable used to render templates. Defaults to _erbout; use _buf for erubis. *Rick Olson*
2262
2263 * assert_select_rjs :remove. *Dylan Egan*
2264
2265 * Always clear model associations from session. #4795 *sd@notso.net, andylien@gmail.com*
2266
2267 * Update to Prototype 1.5.0_rc2. *Sam Stephenson*
2268
2269 * Remove JavaScriptLiteral in favor of ActiveSupport::JSON::Variable. *Sam Stephenson*
2270
2271 * Sync ActionController::StatusCodes::STATUS_CODES with http://www.iana.org/assignments/http-status-codes. #6586 *dkubb*
2272
2273 * Multipart form values may have a content type without being treated as uploaded files if they do not provide a filename. #6401 *Andreas Schwarz, Jeremy Kemper*
2274
2275 * assert_response supports symbolic status codes. #6569 *Kevin Clark*
2276 assert_response :ok
2277 assert_response :not_found
2278 assert_response :forbidden
2279
2280 * Cache parsed query parameters. #6559 *Stefan Kaes*
2281
2282 * Deprecate JavaScriptHelper#update_element_function, which is superseeded by RJS *Thomas Fuchs*
2283
2284 * pluralize helper interprets nil as zero. #6474 *Tim Pope*
2285
2286 * Fix invalid test fixture exposed by stricter Ruby 1.8.5 multipart parsing. #6524 *Bob Silva*
2287
2288 * Set ActionView::Base.default_form_builder once rather than passing the :builder option to every form or overriding the form helper methods. *Jeremy Kemper*
2289
2290 * Deprecate expire_matched_fragments. Use expire_fragment instead. #6535 *Bob Silva*
2291
2292 * Update to latest Prototype, which doesn't serialize disabled form elements, adds clone() to arrays, empty/non-string Element.update() and adds a fixes excessive error reporting in WebKit beta versions *Thomas Fuchs*
2293
2294 * Deprecate start_form_tag and end_form_tag. Use form_tag / '</form>' from now on. *Rick Olson*
2295
2296 * Added block-usage to PrototypeHelper#form_remote_tag, document block-usage of FormTagHelper#form_tag *Rick Olson*
2297
2298 * Add a 0 margin/padding div around the hidden _method input tag that form_tag outputs. *Rick Olson*
2299
2300 * Added block-usage to TagHelper#content_tag [David Heinemeier Hansson]. Example:
2301
2302 <% content_tag :div, :class => "strong" %>
2303 Hello world!
2304 <% end %>
2305
2306 Will output:
2307 <div class="strong">Hello world!</div>
2308
2309 * Deprecated UrlHelper#link_to_image and UrlHelper#link_to :post => true #6409 *Bob Silva*
2310
2311 * Upgraded NumberHelper with number_to_phone support international formats to comply with ITU E.123 by supporting area codes with less than 3 digits, added precision argument to number_to_human_size (defaults to 1) #6421 *Bob Silva*
2312
2313 * Fixed that setting RAILS_ASSET_ID to "" should not add a trailing slash after assets #6454 *Bob Silva/chrismear*
2314
2315 * Force *_url named routes to show the host in ActionView *Rick Olson*
2316
2317 <%= url_for ... %> # no host
2318 <%= foo_path %> # no host
2319 <%= foo_url %> # host!
2320
2321 * Add support for converting blocks into function arguments to JavaScriptGenerator#call and JavaScriptProxy#call. *Sam Stephenson*
2322
2323 * Add JavaScriptGenerator#literal for wrapping a string in an object whose #to_json is the string itself. *Sam Stephenson*
2324
2325 * Add <%= escape_once html %> to escape html while leaving any currently escaped entities alone. Fix button_to double-escaping issue. *Rick Olson*
2326
2327 * Fix double-escaped entities, such as &amp;amp;, &amp;#123;, etc. *Rick Olson*
2328
2329 * Fix deprecation warnings when rendering the template error template. *Nicholas Seckar*
2330
2331 * Fix routing to correctly determine when generation fails. Closes #6300. [psross].
2332
2333 * Fix broken assert_generates when extra keys are being checked. *Jamis Buck*
2334
2335 * Replace KCODE checks with String#chars for truncate. Closes #6385 *Manfred Stienstra*
2336
2337 * Make page caching respect the format of the resource that is being requested even if the current route is the default route so that, e.g. posts.rss is not transformed by url_for to '/' and subsequently cached as '/index.html' when it should be cached as '/posts.rss'. *Marcel Molina Jr.*
2338
2339 * Use String#chars in TextHelper::excerpt. Closes #6386 *Manfred Stienstra*
2340
2341 * Install named routes into ActionView::Base instead of proxying them to the view via helper_method. Closes #5932. *Nicholas Seckar*
2342
2343 * Update to latest Prototype and script.aculo.us trunk versions *Thomas Fuchs*
2344
2345 * Fix relative URL root matching problems. *Mark Imbriaco*
2346
2347 * Fix filter skipping in controller subclasses. #5949, #6297, #6299 *Martin Emde*
2348
2349 * render_text may optionally append to the response body. render_javascript appends by default. This allows you to chain multiple render :update calls by setting @performed_render = false between them (awaiting a better public API). *Jeremy Kemper*
2350
2351 * Rename test assertion to prevent shadowing. Closes #6306. *psross*
2352
2353 * Fixed that NumberHelper#number_to_delimiter should respect precision of higher than two digits #6231 *Philip Hallstrom*
2354
2355 * Fixed that FormHelper#radio_button didn't respect an :id being passed in #6266 *evansj*
2356
2357 * Added an html_options hash parameter to javascript_tag() and update_page_tag() helpers #6311 [tzaharia]. Example:
2358
2359 update_page_tag :defer => 'true' { |page| ... }
2360
2361 Gives:
2362
2363 <script defer="true" type="text/javascript">...</script>
2364
2365 Which is needed for dealing with the IE6 DOM when it's not yet fully loaded.
2366
2367 * Fixed that rescue template path shouldn't be hardcoded, then it's easier to hook in your own #6295 *Mike Naberezny*
2368
2369 * Fixed escaping of backslashes in JavaScriptHelper#escape_javascript #6302 *sven@c3d2.de*
2370
2371 * Fixed that some 500 rescues would cause 500's themselves because the response had not yet been generated #6329 *cmselmer*
2372
2373 * respond_to :html doesn't assume .rhtml. #6281 *Hampton Catlin*
2374
2375 * Fixed some deprecation warnings in ActionPack *Rick Olson*
2376
2377 * assert_select_rjs decodes escaped unicode chars since the Javascript generators encode them. #6240 *japgolly*
2378
2379 * Deprecation: @cookies, @headers, @request, @response will be removed after 1.2. Use the corresponding method instead. *Jeremy Kemper*
2380
2381 * Make the :status parameter expand to the default message for that status code if it is an integer. Also support symbol statuses. [Jamis Buck]. Examples:
2382
2383 head :status => 404 # expands to "404 Not Found"
2384 head :status => :not_found # expands to "404 Not Found"
2385 head :status => :created # expands to "201 Created"
2386
2387 * Add head(options = {}) for responses that have no body. [Jamis Buck]. Examples:
2388
2389 head :status => 404 # return an empty response with a 404 status
2390 head :location => person_path(@person), :status => 201
2391
2392 * Fix bug that kept any before_filter except the first one from being able to halt the before_filter chain. *Rick Olson*
2393
2394 * strip_links is case-insensitive. #6285 *tagoh, Bob Silva*
2395
2396 * Clear the cache of possible controllers whenever Routes are reloaded. *Nicholas Seckar*
2397
2398 * Filters overhaul including meantime filter support using around filters + blocks. #5949 *Martin Emde, Roman Le Negrate, Stefan Kaes, Jeremy Kemper*
2399
2400 * Update RJS render tests. *sam*
2401
2402 * Update CGI process to allow sessions to contain namespaced models. Closes #4638. *dfelstead@site5.com*
2403
2404 * Fix routing to respect user provided requirements and defaults when assigning default routing options (such as :action => 'index'). Closes #5950. *Nicholas Seckar*
2405
2406 * Rescue Errno::ECONNRESET to handle an unexpectedly closed socket connection. Improves SCGI reliability. #3368, #6226 *sdsykes, fhanshaw@vesaria.com*
2407
2408 * Added that respond_to blocks will automatically set the content type to be the same as is requested [David Heinemeier Hansson]. Examples:
2409
2410 respond_to do |format|
2411 format.html { render :text => "I'm being sent as text/html" }
2412 format.rss { render :text => "I'm being sent as application/rss+xml" }
2413 format.atom { render :text => "I'm being sent as application/xml", :content_type => Mime::XML }
2414 end
2415
2416 * Added utf-8 as the default charset for all renders. You can change this default using ActionController::Base.default_charset=(encoding) *David Heinemeier Hansson*
2417
2418 * Added proper getters and setters for content type and charset [David Heinemeier Hansson]. Example of what we used to do:
2419
2420 response.headers["Content-Type"] = "application/atom+xml; charset=utf-8"
2421
2422 ...now:
2423
2424 response.content_type = Mime::ATOM
2425 response.charset = "utf-8"
2426
2427 * Updated prototype.js to 1.5.0_rc1 with latest fixes. *Rick Olson*
2428
2429 - XPATH support
2430 - Make Form.getElements() return elements in the correct order
2431 - fix broken Form.serialize return
2432
2433 * Declare file extensions exempt from layouts. #6219 *brandon*
2434 Example: ActionController::Base.exempt_from_layout 'rpdf'
2435
2436 * Add chained replace/update support for assert_select_rjs *Rick Olson*
2437
2438 Given RJS like...
2439
2440 page['test1'].replace "<div id=\"1\">foo</div>"
2441 page['test2'].replace_html "<div id=\"2\">foo</div>"
2442
2443 Test it with...
2444
2445 assert_select_rjs :chained_replace
2446 assert_select_rjs :chained_replace, "test1"
2447
2448 assert_select_rjs :chained_replace_html
2449 assert_select_rjs :chained_replace_html, "test2"
2450
2451 * Load helpers in alphabetical order for consistency. Resolve cyclic javascript_helper dependency. #6132, #6178 *choonkeat@gmail.com*
2452
2453 * Skip params with empty names, such as the &=Save query string from <input type="submit"/>. #2569 *Manfred Stienstra, raphinou@yahoo.com*
2454
2455 * Fix assert_tag so that :content => "foo" does not match substrings, but only exact strings. Use :content => /foo/ to match substrings. #2799 *Eric Hodel*
2456
2457 * Add descriptive messages to the exceptions thrown by cgi_methods. #6091, #6103 *Nicholas Seckar, Bob Silva*
2458
2459 * Update JavaScriptGenerator#show/hide/toggle/remove to new Prototype syntax for multiple ids, #6068 *petermichaux@gmail.com*
2460
2461 * Update UrlWriter to support :only_path. *Nicholas Seckar, Dave Thomas*
2462
2463 * Fixed JavaScriptHelper#link_to_function and JavaScriptHelper#button_to_function to have the script argument be optional [David Heinemeier Hansson]. So what used to require a nil, like this:
2464
2465 link_to("Hider", nil, :class => "hider_link") { |p| p[:something].hide }
2466
2467 ...can be written like this:
2468
2469 link_to("Hider", :class => "hider_link") { |p| p[:something].hide }
2470
2471 * Update to script.aculo.us 1.6.3 *Thomas Fuchs*
2472
2473 * Update to Prototype 1.5.0_rc1 *sam*
2474
2475 * Added access to nested attributes in RJS #4548 [richcollins@gmail.com]. Examples:
2476
2477 page['foo']['style'] # => $('foo').style;
2478 page['foo']['style']['color'] # => $('blank_slate').style.color;
2479 page['foo']['style']['color'] = 'red' # => $('blank_slate').style.color = 'red';
2480 page['foo']['style'].color = 'red' # => $('blank_slate').style.color = 'red';
2481
2482 * Fixed that AssetTagHelper#image_tag and others using compute_public_path should not modify the incoming source argument (closes #5102) *eule@space.ch*
2483
2484 * Deprecated the auto-appending of .png to AssetTagHelper#image_tag calls that doesn't have an extension *David Heinemeier Hansson*
2485
2486 * Fixed FormOptionsHelper#select to respect :selected value #5813
2487
2488 * Fixed TextHelper#simple_format to deal with multiple single returns within a single paragraph #5835 *moriq@moriq.com*
2489
2490 * Fixed TextHelper#pluralize to handle 1 as a string #5909 *rails@bencurtis.com*
2491
2492 * Improved resolution of DateHelper#distance_of_time_in_words for better precision #5994 *Bob Silva*
2493
2494 * Changed that uncaught exceptions raised any where in the application will cause RAILS_ROOT/public/500.html to be read and shown instead of just the static "Application error (Rails)" *David Heinemeier Hansson*
2495
2496 * Integration tests: thoroughly test ActionController::Integration::Session. #6022 *Kevin Clark*
2497 (tests skipped unless you `gem install mocha`)
2498
2499 * Added deprecation language for pagination which will become a plugin by Rails 2.0 *David Heinemeier Hansson*
2500
2501 * Added deprecation language for in_place_editor and auto_complete_field that both pieces will become plugins by Rails 2.0 *David Heinemeier Hansson*
2502
2503 * Deprecated all of ActionController::Dependencies. All dependency loading is now handled from Active Support *David Heinemeier Hansson*
2504
2505 * Added assert_select* for CSS selector-based testing (deprecates assert_tag) #5936 *assaf.arkin@gmail.com*
2506
2507 * radio_button_tag generates unique id attributes. #3353 *Bob Silva, somekool@gmail.com*
2508
2509 * strip_tags passes through blank args such as nil or "". #2229, #6702 *duncan@whomwah.com, dharana*
2510
2511 * Cleanup assert_tag :children counting. #2181 *jamie@bravenet.com*
2512
2513 * button_to accepts :method so you can PUT and DELETE with it. #6005 *Dan Webb*
2514
2515 * Update sanitize text helper to strip plaintext tags, and <img src="javascript:bang">. *Rick Olson*
2516
2517 * Update routing documentation. Closes #6017 *Nathan Witmer*
2518
2519 * Add routing tests to assert that RoutingError is raised when conditions aren't met. Closes #6016 *Nathan Witmer*
2520
2521 * Deprecation: update docs. #5998 *Jakob Skjerning, Kevin Clark*
2522
2523 * Make auto_link parse a greater subset of valid url formats. *Jamis Buck*
2524
2525 * Integration tests: headers beginning with X aren't excluded from the HTTP_ prefix, so X-Requested-With becomes HTTP_X_REQUESTED_WITH as expected. *Mike Clark*
2526
2527 * Tighten rescue clauses. #5985 *james@grayproductions.net*
2528
2529 * Fix send_data documentation typo. #5982 *brad@madriska.com*
2530
2531 * Switch to using FormEncodedPairParser for parsing request parameters. *Nicholas Seckar, David Heinemeier Hansson*
2532
2533 * respond_to .html now always renders #{action_name}.rhtml so that registered custom template handlers do not override it in priority. Custom mime types require a block and throw proper error now. *Tobias Lütke*
2534
2535 * Deprecation: test deprecated instance vars in partials. *Jeremy Kemper*
2536
2537 * Add UrlWriter to allow writing urls from Mailers and scripts. *Nicholas Seckar*
2538
2539 * Clean up and run the Active Record integration tests by default. #5854 *Kevin Clark, Jeremy Kemper*
2540
2541 * Correct example in cookies docs. #5832 *jessemerriman@warpmail.net*
2542
2543 * Updated to script.aculo.us 1.6.2 *Thomas Fuchs*
2544
2545 * Relax Routing's anchor pattern warning; it was preventing use of [^/] inside restrictions. *Nicholas Seckar*
2546
2547 * Add controller_paths variable to Routing. *Nicholas Seckar*
2548
2549 * Fix assert_redirected_to issue with named routes for module controllers. *Rick Olson*
2550
2551 * Tweak RoutingError message to show option diffs, not just missing named route significant keys. *Rick Olson*
2552
2553 * Invoke method_missing directly on hidden actions. Closes #3030. *Nicholas Seckar*
2554
2555 * Require Tempfile explicitly for TestUploadedFile due to changes in class auto loading. *Rick Olson*
2556
2557 * Add RoutingError exception when RouteSet fails to generate a path from a Named Route. *Rick Olson*
2558
2559 * Replace Reloadable with Reloadable::Deprecated. *Nicholas Seckar*
2560
2561 * Deprecation: check whether instance variables have been monkeyed with before assigning them to deprecation proxies. Raises a RuntimeError if so. *Jeremy Kemper*
2562
2563 * Add support for the param_name parameter to the auto_complete_field helper. #5026 *david.a.williams@gmail.com*
2564
2565 * Deprecation! @params, @session, @flash will be removed after 1.2. Use the corresponding instance methods instead. You'll get printed warnings during tests and logged warnings in dev mode when you access either instance variable directly. *Jeremy Kemper*
2566
2567 * Make Routing noisy when an anchor regexp is assigned to a segment. #5674 *François Beausoleil*
2568
2569 * Added months and years to the resolution of DateHelper#distance_of_time_in_words, such that "60 days ago" becomes "2 months ago" #5611 *pjhyett@gmail.com*
2570
2571 * Short documentation to mention use of Mime::Type.register. #5710 *choonkeat@gmail.com*
2572
2573 * Make controller_path available as an instance method. #5724 *jmckible@gmail.com*
2574
2575 * Update query parser to support adjacent hashes. *Nicholas Seckar*
2576
2577 * Make action caching aware of different formats for the same action so that, e.g. foo.xml is cached separately from foo.html. Implicitly set content type when reading in cached content with mime revealing extensions so the entire onous isn't on the webserver. *Marcel Molina Jr.*
2578
2579 * Restrict Request Method hacking with ?_method to POST requests. *Rick Olson*
2580
2581 * Fix bug when passing multiple options to SimplyRestful, like :new => { :preview => :get, :draft => :get }. *Rick Olson, Josh Susser, Lars Pind*
2582
2583 * Dup the options passed to map.resources so that multiple resources get the same options. *Rick Olson*
2584
2585 * Fixed the new_#{resource}_url route and added named route tests for Simply Restful. *Rick Olson*
2586
2587 * Added map.resources from the Simply Restful plugin [David Heinemeier Hansson]. Examples (the API has changed to use plurals!):
2588
2589 map.resources :messages
2590 map.resources :messages, :comments
2591 map.resources :messages, :new => { :preview => :post }
2592
2593 * Fixed that integration simulation of XHRs should set Accept header as well *Edward Frederick*
2594
2595 * TestRequest#reset_session should restore a TestSession, not a hash *Michael Koziarski*
2596
2597 * Don't search a load-path of '.' for controller files *Jamis Buck*
2598
2599 * Update integration.rb to require test_process explicitly instead of via Dependencies. *Nicholas Seckar*
2600
2601 * Fixed that you can still access the flash after the flash has been reset in reset_session. Closes #5584 *lmarlow*
2602
2603 * Allow form_for and fields_for to work with indexed form inputs. *Jeremy Kemper, Matt Lyon*
2604
2605 <% form_for 'post[]', @post do |f| -%>
2606 <% end -%>
2607
2608 * Remove leak in development mode by replacing define_method with module_eval. *Nicholas Seckar*
2609
2610 * Provide support for decimal columns to form helpers. Closes #5672. *Dave Thomas*
2611
2612 * Update documentation for erb trim syntax. #5651 *matt@mattmargolis.net*
2613
2614 * Pass :id => nil or :class => nil to error_messages_for to supress that html attribute. #3586 *olivier_ansaldi@yahoo.com*
2615
2616 * Reset @html_document between requests so assert_tag works. #4810 *Jarkko Laine, easleydp@gmail.com*
2617
2618 * Update render :partial documentation. #5646 *matt@mattmargolis.net*
2619
2620 * Integration tests behave well with render_component. #4632 *edward.frederick@revolution.com, dev.rubyonrails@maxdunn.com*
2621
2622 * Added exception handling of missing layouts #5373 *chris@ozmm.org*
2623
2624 * Fixed that real files and symlinks should be treated the same when compiling templates #5438 *zachary@panandscan.com*
2625
2626 * Fixed that the flash should be reset when reset_session is called #5584 *Shugo Maeda*
2627
2628 * Added special case for "1 Byte" in NumberHelper#number_to_human_size #5593 *murpyh@rubychan.de*
2629
2630 * Fixed proper form-encoded parameter parsing for requests with "Content-Type: application/x-www-form-urlencoded; charset=utf-8" (note the presence of a charset directive) *David Heinemeier Hansson*
2631
2632 * Add route_name_path method to generate only the path for a named routes. For example, map.person will add person_path. *Nicholas Seckar*
2633
2634 * Avoid naming collision among compiled view methods. *Jeremy Kemper*
2635
2636 * Fix CGI extensions when they expect string but get nil in Windows. Closes #5276 *Mislav Marohnić*
2637
2638 * Determine the correct template_root for deeply nested components. #2841 *s.brink@web.de*
2639
2640 * Fix that routes with *path segments in the recall can generate URLs. *Rick Olson*
2641
2642 * Fix strip_links so that it doesn't hang on multiline <acronym> tags *Jamis Buck*
2643
2644 * Remove problematic control chars in rescue template. #5316 *Stefan Kaes*
2645
2646 * Make sure passed routing options are not mutated by routing code. #5314 *Blair Zajac*
2647
2648 * Make sure changing the controller from foo/bar to bing/bang does not change relative to foo. *Jamis Buck*
2649
2650 * Escape the path before routing recognition. #3671
2651
2652 * Make sure :id and friends are unescaped properly. #5275 *me@julik.nl*
2653
2654 * Fix documentation for with_routing to reflect new reality. #5281 *rramdas@gmail.com*
2655
2656 * Rewind readable CGI params so others may reread them (such as CGI::Session when passing the session id in a multipart form). #210 *mklame@atxeu.com, matthew@walker.wattle.id.au*
2657
2658 * Added Mime::TEXT (text/plain) and Mime::ICS (text/calendar) as new default types *David Heinemeier Hansson*
2659
2660 * Added Mime::Type.register(string, symbol, synonyms = []) for adding new custom mime types [David Heinemeier Hansson]. Example: Mime::Type.register("image/gif", :gif)
2661
2662 * Added support for Mime objects in render :content_type option [David Heinemeier Hansson]. Example: render :text => some_atom, :content_type => Mime::ATOM
2663
2664 * Add :status option to send_data and send_file. Defaults to '200 OK'. #5243 *Manfred Stienstra <m.stienstra@fngtps.com>*
2665
2666 * Routing rewrite. Simpler, faster, easier to understand. The published API for config/routes.rb is unchanged, but nearly everything else is different, so expect breakage in plugins and libs that try to fiddle with routes. *Nicholas Seckar, Jamis Buck*
2667
2668 map.connect '/foo/:id', :controller => '...', :action => '...'
2669 map.connect '/foo/:id.:format', :controller => '...', :action => '...'
2670 map.connect '/foo/:id', ..., :conditions => { :method => :get }
2671
2672 * Cope with missing content type and length headers. Parse parameters from multipart and urlencoded request bodies only. *Jeremy Kemper*
2673
2674 * Accept multipart PUT parameters. #5235 *guy.naor@famundo.com*
2675
2676 * Added interrogation of params[:format] to determine Accept type. If :format is specified and matches a declared extension, like "rss" or "xml", that mime type will be put in front of the accept handler. This means you can link to the same action from different extensions and use that fact to determine output [David Heinemeier Hansson]. Example:
2677
2678 class WeblogController < ActionController::Base
2679 def index
2680 @posts = Post.find :all
2681
2682 respond_to do |format|
2683 format.html
2684 format.xml { render :xml => @posts.to_xml }
2685 format.rss { render :action => "feed.rxml" }
2686 end
2687 end
2688 end
2689
2690 \# returns HTML when requested by a browser, since the browser
2691 \# has the HTML mimetype at the top of its priority list
2692 Accept: text/html
2693 GET /weblog
2694
2695 \# returns the XML
2696 Accept: application/xml
2697 GET /weblog
2698
2699 \# returns the HTML
2700 Accept: application/xml
2701 GET /weblog.html
2702
2703 \# returns the XML
2704 Accept: text/html
2705 GET /weblog.xml
2706
2707 All this relies on the fact that you have a route that includes .:format.
2708
2709 * Expanded :method option in FormTagHelper#form_tag, FormHelper#form_for, PrototypeHelper#remote_form_for, PrototypeHelper#remote_form_tag, and PrototypeHelper#link_to_remote to allow for verbs other than GET and POST by automatically creating a hidden form field named _method, which will simulate the other verbs over post *David Heinemeier Hansson*
2710
2711 * Added :method option to UrlHelper#link_to, which allows for using other verbs than GET for the link. This replaces the :post option, which is now deprecated. Example: link_to "Destroy", person_url(:id => person), :method => :delete *David Heinemeier Hansson*
2712
2713 * follow_redirect doesn't complain about being redirected to the same controller. #5153 *dymo@mk.ukrtelecom.ua*
2714
2715 * Add layout attribute to response object with the name of the layout that was rendered, or nil if none rendered. *Kevin Clark*
2716
2717 * Fix NoMethodError when parsing params like &&. *Adam Greenfield*
2718
2719 * Fix flip flopped logic in docs for url_for's :only_path option. Closes #4998. *esad@esse.at*
2720
2721 * form.text_area handles the :size option just like the original text_area (:size => '60x10' becomes cols="