Skip to content
Commits on Mar 31, 2011
  1. @tenderlove

    bumping to 3.0.6.rc2

    tenderlove committed Mar 30, 2011
Commits on Mar 29, 2011
  1. @tenderlove

    Revert "Improve testing of cookies in functional tests:"

    tenderlove committed Mar 29, 2011
    This reverts commit e2523ff.
Commits on Mar 28, 2011
  1. @tenderlove

    bumping version to 3.0.6.rc1

    tenderlove committed Mar 28, 2011
  2. @sikachu @tenderlove

    Do not show optional (.:format) block for wildcard route [#6605 state…

    sikachu committed with tenderlove Mar 29, 2011
    …:resolved]
    
    This will make the output of `rake routes` to be correctly match to the behavior of the application, as the regular expression used to match the path is greedy and won't capture the format part by default
    
    This commit is the second attempt on fixing the issue, as the regular expression on another commit on `master` was invalid.
Commits on Mar 24, 2011
  1. @joshk @spastorino

    correction to the outputted controller name in the diagnostics error …

    joshk committed with spastorino Mar 24, 2011
    …template, test included
    
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Commits on Mar 23, 2011
  1. @pixeltrix

    Fix filter :only and :except with implicit actions

    pixeltrix committed Mar 23, 2011
    The method_name argument is "default_render" for implicit actions
    so use the action_name attribute to determine which callbacks to run.
    
    [#5673 state:resolved]
Commits on Mar 16, 2011
  1. @joshk @spastorino

    fixes an issue with number_to_human when converting values which are …

    joshk committed with spastorino Mar 16, 2011
    …less than 1 but greater than -1 [#6576 state:resolved]
    
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Commits on Mar 10, 2011
  1. @fxn

    Filter sensitive query string parameters in the log [#6244 state:comm…

    fxn committed Jan 1, 2011
    …itted]
    
    This provides more safety to applications that put secret information in the query string, such as API keys or SSO tokens.
    
    Signed-off-by: Xavier Noria <fxn@hashref.com>
Commits on Mar 9, 2011
  1. @pixeltrix
Commits on Mar 6, 2011
  1. @pixeltrix

    Improve testing of cookies in functional tests:

    pixeltrix committed Mar 6, 2011
    - cookies can be set using string or symbol keys
    - cookies are preserved across calls to get, post, etc.
    - cookie names and values are escaped
    - cookies can be cleared using @request.cookies.clear
    
    [#6272 state:resolved]
  2. @pixeltrix
Commits on Mar 2, 2011
  1. @chuyeow @spastorino

    Fix Action caching bug where an action that has a non-cacheable respo…

    chuyeow committed with spastorino Feb 27, 2011
    …nse always renders a nil response body. It now correctly renders the response body.
    
    Note that only GET and HTTP 200 responses can be cached.
    
    [#6480 state:committed]
    
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Commits on Feb 28, 2011
  1. @spastorino

    javascript_include_tag shouldn't raise if you register an expansion k…

    spastorino committed Feb 28, 2011
    …ey with nil or [] value
  2. @svenfuchs @spastorino

    Make TranslationHelper#translate use the :rescue_format option in I18…

    svenfuchs committed with spastorino Feb 28, 2011
    …n 0.5.0 (backports 896e25e)
    
    Don't catch exceptions here. Instead only declare that we want exceptions to be rescued as :html, but also let users configure reactions to exceptions in I18n.
    
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Commits on Feb 27, 2011
  1. @tenderlove

    prepping for 3.0.5 release

    tenderlove committed Feb 26, 2011
Commits on Feb 23, 2011
  1. @tenderlove

    updating to 3.0.5.rc1

    tenderlove committed Feb 22, 2011
Commits on Feb 22, 2011
  1. @NZKoz

    Prepend the CSRF filter to make it much more difficult to execute app…

    NZKoz committed Feb 23, 2011
    …lication code before it fires.
Commits on Feb 14, 2011
  1. @pixeltrix
  2. @pixeltrix
Commits on Feb 13, 2011
  1. @pixeltrix
  2. @pixeltrix
Commits on Feb 12, 2011
  1. @spastorino

    Backport fix from master: fields_for with inline blocks and nested at…

    spastorino committed Feb 8, 2011
    …tributes already persisted does not render properly
    
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Commits on Feb 11, 2011
  1. @carlosantoniodasilva @spastorino

    Add missing deprecation require

    carlosantoniodasilva committed with spastorino Feb 11, 2011
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Commits on Feb 8, 2011
  1. @NZKoz

    Prepare for the 3.0.4 release

    NZKoz committed Feb 9, 2011
Commits on Jan 31, 2011
  1. @NZKoz

    Change the CSRF whitelisting to only apply to get requests

    NZKoz committed Jan 5, 2011
    Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:
    
     X-CSRF-Token: ...
    
    This fixes CVE-2011-0447
  2. @josevalim @NZKoz

    Use Mime::Type references.

    josevalim committed with NZKoz Nov 28, 2010
  3. @josevalim @NZKoz

    Ensure render is case sensitive even on systems with case-insensitive…

    josevalim committed with NZKoz Nov 28, 2010
    … filesystems.
    
    This fixes CVE-2011-0449
  4. @NZKoz

    Be sure to javascript_escape the email address to prevent apostrophes…

    NZKoz committed Dec 7, 2010
    … inadvertently causing javascript errors.
    
    This fixes CVE-2011-0446
Commits on Jan 30, 2011
  1. @NZKoz

    Prepare for the 3.0.4 release

    NZKoz committed Jan 31, 2011
Commits on Jan 19, 2011
  1. @josevalim
Commits on Jan 17, 2011
  1. @tenderlove
Commits on Jan 12, 2011
  1. @spastorino

    Reuse the view_context from the controller, this make the test enviro…

    spastorino committed Jan 12, 2011
    …nment more similar to the code applications uses
  2. @tenderlove
  3. @tenderlove
  4. @spastorino
Something went wrong with that request. Please try again.