…becomes impossible to target with expire_action.
add missing require to html sanitizer
This ensures that the protocol does not get carried over when there are two or more requests in functional tests. This was a problem when e.g. the first request was HTTP and the second request was HTTPS. Closes #2654. Signed-off-by: Andrew White <firstname.lastname@example.org> (cherry picked from commit 68a13ed)
(cherry picked from commit 14cf4b2)
ActionController::Redirecting : fix docs typo
actionpack/lib/action_controller/base.rb: docs typo
Minor edit in the params wrapper api docs
XSS attacks. Thanks Sascha Depold for the report.
…ns that it doesn't force Action Controller / Active Record to load, but it doesn't fail if they have already loaded. Thanks @josevalim for the hint.
…zer - use config object instead. Cuts about 15% off the load time. (#734)
set a particular value for it. This allows servers to set it through X-Sendfile-Type, read https://github.com/rack/rack/blob/master/lib/rack/sendfile.rb for more info. Anyways you can force this value in your production.rb
…h English to American English(according to Weber) Conflicts: actionpack/lib/action_controller/metal/request_forgery_protection.rb railties/lib/rails/engine.rb
Needed to move AC::Metal::Instrumentation before AM::Metal::Rescue so that status codes rendered from rescue_from blocks are logged properly.
This is because only template rendering works with streaming. Setting it at the class level was also changing the behavior of JSON and XML responses, closes #1337.
This makes "sprockets/railtie" explicit. This means that sprockets will be loaded when you require "rails/all". If you are not using requiring "rails/all", you need to manually load it with all other framework railties. In order to be complete, this commit also adds --skip-sprockets to the rails generator.
…e no controller object It would raise undefined method controller_name for nil
Fixed while traveling to heuruko