-
Notifications
You must be signed in to change notification settings - Fork 21.6k
/
CHANGELOG
5363 lines (3071 loc) · 261 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
*Rails 3.0.6 (unreleased)*
* Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. [Prem Sichanugrist, fxn]
* URL parameters which return false for to_param now appear in the query string (previously they were removed) [Andrew White]
* URL parameters which return nil for to_param are now removed from the query string [Andrew White]
* Don't allow i18n to change the minor version, version now set to ~> 0.5.0 [Santiago Pastorino]
* Make TranslationHelper#translate use the :rescue_format option in I18n 0.5.0 [Sven Fuchs]
* Fix regression: javascript_include_tag shouldn't raise if you register an expansion key with nil or [] value [Santiago Pastorino]
* Fix Action caching bug where an action that has a non-cacheable response always renders a nil response body. It now correctly renders the response body. [Cheah Chu Yeow]
*Rails 3.0.5 (February 26, 2011)*
* No changes.
*Rails 3.0.4 (February 8, 2011)*
* No changes.
*Rails 3.0.3 (November 16, 2010)*
* When ActiveRecord::Base objects are sent to predicate methods, the id of the object should be sent to ARel, not the ActiveRecord::Base object.
* :constraints routing should only do sanity checks against regular expressions. String arguments are OK.
*Rails 3.0.2 (November 15, 2010)*
* The helper number_to_currency accepts a new :negative_format option to be able to configure how to render negative amounts. [Don Wilson]
*Rails 3.0.1 (October 15, 2010)*
* No changes.
*Rails 3.0.0 (August 29, 2010)*
* Symbols and strings in routes should yield the same behavior. Note this may break existing apps that were using symbols with the new routes API [José Valim]
* Add clear_helpers as a way to clean up all helpers added to this controller, maintaing just the helper with the same name as the controller. [José Valim]
* Support routing constraints in functional tests. [Andrew White]
* Add a header that tells Internet Explorer (all versions) to use the best available standards support. [Yehuda Katz]
* Allow stylesheet/javascript extensions to be changed through railties. [Josh Kalderimis]
* link_to, button_to, and tag/tag_options now rely on html_escape instead of escape_once. [fxn]
* url_for returns always unescaped strings, and the :escape option is gone. [fxn]
* Added accept-charset parameter and _snowman hidden field to force the contents
of Rails POSTed forms to be in UTF-8 [Yehuda Katz]
* Upgrade to Rack 1.2.1 [Jeremy Kemper]
* Allow :path to be given to match/get/post/put/delete instead of :path_names in the new router [Carlos Antônio da Silva]
* Added resources_path_names to the new router DSL [José Valim]
* Allow options to be given to the namespace method in the new router [Carlos Antônio da Silva]
* Deprecate :name_prefix in the new router DSL [José Valim]
* Add shallow routes back to the new router [Diego Carrion, Andrew White]
resources :posts do
shallow do
resources :comments
end
end
You can now use comment_path for /comments/1 instead of post_comment_path for /posts/1/comments/1.
* Add support for multi-subdomain session by setting cookie host in session cookie so you can share session between www.example.com, example.com and user.example.com. #4818 [Guillermo Álvarez]
* Removed textilize, textilize_without_paragraph and markdown helpers. [Santiago Pastorino]
* Remove middleware laziness [José Valim]
* Make session stores rely on request.cookie_jar and change set_session semantics to return the cookie value instead of a boolean. [José Valim]
* OAuth 2: HTTP Token Authorization support to complement Basic and Digest Authorization. [Rick Olson]
* Fixed inconsistencies in form builder and view helpers #4432 [Neeraj Singh]
* Both :xml and :json renderers now forwards the given options to the model, allowing you to invoke them as render :xml => @projects, :include => :tasks [José Valim, Yehuda Katz]
* Renamed the field error CSS class from fieldWithErrors to field_with_errors for consistency. [Jeremy Kemper]
* Add support for shorthand routes like /projects/status(.:format) #4423 [Diego Carrion]
* Changed translate helper so that it doesn’t mark every translation as safe HTML. Only keys with a "_html" suffix and keys named "html" are considered to be safe HTML. All other translations are left untouched. [Craig Davey]
* New option :as added to form_for allows to change the object name. The old <% form_for :client, @post %> becomes <% form_for @post, :as => :client %> [spastorino]
* Removed verify method in controllers. [JV]
It's now available as a plugin at http://github.com/rails/verification
* Removed input, form, error_messages_for and error_message_on from views. [JV]
It's now available as a plugin at http://github.com/rails/dynamic_form
* Routes can be scoped by controller module. [Jeremy Kemper]
# /session => Auth::SessionsController
scope :module => 'auth' do
resource :session
end
* Added #favicon_link_tag, it uses #image_path so in particular the favicon gets an asset ID [fxn]
* Fixed that default locale templates should be used if the current locale template is missing [DHH]
* Added all the new HTML5 form types as individual form tag methods (search, url, number, etc) #3646 [Stephen Celis]
* Changed the object used in routing constraints to be an instance of
ActionDispatch::Request rather than Rack::Request [YK]
* Changed ActionDispatch::Request#method to return a String, to be compatible
with Rack::Request. Added ActionDispatch::Request#method_symbol to
return a symbol form of the request method. [YK]
* Changed ActionDispatch::Request#method to return the original
method and #request_method to return the overridden method in the
case of methodoverride being used (this means that #method returns
"HEAD" and #request_method returns "GET" in HEAD requests). This
is for compatibility with Rack::Request [YK]
* #concat is now deprecated in favor of using <%= %> helpers [YK]
* Block helpers now return Strings, so you can use <%= form_for @foo do |f| %>.
<% form_for do |f| %> still works with deprecation notices [YK]
* Add a new #mount method on the router that does not anchor the PATH_INFO
at the end [YK & CL]
* Create a new LookupContext object that is responsible for performantly
finding a template for a given pattern [JV]
* Removed relative_url_for in favor of respecting SCRIPT_NAME [YK & CL]
* Changed file streaming to use Rack::Sendfile middleware [YK]
* ActionDispatch::Request#content_type returns a String to be compatible with
Rack::Request. Use #content_mime_type for the Mime::Type instance [YK]
* Updated Prototype to 1.6.1 and Scriptaculous to 1.8.3 [ML]
* Change the preferred way that URL helpers are included into a class[YK & CL]
# for all helpers including named routes
include Rails.application.router.url_helpers
# for just url_for
include Rails.application.router.url_for
* Fixed that PrototypeHelper#update_page should return html_safe [DHH]
* Fixed that much of DateHelper wouldn't return html_safe? strings [DHH]
* Fixed that fragment caching should return a cache hit as html_safe (or it would all just get escaped) [DHH]
* Added that ActionController::Base now does helper :all instead of relying on the default ApplicationController in Rails to do it [DHH]
* Added ActionDispatch::Request#authorization to access the http authentication header regardless of its proxy hiding [DHH]
* Added :alert, :notice, and :flash as options to ActionController::Base#redirect_to that'll automatically set the proper flash before the redirection [DHH]. Examples:
flash[:notice] = 'Post was created'
redirect_to(@post)
...becomes:
redirect_to(@post, :notice => 'Post was created')
* Added ActionController::Base#notice/= and ActionController::Base#alert/= as a convenience accessors in both the controller and the view for flash[:notice]/= and flash[:alert]/= [DHH]
* Introduce grouped_collection_select helper. #1249 [Dan Codeape, Erik Ostrom]
* Make sure javascript_include_tag/stylesheet_link_tag does not append ".js" or ".css" onto external urls. #1664 [Matthew Rudy Jacobs]
* Ruby 1.9: fix Content-Length for multibyte send_data streaming. #2661 [Sava Chankov]
* Ruby 1.9: ERB template encoding using a magic comment at the top of the file. [Jeremy Kemper]
<%# encoding: utf-8 %>
* Change integration test helpers to accept Rack environment instead of just HTTP Headers [Pratik Naik]
Before : get '/path', {}, 'Accept' => 'text/javascript'
After : get '/path', {}, 'HTTP_ACCEPT' => 'text/javascript'
* Instead of checking Rails.env.test? in Failsafe middleware, check env["rails.raise_exceptions"] [Bryan Helmkamp]
* Fixed that TestResponse.cookies was returning cookies unescaped #1867 [Doug McInnes]
*2.3.2 [Final] (March 15, 2009)*
* Fixed that redirection would just log the options, not the final url (which lead to "Redirected to #<Post:0x23150b8>") [DHH]
* Don't check authenticity tokens for any AJAX requests [Ross Kaffenberger/Bryan Helmkamp]
* Added ability to pass in :public => true to fresh_when, stale?, and expires_in to make the request proxy cachable #2095 [Gregg Pollack]
* Fixed that passing a custom form builder would be forwarded to nested fields_for calls #2023 [Eloy Duran/Nate Wiger]
* Form option helpers now support disabled option tags and the use of lambdas for selecting/disabling option tags from collections #837 [Tekin]
* Added partial scoping to TranslationHelper#translate, so if you call translate(".foo") from the people/index.html.erb template, you'll actually be calling I18n.translate("people.index.foo") [DHH]
* Fix a syntax error in current_page?() that was prevent matches against URL's with multiple query parameters #1385, #1868 [chris finne/Andrew White]
* Added localized rescue template when I18n.locale is set (ex: public/404.da.html) #1835 [José Valim]
* Make the form_for and fields_for helpers support the new Active Record nested update options. #1202 [Eloy Duran]
<% form_for @person do |person_form| %>
...
<% person_form.fields_for :projects do |project_fields| %>
<% if project_fields.object.active? %>
Name: <%= project_fields.text_field :name %>
<% end %>
<% end %>
<% end %>
* Added grouped_options_for_select helper method for wrapping option tags in optgroups. #977 [Jon Crawford]
* Implement HTTP Digest authentication. #1230 [Gregg Kellogg, Pratik Naik] Example :
class DummyDigestController < ActionController::Base
USERS = { "lifo" => 'world' }
before_filter :authenticate
def index
render :text => "Hello Secret"
end
private
def authenticate
authenticate_or_request_with_http_digest("Super Secret") do |username|
# Return the user's password
USERS[username]
end
end
end
* Improved i18n support for the number_to_human_size helper. Changes the storage_units translation data; update your translations accordingly. #1634 [Yaroslav Markin]
storage_units:
# %u is the storage unit, %n is the number (default: 2 MB)
format: "%n %u"
units:
byte:
one: "Byte"
other: "Bytes"
kb: "KB"
mb: "MB"
gb: "GB"
tb: "TB"
* Added :silence option to BenchmarkHelper#benchmark and turned log_level into a hash parameter and deprecated the old use [DHH]
* Fixed the AssetTagHelper cache to use the computed asset host as part of the cache key instead of just assuming the its a string #1299 [DHH]
* Make ActionController#render(string) work as a shortcut for render :file/:template/:action => string. [#1435] [Pratik Naik] Examples:
# Instead of render(:action => 'other_action')
render('other_action') # argument has no '/'
render(:other_action)
# Instead of render(:template => 'controller/action')
render('controller/action') # argument must not begin with a '/', but contain a '/'
# Instead of render(:file => '/Users/lifo/home.html.erb')
render('/Users/lifo/home.html.erb') # argument must begin with a '/'
* Add :prompt option to date/time select helpers. #561 [Sam Oliver]
* Fixed that send_file shouldn't set an etag #1578 [Hongli Lai]
* Allow users to opt out of the spoofing checks in Request#remote_ip. Useful for sites whose traffic regularly triggers false positives. [Darren Boyd]
* Deprecated formatted_polymorphic_url. [Jeremy Kemper]
* Added the option to declare an asset_host as an object that responds to call (see http://github.com/dhh/asset-hosting-with-minimum-ssl for an example) [David Heinemeier Hansson]
* Added support for multiple routes.rb files (useful for plugin engines). This also means that draw will no longer clear the route set, you have to do that by hand (shouldn't make a difference to you unless you're doing some funky stuff) [David Heinemeier Hansson]
* Dropped formatted_* routes in favor of just passing in :format as an option. This cuts resource routes generation in half #1359 [aaronbatalion]
* Remove support for old double-encoded cookies from the cookie store. These values haven't been generated since before 2.1.0, and any users who have visited the app in the intervening 6 months will have had their cookie upgraded. [Michael Koziarski]
* Allow helpers directory to be overridden via ActionController::Base.helpers_dir #1424 [Sam Pohlenz]
* Remove deprecated ActionController::Base#assign_default_content_type_and_charset
* Changed the default of ActionView#render to assume partials instead of files when not given an options hash [David Heinemeier Hansson]. Examples:
# Instead of <%= render :partial => "account" %>
<%= render "account" %>
# Instead of <%= render :partial => "account", :locals => { :account => @buyer } %>
<%= render "account", :account => @buyer %>
# @account is an Account instance, so it uses the RecordIdentifier to replace
# <%= render :partial => "accounts/account", :locals => { :account => @account } %>
<%= render(@account) %>
# @posts is an array of Post instances, so it uses the RecordIdentifier to replace
# <%= render :partial => "posts/post", :collection => @posts %>
<%= render(@posts) %>
* Remove deprecated render_component. Please use the plugin from http://github.com/rails/render_component/tree/master [Pratik Naik]
* Fixed RedCloth and BlueCloth shouldn't preload. Instead just assume that they're available if you want to use textilize and markdown and let autoload require them [David Heinemeier Hansson]
*2.2.2 (November 21st, 2008)*
* I18n: translate number_to_human_size. Add storage_units: [Bytes, KB, MB, GB, TB] to your translations. #1448 [Yaroslav Markin]
* Restore backwards compatible functionality for setting relative_url_root. Include deprecation
* Switched the CSRF module to use the request content type to decide if the request is forgeable. #1145 [Jeff Cohen]
* Added :only and :except to map.resources to let people cut down on the number of redundant routes in an application. Typically only useful for huge routesets. #1215 [Tom Stuart]
map.resources :products, :only => :show do |product|
product.resources :images, :except => :destroy
end
* Added render :js for people who want to render inline JavaScript replies without using RJS [David Heinemeier Hansson]
* Fixed that polymorphic_url should compact given array #1317 [hiroshi]
* Fixed the sanitize helper to avoid double escaping already properly escaped entities #683 [antonmos/Ryan McGeary]
* Fixed that FormTagHelper generated illegal html if name contained square brackets #1238 [Vladimir Dobriakov]
* Fix regression bug that made date_select and datetime_select raise a Null Pointer Exception when a nil date/datetime was passed and only month and year were displayed #1289 [Bernardo Padua/Tor Erik]
* Simplified the logging format for parameters (don't include controller, action, and format as duplicates) [David Heinemeier Hansson]
* Remove the logging of the Session ID when the session store is CookieStore [David Heinemeier Hansson]
* Fixed regex in redirect_to to fully support URI schemes #1247 [Seth Fitzsimmons]
* Fixed bug with asset timestamping when using relative_url_root #1265 [Joe Goldwasser]
*2.2.0 [RC1] (October 24th, 2008)*
* Fix incorrect closing CDATA delimiter and that HTML::Node.parse would blow up on unclosed CDATA sections [packagethief]
* Added stale? and fresh_when methods to provide a layer of abstraction above request.fresh? and friends [David Heinemeier Hansson]. Example:
class ArticlesController < ApplicationController
def show_with_respond_to_block
@article = Article.find(params[:id])
# If the request sends headers that differs from the options provided to stale?, then
# the request is indeed stale and the respond_to block is triggered (and the options
# to the stale? call is set on the response).
#
# If the request headers match, then the request is fresh and the respond_to block is
# not triggered. Instead the default render will occur, which will check the last-modified
# and etag headers and conclude that it only needs to send a "304 Not Modified" instead
# of rendering the template.
if stale?(:last_modified => @article.published_at.utc, :etag => @article)
respond_to do |wants|
# normal response processing
end
end
end
def show_with_implied_render
@article = Article.find(params[:id])
# Sets the response headers and checks them against the request, if the request is stale
# (i.e. no match of either etag or last-modified), then the default render of the template happens.
# If the request is fresh, then the default render will return a "304 Not Modified"
# instead of rendering the template.
fresh_when(:last_modified => @article.published_at.utc, :etag => @article)
end
end
* Added inline builder yield to atom_feed_helper tags where appropriate [Sam Ruby]. Example:
entry.summary :type => 'xhtml' do |xhtml|
xhtml.p pluralize(order.line_items.count, "line item")
xhtml.p "Shipped to #{order.address}"
xhtml.p "Paid by #{order.pay_type}"
end
* Make PrototypeHelper#submit_to_remote a wrapper around PrototypeHelper#button_to_remote. [Tarmo Tänav]
* Set HttpOnly for the cookie session store's cookie. #1046
* Added FormTagHelper#image_submit_tag confirm option #784 [Alastair Brunton]
* Fixed FormTagHelper#submit_tag with :disable_with option wouldn't submit the button's value when was clicked #633 [Jose Fernandez]
* Stopped logging template compiles as it only clogs up the log [David Heinemeier Hansson]
* Changed the X-Runtime header to report in milliseconds [David Heinemeier Hansson]
* Changed BenchmarkHelper#benchmark to report in milliseconds [David Heinemeier Hansson]
* Changed logging format to be millisecond based and skip misleading stats [David Heinemeier Hansson]. Went from:
Completed in 0.10000 (4 reqs/sec) | Rendering: 0.04000 (40%) | DB: 0.00400 (4%) | 200 OK [http://example.com]
...to:
Completed in 100ms (View: 40, DB: 4) | 200 OK [http://example.com]
* Add support for shallow nesting of routes. #838 [S. Brent Faulkner]
Example :
map.resources :users, :shallow => true do |user|
user.resources :posts
end
- GET /users/1/posts (maps to PostsController#index action as usual)
named route "user_posts" is added as usual.
- GET /posts/2 (maps to PostsController#show action as if it were not nested)
Additionally, named route "post" is added too.
* Added button_to_remote helper. #3641 [Donald Piret, Tarmo Tänav]
* Deprecate render_component. Please use render_component plugin from http://github.com/rails/render_component/tree/master [Pratik Naik]
* Routes may be restricted to lists of HTTP methods instead of a single method or :any. #407 [Brennan Dunn, Gaius Centus Novus]
map.resource :posts, :collection => { :search => [:get, :post] }
map.session 'session', :requirements => { :method => [:get, :post, :delete] }
* Deprecated implicit local assignments when rendering partials [Josh Peek]
* Introduce current_cycle helper method to return the current value without bumping the cycle. #417 [Ken Collins]
* Allow polymorphic_url helper to take url options. #880 [Tarmo Tänav]
* Switched integration test runner to use Rack processor instead of CGI [Josh Peek]
* Made AbstractRequest.if_modified_sense return nil if the header could not be parsed [Jamis Buck]
* Added back ActionController::Base.allow_concurrency flag [Josh Peek]
* AbstractRequest.relative_url_root is no longer automatically configured by a HTTP header. It can now be set in your configuration environment with config.action_controller.relative_url_root [Josh Peek]
* Update Prototype to 1.6.0.2 #599 [Patrick Joyce]
* Conditional GET utility methods. [Jeremy Kemper]
response.last_modified = @post.updated_at
response.etag = [:admin, @post, current_user]
if request.fresh?(response)
head :not_modified
else
# render ...
end
* All 2xx requests are considered successful [Josh Peek]
* Fixed that AssetTagHelper#compute_public_path shouldn't cache the asset_host along with the source or per-request proc's won't run [David Heinemeier Hansson]
* Removed config.action_view.cache_template_loading, use config.cache_classes instead [Josh Peek]
* Get buffer for fragment cache from template's @output_buffer [Josh Peek]
* Set config.action_view.warn_cache_misses = true to receive a warning if you perform an action that results in an expensive disk operation that could be cached [Josh Peek]
* Refactor template preloading. New abstractions include Renderable mixins and a refactored Template class [Josh Peek]
* Changed ActionView::TemplateHandler#render API method signature to render(template, local_assigns = {}) [Josh Peek]
* Changed PrototypeHelper#submit_to_remote to PrototypeHelper#button_to_remote to stay consistent with link_to_remote (submit_to_remote still works as an alias) #8994 [clemens]
* Add :recursive option to javascript_include_tag and stylesheet_link_tag to be used along with :all. #480 [Damian Janowski]
* Allow users to disable the use of the Accept header [Michael Koziarski]
The accept header is poorly implemented by browsers and causes strange
errors when used on public sites where crawlers make requests too. You
can use formatted urls (e.g. /people/1.xml) to support API clients in a
much simpler way.
To disable the header you need to set:
config.action_controller.use_accept_header = false
* Do not stat template files in production mode before rendering. You will no longer be able to modify templates in production mode without restarting the server [Josh Peek]
* Deprecated TemplateHandler line offset [Josh Peek]
* Allow caches_action to accept cache store options. #416. [José Valim]. Example:
caches_action :index, :redirected, :if => Proc.new { |c| !c.request.format.json? }, :expires_in => 1.hour
* Remove define_javascript_functions, javascript_include_tag and friends are far superior. [Michael Koziarski]
* Deprecate :use_full_path render option. The supplying the option no longer has an effect [Josh Peek]
* Add :as option to render a collection of partials with a custom local variable name. #509 [Simon Jefford, Pratik Naik]
render :partial => 'other_people', :collection => @people, :as => :person
This will let you access objects of @people as 'person' local variable inside 'other_people' partial template.
* time_zone_select: support for regexp matching of priority zones. Resolves #195 [Ernie Miller]
* Made ActionView::Base#render_file private [Josh Peek]
* Refactor and simplify the implementation of assert_redirected_to. Arguments are now normalised relative to the controller being tested, not the root of the application. [Michael Koziarski]
This could cause some erroneous test failures if you were redirecting between controllers
in different namespaces and wrote your assertions relative to the root of the application.
* Remove follow_redirect from controller functional tests.
If you want to follow redirects you can use integration tests. The functional test
version was only useful if you were using redirect_to :id=>...
* Fix polymorphic_url with singleton resources. #461 [Tammer Saleh]
* Replaced TemplateFinder abstraction with ViewLoadPaths [Josh Peek]
* Added block-call style to link_to [Sam Stephenson/David Heinemeier Hansson]. Example:
<% link_to(@profile) do %>
<strong><%= @profile.name %></strong> -- <span>Check it out!!</span>
<% end %>
* Performance: integration test benchmarking and profiling. [Jeremy Kemper]
* Make caching more aware of mime types. Ensure request format is not considered while expiring cache. [Jonathan del Strother]
* Drop ActionController::Base.allow_concurrency flag [Josh Peek]
* More efficient concat and capture helpers. Remove ActionView::Base.erb_variable. [Jeremy Kemper]
* Added page.reload functionality. Resolves #277. [Sean Huber]
* Fixed Request#remote_ip to only raise hell if the HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR doesn't match (not just if they're both present) [Mark Imbriaco, Bradford Folkens]
* Allow caches_action to accept a layout option [José Valim]
* Added Rack processor [Ezra Zygmuntowicz, Josh Peek]
*2.1.0 (May 31st, 2008)*
* InstanceTag#default_time_from_options overflows to DateTime [Geoff Buesing]
* Fixed that forgery protection can be used without session tracking (Peter Jones) [#139]
* Added session(:on) to turn session management back on in a controller subclass if the superclass turned it off (Peter Jones) [#136]
* Change the request forgery protection to go by Content-Type instead of request.format so that you can't bypass it by POSTing to "#{request.uri}.xml" [Rick Olson]
* InstanceTag#default_time_from_options with hash args uses Time.current as default; respects hash settings when time falls in system local spring DST gap [Geoff Buesing]
* select_date defaults to Time.zone.today when config.time_zone is set [Geoff Buesing]
* Fixed that TextHelper#text_field would corrypt when raw HTML was used as the value (mchenryc, Kevin Glowacz) [#80]
* Added ActionController::TestCase#rescue_action_in_public! to control whether the action under test should use the regular rescue_action path instead of simply raising the exception inline (great for error testing) [David Heinemeier Hansson]
* Reduce number of instance variables being copied from controller to view. [Pratik Naik]
* select_datetime and select_time default to Time.zone.now when config.time_zone is set [Geoff Buesing]
* datetime_select defaults to Time.zone.now when config.time_zone is set [Geoff Buesing]
* Remove ActionController::Base#view_controller_internals flag. [Pratik Naik]
* Add conditional options to caches_page method. [Paul Horsfall]
* Move missing template logic to ActionView. [Pratik Naik]
* Introduce ActionView::InlineTemplate class. [Pratik Naik]
* Automatically parse posted JSON content for Mime::JSON requests. [Rick Olson]
POST /posts
{"post": {"title": "Breaking News"}}
def create
@post = Post.create params[:post]
# ...
end
* add json_escape ERB util to escape html entities in json strings that are output in HTML pages. [Rick Olson]
* Provide a helper proxy to access helper methods from outside views. Closes #10839 [Josh Peek]
e.g. ApplicationController.helpers.simple_format(text)
* Improve documentation. [Xavier Noria, leethal, jerome]
* Ensure RJS redirect_to doesn't html-escapes string argument. Closes #8546 [Josh Peek, eventualbuddha, Pratik Naik]
* Support render :partial => collection of heterogeneous elements. #11491 [Zach Dennis]
* Avoid remote_ip spoofing. [Brian Candler]
* Added support for regexp flags like ignoring case in the :requirements part of routes declarations #11421 [NeilW]
* Fixed that ActionController::Base#read_multipart would fail if boundary was exactly 10240 bytes #10886 [ariejan]
* Fixed HTML::Tokenizer (used in sanitize helper) didn't handle unclosed CDATA tags #10071 [esad, packagethief]
* Improve documentation. [Ryan Bigg, Jan De Poorter, Cheah Chu Yeow, Xavier Shay, Jack Danger Canty, Emilio Tagua, Xavier Noria, Sunny Ripert]
* Fixed that FormHelper#radio_button would produce invalid ids #11298 [harlancrystal]
* Added :confirm option to submit_tag #11415 [Emilio Tagua]
* Fixed NumberHelper#number_with_precision to properly round in a way that works equally on Mac, Windows, Linux (closes #11409, #8275, #10090, #8027) [zhangyuanyi]
* Allow the #simple_format text_helper to take an html_options hash for each paragraph. #2448 [François Beausoleil, Chris O'Sullivan]
* Fix regression from filter refactoring where re-adding a skipped filter resulted in it being called twice. [Rick Olson]
* Refactor filters to use Active Support callbacks. #11235 [Josh Peek]
* Fixed that polymorphic routes would modify the input array #11363 [thomas.lee]
* Added :format option to NumberHelper#number_to_currency to enable better localization support #11149 [lylo]
* Fixed that TextHelper#excerpt would include one character too many #11268 [Irfy]
* Fix more obscure nested parameter hash parsing bug. #10797 [thomas.lee]
* Added ActionView::Helpers::register_javascript/stylesheet_expansion to make it easier for plugin developers to inject multiple assets. #10350 [lotswholetime]
* Fix nested parameter hash parsing bug. #10797 [thomas.lee]
* Allow using named routes in ActionController::TestCase before any request has been made. Closes #11273 [Eloy Duran]
* Fixed that sweepers defined by cache_sweeper will be added regardless of the perform_caching setting. Instead, control whether the sweeper should be run with the perform_caching setting. This makes testing easier when you want to turn perform_caching on/off [David Heinemeier Hansson]
* Make MimeResponds::Responder#any work without explicit types. Closes #11140 [jaw6]
* Better error message for type conflicts when parsing params. Closes #7962 [spicycode, matt]
* Remove unused ActionController::Base.template_class. Closes #10787 [Pratik Naik]
* Moved template handlers related code from ActionView::Base to ActionView::Template. [Pratik Naik]
* Tests for div_for and content_tag_for helpers. Closes #11223 [Chris O'Sullivan]
* Allow file uploads in Integration Tests. Closes #11091 [RubyRedRick]
* Refactor partial rendering into a PartialTemplate class. [Pratik Naik]
* Added that requests with JavaScript as the priority mime type in the accept header and no format extension in the parameters will be treated as though their format was :js when it comes to determining which template to render. This makes it possible for JS requests to automatically render action.js.rjs files without an explicit respond_to block [David Heinemeier Hansson]
* Tests for distance_of_time_in_words with TimeWithZone instances. Closes #10914 [Ernesto Jimenez]
* Remove support for multivalued (e.g., '&'-delimited) cookies. [Jamis Buck]
* Fix problem with render :partial collections, records, and locals. #11057 [lotswholetime]
* Added support for naming concrete classes in sweeper declarations [David Heinemeier Hansson]
* Remove ERB trim variables from trace template in case ActionView::Base.erb_trim_mode is changed in the application. #10098 [Tim Pope, Chris Kampmeier]
* Fix typo in form_helper documentation. #10650 [Xavier Shay, Chris Kampmeier]
* Fix bug with setting Request#format= after the getter has cached the value. #10889 [cch1]
* Correct inconsistencies in RequestForgeryProtection docs. #11032 [Mislav Marohnić]
* Introduce a Template class to ActionView. #11024 [Pratik Naik]
* Introduce the :index option for form_for and fields_for to simplify multi-model forms (see http://railscasts.com/episodes/75). #9883 [rmm5t]
* Introduce map.resources :cards, :as => 'tarjetas' to use a custom resource name in the URL: cards_path == '/tarjetas'. #10578 [blj]
* TestSession supports indifferent access. #7372 [tamc, Arsen7, mhackett, julik, jean.helou]
* Make assert_routing aware of the HTTP method used. #8039 [mpalmer]
e.g. assert_routing({ :method => 'put', :path => '/product/321' }, { :controller => "product", :action => "update", :id => "321" })
* Make map.root accept a single symbol as an argument to declare an alias. #10818 [bscofield]
e.g. map.dashboard '/dashboard', :controller=>'dashboard'
map.root :dashboard
* Handle corner case with image_tag when passed 'messed up' image names. #9018 [Duncan Beevers, mpalmer]
* Add label_tag helper for generating elements. #10802 [DefV]
* Introduce TemplateFinder to handle view paths and lookups. #10800 [Pratik Naik]
* Performance: optimize route recognition. Large speedup for apps with many resource routes. #10835 [oleganza]
* Make render :partial recognise form builders and use the _form partial. #10814 [Damian Janowski]
* Allow users to declare other namespaces when using the atom feed helpers. #10304 [david.calavera]
* Introduce send_file :x_sendfile => true to send an X-Sendfile response header. [Jeremy Kemper]
* Fixed ActionView::Helpers::ActiveRecordHelper::form for when protect_from_forgery is used #10739 [Jeremy Evans]
* Provide nicer access to HTTP Headers. Instead of request.env["HTTP_REFERRER"] you can now use request.headers["Referrer"]. [Michael Koziarski]
* UrlWriter respects relative_url_root. #10748 [Cheah Chu Yeow]
* The asset_host block takes the controller request as an optional second argument. Example: use a single asset host for SSL requests. #10549 [Cheah Chu Yeow, Peter B, Tom Taylor]
* Support render :text => nil. #6684 [tjennings, PotatoSalad, Cheah Chu Yeow]
* assert_response failures include the exception message. #10688 [Seth Rasmussen]
* All fragment cache keys are now by default prefixed with the "views/" namespace [David Heinemeier Hansson]
* Moved the caching stores from ActionController::Caching::Fragments::* to ActiveSupport::Cache::*. If you're explicitly referring to a store, like ActionController::Caching::Fragments::MemoryStore, you need to update that reference with ActiveSupport::Cache::MemoryStore [David Heinemeier Hansson]
* Deprecated ActionController::Base.fragment_cache_store for ActionController::Base.cache_store [David Heinemeier Hansson]
* Made fragment caching in views work for rjs and builder as well #6642 [Dee Zsombor]
* Fixed rendering of partials with layout when done from site layout #9209 [antramm]
* Fix atom_feed_helper to comply with the atom spec. Closes #10672 [Xavier Shay]
* The tags created do not contain a date (http://feedvalidator.org/docs/error/InvalidTAG.html)
* IDs are not guaranteed unique
* A default self link was not provided, contrary to the documentation
* NOTE: This changes tags for existing atom entries, but at least they validate now.
* Correct indentation in tests. Closes #10671 [Luca Guidi]
* Fix that auto_link looks for ='s in url paths (Amazon urls have them). Closes #10640 [Brad Greenlee]
* Ensure that test case setup is run even if overridden. #10382 [Josh Peek]
* Fix HTML Sanitizer to allow trailing spaces in CSS style attributes. Closes #10566 [wesley.moxam]
* Add :default option to time_zone_select. #10590 [Matt Aimonetti]
*2.0.2* (December 16th, 2007)
* Added delete_via_redirect and put_via_redirect to integration testing #10497 [philodespotos]
* Allow headers['Accept'] to be set by hand when calling xml_http_request #10461 [BMorearty]
* Added OPTIONS to list of default accepted HTTP methods #10449 [holoway]
* Added option to pass proc to ActionController::Base.asset_host for maximum configurability #10521 [Cheah Chu Yeow]. Example:
ActionController::Base.asset_host = Proc.new { |source|
if source.starts_with?('/images')
"http://images.example.com"
else
"http://assets.example.com"
end
}
* Fixed that ActionView#file_exists? would be incorrect if @first_render is set #10569 [dbussink]
* Added that Array#to_param calls to_param on all it's elements #10473 [brandon]
* Ensure asset cache directories are automatically created. #10337 [Josh Peek, Cheah Chu Yeow]
* render :xml and :json preserve custom content types. #10388 [jmettraux, Cheah Chu Yeow]
* Refactor Action View template handlers. #10437, #10455 [Josh Peek]
* Fix DoubleRenderError message and leave out mention of returning false from filters. Closes #10380 [Frederick Cheung]
* Clean up some cruft around ActionController::Base#head. Closes #10417 [ssoroka]
*2.0.1* (December 7th, 2007)
* Fixed send_file/binary_content for testing #8044 [tolsen]
* When a NonInferrableControllerError is raised, make the proposed fix clearer in the error message. Closes #10199 [Jack Danger Canty]
* Update Prototype to 1.6.0.1. [sam]
* Update script.aculo.us to 1.8.0.1. [madrobby]
* Add 'disabled' attribute to <OPTION> separators used in time zone and country selects. Closes #10354 [Josh Susser]
* Added the same record identification guessing rules to fields_for as form_for has [David Heinemeier Hansson]
* Fixed that verification violations with no specified action didn't halt the chain (now they do with a 400 Bad Request) [David Heinemeier Hansson]
* Raise UnknownHttpMethod exception for unknown HTTP methods. Closes #10303 [Tarmo Tänav]
* Update to Prototype -r8232. [sam]
* Make sure the optimisation code for routes doesn't get used if :host, :anchor or :port are provided in the hash arguments. [pager, Michael Koziarski] #10292
* Added protection from trailing slashes on page caching #10229 [devrieda]
* Asset timestamps are appended, not prepended. Closes #10276 [Mike Naberezny]
* Minor inconsistency in description of render example. Closes #10029 [ScottSchram]
* Add #prepend_view_path and #append_view_path instance methods on ActionController::Base for consistency with the class methods. [Rick Olson]
* Refactor sanitizer helpers into HTML classes and make it easy to swap them out with custom implementations. Closes #10129. [Rick Olson]
* Add deprecation for old subtemplate syntax for ActionMailer templates, use render :partial [Rick Olson]
* Fix TemplateError so it doesn't bomb on exceptions while running tests [Rick Olson]
* Fixed that named routes living under resources shouldn't have double slashes #10198 [Isaac Feliu]
* Make sure that cookie sessions use a secret that is at least 30 chars in length. [Michael Koziarski]
* Fixed that partial rendering should look at the type of the first render to determine its own type if no other clues are available (like when using text.plain.erb as the extension in AM) #10130 [java]
* Fixed that has_many :through associations should render as collections too #9051 [mathie/Jack Danger Canty]
* Added :mouseover short-cut to AssetTagHelper#image_tag for doing easy image swaps #6893 [joost]
* Fixed handling of non-domain hosts #9479 [purp]
* Fix syntax error in documentation example for cycle method. Closes #8735 [foca]
* Document :with option for link_to_remote. Closes #8765 [Ryan Bates]
* Document :minute_step option for time_select. Closes #8814 [brupm]
* Explain how to use the :href option for link_to_remote to degrade gracefully in the absence of JavaScript. Closes #8911 [vlad]
* Disambiguate :size option for text area tag. Closes #8955 [redbeard]
* Fix broken tag in assert_tag documentation. Closes #9037 [mfazekas]
* Add documentation for route conditions. Closes #9041 [innu, Manfred Stienstra]
* Fix typo left over from previous typo fix in url helper. Closes #9414 [Henrik N]
* Fixed that ActionController::CgiRequest#host_with_port() should handle standard port #10082 [moro]
* Update Prototype to 1.6.0 and script.aculo.us to 1.8.0. [sam, madrobby]
* Expose the cookie jar as a helper method (before the view would just get the raw cookie hash) [David Heinemeier Hansson]
* Integration tests: get_ and post_via_redirect take a headers hash. #9130 [simonjefford]
* Simplfy #view_paths implementation. ActionView templates get the exact object, not a dup. [Rick Olson]
* Update tests for ActiveSupport's JSON escaping change. [Rick Olson]
* FormHelper's auto_index should use #to_param instead of #id_before_type_cast. Closes #9994 [mattly]
* Doc typo fixes for ActiveRecordHelper. Closes #9973 [mikong]
* Make example parameters in restful routing docs idiomatic. Closes #9993 [Jack Danger Canty]
* Make documentation comment for mime responders match documentation example. Closes #9357 [yon]
* Introduce a new test case class for functional tests. ActionController::TestCase. [Michael Koziarski]
* Fix incorrect path in helper rdoc. Closes #9926 [viktor tron]
* Partials also set 'object' to the default partial variable. #8823 [Nick Retallack, Jeremy Kemper]
* Request profiler. [Jeremy Kemper]
$ cat login_session.rb
get_with_redirect '/'
say "GET / => #{path}"
post_with_redirect '/sessions', :username => 'john', :password => 'doe'
say "POST /sessions => #{path}"
$ ./script/performance/request -n 10 login_session.rb
* Disabled checkboxes don't submit a form value. #9301 [vladr, robinjfisher]
* Added tests for options to ActiveRecordHelper#form. Closes #7213 [richcollins, mikong, Mislav Marohnić]
* Changed before_filter halting to happen automatically on render or redirect but no longer on simply returning false [David Heinemeier Hansson]
* Ensure that cookies handle array values correctly. Closes #9937 [queso]
* Make sure resource routes don't clash with internal helpers like javascript_path, image_path etc. #9928 [Geoff Buesing]
* caches_page uses a single after_filter instead of one per action. #9891 [Pratik Naik]
* Update Prototype to 1.6.0_rc1 and script.aculo.us to 1.8.0 preview 0. [sam, madrobby]
* Dispatcher: fix that to_prepare should only run once in production. #9889 [Nathaniel Talbott]
* Memcached sessions: add session data on initialization; don't silently discard exceptions; add unit tests. #9823 [kamk]
* error_messages_for also takes :message and :header_message options which defaults to the old "There were problems with the following fields:" and "<count> errors prohibited this <object_name> from being saved". #8270 [rmm5t, zach-inglis-lt3]
* Make sure that custom inflections are picked up by map.resources. #9815 [Mislav Marohnić]
* Changed SanitizeHelper#sanitize to only allow the custom attributes and tags when specified in the call [David Heinemeier Hansson]
* Extracted sanitization methods from TextHelper to SanitizeHelper [David Heinemeier Hansson]
* rescue_from accepts :with => lambda { |exception| ... } or a normal block. #9827 [Pratik Naik]
* Add :status to redirect_to allowing users to choose their own response code without manually setting headers. #8297 [Coda Hale, chasgrundy]
* Add link_to :back which uses your referrer with a fallback to a javascript link. #7366 [eventualbuddha, Tarmo Tänav]
* error_messages_for and friends also work with local variables. #9699 [Frederick Cheung]
* Fix url_for, redirect_to, etc. with :controller => :symbol instead of 'string'. #8562, #9525 [Justin Lynn, Tarmo Tänav, shoe]
* Use #require_library_or_gem to load the memcache library for the MemCache session and fragment cache stores. Closes #8662. [Rick Olson]
* Move ActionController::Routing.optimise_named_routes to ActionController::Base.optimise_named_routes. Now you can set it in the config. [Rick Olson]
config.action_controller.optimise_named_routes = false
* ActionController::Routing::DynamicSegment#interpolation_chunk should call #to_s on all values before calling URI.escape. [Rick Olson]
* Only accept session ids from cookies, prevents session fixation attacks. [bradediger]
*2.0.0 [Preview Release]* (September 29th, 2007) [Includes duplicates of changes from 1.12.2 - 1.13.3]
* Fixed that render template did not honor exempt_from_layout #9698 [pezra]
* Better error messages if you leave out the :secret option for request forgery protection. Closes #9670 [Rick Olson]
* Allow ability to disable request forgery protection, disable it in test mode by default. Closes #9693 [Pratik Naik]
* Avoid calling is_missing on LoadErrors. Closes #7460. [ntalbott]
* Move Railties' Dispatcher to ActionController::Dispatcher, introduce before_ and after_dispatch callbacks, and warm up to non-CGI requests. [Jeremy Kemper]
* The tag helper may bypass escaping. [Jeremy Kemper]
* Cache asset ids. [Jeremy Kemper]
* Optimized named routes respect AbstractRequest.relative_url_root. #9612 [Daniel Morrison, Jeremy Kemper]
* Introduce ActionController::Base.rescue_from to declare exception-handling methods. Cleaner style than the case-heavy rescue_action_in_public. #9449 [Norbert Crombach]
* Rename some RequestForgeryProtection methods. The class method is now #protect_from_forgery, and the default parameter is now 'authenticity_token'. [Rick Olson]
* Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model that verifies session-specific _tokens for non-GET requests. [Rick Olson]
* Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. Closes #8877. [Rick Olson, Pratik Naik, Jacques Distler]
This merges and renames the popular white_list helper (along with some css sanitizing from Jacques Distler version of the same plugin).
Also applied updated versions of #strip_tags and #strip_links from #8877.
* Remove use of & logic operator. Closes #8114. [watson]
* Fixed JavaScriptHelper#escape_javascript to also escape closing tags #8023 [Ruy Asan]
* Fixed TextHelper#word_wrap for multiline strings with extra carrier returns #8663 [seth]
* Fixed that setting the :host option in url_for would automatically turn off :only_path (since :host would otherwise not be shown) #9586 [Bounga]
* Added FormHelper#label. #8641, #9850 [jcoglan, Jarkko Laine]
* Added AtomFeedHelper (slightly improved from the atom_feed_helper plugin) [David Heinemeier Hansson]
* Prevent errors when generating routes for uncountable resources, (i.e. sheep where plural == singluar). map.resources :sheep now creates sheep_index_url for the collection and sheep_url for the specific item. [Michael Koziarski]
* Added support for HTTP Only cookies (works in IE6+ and FF 2.0.5+) as an improvement for XSS attacks #8895 [Pratik Naik, Mark Somerville]
* Don't warn when a path segment precedes a required segment. Closes #9615. [Nicholas Seckar]
* Fixed CaptureHelper#content_for to work with the optional content parameter instead of just the block #9434 [sandofsky/wildchild].
* Added Mime::Type.register_alias for dealing with different formats using the same mime type [David Heinemeier Hansson]. Example:
class PostsController < ApplicationController
before_filter :adjust_format_for_iphone
def index
@posts = Post.find(:all)
respond_to do |format|
format.html # => renders index.html.erb and uses "text/html" as the content type
format.iphone # => renders index.iphone.erb and uses "text/html" as the content type
end
end
private