Skip to content
This repository
  • 987 commits
  • 301 files changed
  • 19 comments
  • 58 contributors
This comparison is big! We're only showing the most recent 250 commits
Nov 20, 2010
José Valim Ensure calling reset session twice does not raise errors. 6b00e8e
José Valim Ensure session responds to destroy before calling it. 6e1410d
Nov 21, 2010
Zheng Jia Minor fix on Rails:Railtie documentation 55759a6
Jaime Iniesta i18n guide: it's activerecord.errors.messages.record_invalid (instead…
… of 'invalid'), and messagges typo
eec0a78
Jaime Iniesta i18n guide: remove link to external page about 'How to encode the cur…
…rent locale in the URL' as it no longer exists
c0e7b7a
Jaime Iniesta i18n guide: this is not longer a problem ff69c80
Neeraj Singh unscoped takes care of named_scopes too a1786cf
Léo Hackin Fix code for customize the error messages html adding a .html_safe of…
… 8.3 section
be05561
Jaime Iniesta i18n guide: fix external link to rack locale ebac0f4
Pablo Torrecilla Spelling mistake: "Projecto" instead of "projeto" 1e1711c
Jamison Dance fix some grammar issues with section 2.5 255e47d
Xavier Noria copy-edits d773ef8 d2f3ef1
Neeraj Singh use_accept_header is no longer supported 27f43cc
Xavier Noria Spanish for "project" is "proyecto" 3565a2a
Xavier Noria documents <%== in the AS guide 28a0ee0
Nov 23, 2010
Brian Alexander Previous version inaccurately suggested that
resources :posts, :path => "/admin"

would route "/admin/posts" to the PostsController but it actually routed "/admin" to the PostsController
58eaceb
David N. Welton Slightly more natural sounding phrase. 45aca62
David N. Welton Explain that NamedBase makes the variable 'name' available to the scr…
…ipt.
539e46d
Neeraj Singh Revert "unscoped takes care of named_scopes too"
This reverts commit 126fbd7.
30b3a14
Ray Baxter fix typo 9332d2e
Jaime Iniesta i18n guide: fix RedCloth artifacts that were rendering bad format and…
… broken links on 2.3 warnings
25467be
Sven Fuchs Allow registering javascript/stylesheet_expansions to existing symbols 55b13c5
Nov 24, 2010
Neeraj Singh If a nested_attribute is being marked for destruction and at the same…
… time an attr_accessor value is being assigned then the value being assigned is being ignored. This patch is a fix for that issue.

[#5939 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
1e2981f
Neeraj Singh If a user wants json output then try best to render json output. In s…
…uch cases prefer kind_of(String) over respond_to?(to_str)

[#5841 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
4e2a981
James Tucker Don't depend on rubygems loading thread (for Mutex) 08e9d0d
Nov 25, 2010
José Valim Dynamically generaeted helpers on collection should not clobber resou…
…rces url helper [#6028 state:resolved]
7e903a3
Nov 26, 2010
José Valim Only convert direct hash instances in hash with indifferent access. 6e66d61
David Heinemeier Hansson Merge branch '3-0-stable' of github.com:rails/rails into 3-0-stable b7b28d5
Nov 27, 2010
Ryan Bigg Fix formatting issue with rake routes output for the namespace method 9f795e1
Ryan Bigg Remove non-sensical first couple of lines for scope method documentation 0f63a8a
Ryan Bigg Add :module option documentation for the resources method 2b13f84
Ryan Bigg Document the :path option for resources :posts 38246b3
Ryan Bigg Add mention of nested resource to resources documentation 0fcd39a
Cheah Chu Yeow Fix missing word in ActionMailer::Base documentation. 86dba29
Ryan Bigg There is no more routes_configuration_file method. d16067d
Ryan Bigg Don't mention Rails 2.3, given that this is supposed to be a guide fo…
…r Rails *3*.
bc3d77b
Ryan Bigg Mention what cache_classes defaults to in all three default environments 592c7ae
Ryan Bigg There is no controller_paths method in Rails 3 b1f3577
Ryan Bigg There is no database_configuration_file method in Rails 3 6ee6bad
Ryan Bigg load_once_paths is now autoload_paths in Rails 3 9815690
Ryan Bigg There is no plugin_loader config option in Rails 3 555b184
Ryan Bigg There is no plugin_locators config option in Rails 3 f74d7e8
Ryan Bigg There is no plugin_paths config option in Rails 3 d626e13
Ryan Bigg There is no root_path config option in Rails 3 f0cc3a1
Ryan Bigg There is no view_path config option in Rails 3 c6eae7a
Ryan Bigg There is no config.action_controller.params_parser method for Rails 3…
…. This is now handled by the ActionDispatch::ParamsParser middleware.
caca1a5
Ryan Bigg Separate Action Dispatch and Action Pack sections in Configuration Gu…
…ide.
c657649
Ryan Bigg There is no config.action_view.warn_cache_misses method for Rails 3 a6a50c2
Ryan Bigg There is no config.action_mailer.template_root method for Rails 3 723d3e2
Ryan Bigg Update ActionMailer documentation to not use deprecated template_root…
… method as documentation, but rather raise_delivery_errors method
1b80352
Ryan Bigg There is no config.action_mailer.default_charset method for Rails 3 536bbf9
Ryan Bigg There is no config.action_mailer.default_content_type method for Rails 3 5483b35
Ryan Bigg Mention the default config.action_mailer.default options in Configura…
…tion guide
de34a4d
Ryan Bigg There is no config.action_mailer.default_implicit_parts_order method …
…for Rails 3
29a2e61
Ryan Bigg There is no RAILS_GEM_VERSION environment variable or constant for Ra…
…ils 3, since this is now managed by Bundler
7a334b3
Ryan Bigg Update Changelog for configuring guide 5b5d3e5
Ryan Bigg root_path is now simply root in Rails 3 78d782f
Ryan Bigg There is no more load_application_initializers in Rails 3 fb661f3
Ryan Bigg Add mention of after_initialize to the config guide a571d4b
Ryan Bigg Added documentation for config.generators to the config guide 550ac57
Aditya Sanghi Resolving LH #5986, cookies doc updates abe28bf
Andrés Mejía Added missing word. ab42529
Andrés Mejía Mentioning catch with Bundler remembering options between different c…
…alls
a82c272
Ryan Bigg Add mention of config.serve_static_assets to config guide 9c6afa7
Ryan Bigg Add explicit statement that verify_authenticity_token can be turned o…
…ff for actions.
2c4bab6
Ryan Bigg Add "Configuring Middleware" section to config guide, starting with m…
…entioning what every bit of middleware does.
62164e0
Ryan Bigg Add methods for configuring middleware to config guide 2d8c104
Mikel Lindsaar Application templates should work with HTTPS too eb27d80
Nov 28, 2010
Santiago Pastorino Fix test 2f09a5a
Santiago Pastorino Fix another error in tests 5c21c1c
Santiago Pastorino Revert f1c13b0 75015d1
Nov 29, 2010
John Hawthorn test case on has_one :through after a destroy
[#6037 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
52e854e
Dec 01, 2010
Thilo Utke ActiveModel::Errors.to_hash returns plain OrderedHash and used in to_…
…json serialization to properly handle multiple errors per attribute

Signed-off-by: José Valim <jose.valim@gmail.com>
d321e78
Aaron Patterson avoid deprecated methods a5e7d9f
Dec 02, 2010
Michael Koziarski Work around a strange piece of Syck behaviour where it checks Model#r…
…espond_to? before initializing the object.

Things like YAML.load(YAML.dump(@post)) won't work without this.
9381eb3
Aaron Patterson fixing space errors c42a7c6
Aaron Patterson adding a test for YAML round trip 873616c
Dec 05, 2010
Explain actionamailer authentication types 4808875
kotfu Fixed typo in code for Session Expiry 6f6a24e
Greg Jastrab fixed example code for i18n exception handling 6f32809
Moved to github.com/slant Corrected typo and wording. 1c6effc
Aditya Sanghi Resolves LH #6063, should be :expires_in not :expire_in b05b8d9
Aditya Sanghi grammar fix c793baa
Akira Matsuda Added a space before "do" keyword 7da5f75
Akira Matsuda s/myqsl/mysql/ 97e8bf6
Neeraj Singh make it clear that recompilation happens only in
development mode
8ff7cd9
Ryan Bigg Mention filter_parameters for config 27ce3e2
Ryan Bigg Add documentation for secret_token to config guide cbe64d0
Ryan Bigg allow_concurrency is a "global" configuration option in Rails 3 a99dc08
Ryan Bigg Mention threadsafe! method in config guide 08f6b4e
Ryan Bigg Change coloriz_logging description to follow the standard for this guide cbea902
Ryan Bigg Move consider_all_requests_local to global config methods in config g…
…uide
5969a84
Ryan Bigg Move threadsafe warning to threadsafe's new location in config guide 9dc463b
Ryan Bigg Mention controller_paths in the config guide 95ac8b0
Ryan Bigg No more app_generators method in 3.1 ebc52a8
Ryan Bigg Add asset_host and asset_path to the configuring guide 195d0b7
Ryan Bigg Mention encoding in config guide 78b480c
Ryan Bigg Add mention of helper_paths to config guide 730480a
Ryan Bigg Reorder logger and middleware global config options b6bcfcb
Ryan Bigg asset_host and asset_path are now set at the global level a416766
Ryan Bigg Fix documentation regarding the initialization events of the Rails stack 04507ac
Ryan Bigg Use ARel for Range Conditions section, remove Date & Time section bec…
…ause users should *never* do that.
00fb5dc
Ryan Bigg Bring order description in line with actual text. abc7e38
Ryan Bigg re-add config.action_controller.asset_host and asset_path to config g…
…uide
7d334c4
Ryan Bigg Add documentation for page_cache_directory and page_cache_extension t…
…o config guide
36fd1a9
Ryan Bigg Add perform_caching to config guide 554e89f
Neeraj Singh Rewording existing comment e6f2ef3
Neeraj Singh Add comment for config_accessor method 30d7a71
Neeraj Singh Rewording existing comment 2b26ba6
Ryan Bigg Mention that the documentation of create_file can be found on rdoc.in…
…fo ino the generators guide
198c126
Ryan Bigg Begin covering application templates in the generators guide 40f7246
Ryan Bigg Covering generator methods provided by Rails in the generators guide feab0b8
Ryan Bigg For templates' gem method, :env is deprecated, use :group instead 4548c84
Ryan Bigg Add gem method documentation to the generators guide 9177e93
Ryan Bigg Finish documenting generator / template methods for the generators guide a86be8c
Ryan Bigg Add missing colons on the end of before_initialize and after_initiali…
…ze documentation in configuring guide
741f7b5
Ryan Bigg Add mention of config.to_prepare in configuring guide 350818f
Ryan Bigg Config guide: Rails has *5* initialization events ceb650a
Ryan Bigg Configuring guide: Adding mention of the initializer method. f7c85da
Ryan Bigg Move Rails Environment settings to above the initialization events in…
… the config guide
b181968
Ryan Bigg Config guide: separate the initialization events and initializer meth…
…od documentation
e523adb
Ryan Bigg Config guide: Add config.active_support.bare 4e2f947
Ryan Bigg Clarify that preload_frameworks defaults to nil f02c89f
Ryan Bigg Config guide: clarify what cache_store defaults to. c3e8bf0
Ryan Bigg Config guide: Mention ActionDispatch::Callbacks methods: before, to_p…
…repare and after
7174f14
Ryan Bigg Remove extra f 2021596
Ryan Bigg Config guide: add tld_length to ActionDispatch section 488992f
Ryan Bigg Config guide: Add cache_asset_ids 1a7958d
Ryan Bigg Config guide: should use config.action_dispatch.tld_length to set the…
… TLD
f0d893d
Ryan Bigg Config guide: Add javascript_expansions and stylesheet_expansions 85ced0f
Ryan Bigg Config guide: begin documenting the initializers 2484b7e
Ryan Bigg Config guide: continuing work on documenting the initializers 13a7302
Dec 08, 2010
Neeraj Singh Add to documentation that action caching does
handle HTTP_ACCEPT attribute properly and might
provide wrong result. Use params[:format] to
avoid this issue.
ee6b45a
Xavier Noria makes a pass to the action caching rdoc 75faf54
Aditya Sanghi Ensure that boolean false is properly serialized [#6079 state:resolved] 97e9d88
Dec 09, 2010
Michael Dvorkin Take into account current time zone when serializing datetime values [#…
…6096 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
6dcde27
Neeraj Singh Ensure that while caching a page rails takes into
account the resolved mime type for the request

This is a port of fix on master to 3-0-stable

Signed-off-by: José Valim <jose.valim@gmail.com>
890d005
Neeraj Singh Do not send id for quoting twice if the primary key is string.
[#6022 state:resolved]
d67464a
Aaron Patterson just wrap as a sql literal 60744d2
Simplifies observer implementation [#6065 state:resolved] 61f2d52
Matthew Rudy Jacobs Fix Bug: disable_referential_integrity doesn't work for postgres 9.0.1 f33968a
Matthew Rudy Jacobs Cleaner way to extract the Postgres version d2003a2
Dec 11, 2010
Michael Cetrulo typo b4b6ffe
Vijay Dev fixed typo in test method name ab88074
Lucas Caton Fix link on generations' page 6103f8f
Ivan Evtuhovich Fix doc about nested transaction rollback
Because AR::Rollback do not reraise and inner transaction is not "real"
nothing rollback at all
3a62526
Ryan Bigg Config guide: eager_load_paths by default contains every directory in…
… the app directory
9d93358
Ryan Bigg Config guide: add session store config option 92668f6
Ryan Bigg Config guide: add further initializers f0029d0
Ryan Bigg Config guide: Space out initialization events to improve readability 85a940f
Ryan Bigg Add note which links to documentation regarding the types of columns …
…available.
72476b6
Ryan Bigg Config guide: Use bold titles for initializers instead of headings. 8aec8b8
Ryan Bigg Move ActiveModel::Lint::Tests documentation to be above module declar…
…ation so it appears in the API docs for this module.
44f3380
Ryan Bigg mapper.rb: add "options" to make the default-to-namespace-name line r…
…ead better
eb683d7
Ryan Bigg indent code samples for mount doc d3d23e2
Ryan Bigg root route should go at the *top* of the routes file, because it is t…
…he most popular route and should be matched first
d575229
Ryan Bigg root method options are the same as the match method 55a232a
Ryan Bigg Action Controller Overview: Remove dead link to the API docs for filters 6276334
Vijay Dev fixed typos and rephrased few sentences in routing 51202a1
Xavier Noria testing guide: revises explanation of the test macro 01c76d5
Xavier Noria spaces with underscores, I mean 37b9d02
Xavier Noria reviews commit 53bbbcc 9254750
Dec 15, 2010
Ryan Bigg Provide an example for ActionDispatch::Routing::Mapper#scope f5c15a4
paulodeon Updated generator guide for rails commit 7891de8 ee9fea6
Vijay Dev fixed typos and rephrased a few sentences; also removed reference to …
…status codes being located in action_controller/status_codes.rb
8000719
Vijay Dev fixed typos in mailer f840d5c
Ryan Bigg Remove nodoc from FormBuilder because the methods inside are public A…
…PI methods
7e0cc43
Ryan Bigg Fix indentation on the namespace method's documentation 6bf482e
umar for the root route to work, we need to delete the public/index.html.erb
file as well
8fdf531
Ben Mills Added :placeholder option to ActionView::Helpers::FormTagHelper text_…
…field_tag
becb008
Elben Shira It should be ActiveModel::Validator, not ActiveRecord::Validator. 463522a
Ryan Bigg Active Support coreext guide: Logger core extension documentation 3392b56
Aditya Sanghi eternal confusion! fixed doco to inform correctly dfecb3f
Vijay Dev filter_parameter_logging is deprecated in Rails 3. Changed it to conf…
…ig.filter_parameters
34ed401
Vijay Dev fixed font 0a42961
Vijay Dev fixed link to ruby-prof acd716b
Dec 17, 2010
Piotr Sarnacki Allow to use BUNDLE_GEMFILE env variable in boot.rb [#6184 state:reso…
…lved]
d1b4f3b
Piotr Sarnacki Use require 'bundler/setup' instead of directly calling Bundler.setup…
… in config/boot.rb
0646c70
Dec 18, 2010
Don Wilson Fixed number_with_precision rounding error [#6182 state:resolved] 177749b
Piotr Sarnacki Use gemspec instead of gem rails in Gemfile f2fc81f
David Heinemeier Hansson Merge branch '3-0-stable' of github.com:rails/rails into 3-0-stable c09c8be
Dec 22, 2010
Piotr Sarnacki Fix activesupport tests. These classes are not used anywhere d4cf636
John Paul Ashenfelter Added a word boundary to uncountable inflection regex for #singulariz…
…e so short inflections like ors do not affect larger words like sponsors [#6093 state:resolved]
cad4f00
Piotr Sarnacki Ensure that uncountable are removed after test 725817e
Santiago Pastorino Avoid Bundler Resolver bug until they solve the issue 053031b
Santiago Pastorino This can make make included javascripts/stylesheets from expansions t…
…o be duplicated

or grow forever if you call register_*_expansion more than once

Fix a Regression introduced here 55b13c5
70dba74
Dec 23, 2010
Xavier Noria API guidelines: RDoc markup documentation has been moved in RDoc 3 bbb2252
Jon Leighton Test to verify that #2189 (count with has_many :through and a named_s…
…cope) is fixed [#2189 state:resolved]
90f55bd
Jon Leighton Fix problem where wrong keys are used in JoinAssociation when an asso…
…ciation goes :through a belongs_to [#2801 state:resolved]
e4b3842
Dec 28, 2010
Xavier Noria complete revision of the Contributing to Ruby on Rails guide
* adds instructions for PostgreSQL
* adds references to mysql2 here and there
* puts documentation contributions on par with code contributions
* adds a section about Rails Contributors
* documents C dependencies for Nokogiri and the database libs
* everything double-checked and revised step by step
* adds a section about warnings in the test suite
* removes section about the Rails wiki
* title and filename renamed
* overall rewording
3b35ff4
Dec 29, 2010
Pratik Make serialized fixtures work again
Conflicts:

	activerecord/lib/active_record/connection_adapters/abstract/quoting.rb
	activerecord/test/cases/base_test.rb
	activerecord/test/cases/quoting_test.rb
b5dc2a2
Xavier Noria since a lot of people use Ubuntu, document specific aptitude calls fo…
…r some C dependencies in the contrib guide
b9dd3f9
Xavier Noria renames the contrib guide in the index a2ddf5a
Nick Sutterer process_action accepts multiple args, even with Callbacks. 8d1a318
Dec 30, 2010
Xavier Noria contrib_guide.gsub!("aptitude", "apt-get")
It turns out aptitude has been removed from Ubuntu 10.10
and while you can manually install it, apt-get is the
blessed package manager. Google for "aptitude removed
from Ubuntu" for more details. Thanks to Rafael Mendonça
França for pointing this out.
1a26036
Pratik Make sure Model#touch doesn't try to update non existing columns a49a84f
Jan 01, 2011
Prem Sichanugrist Make sure that generator's default banner is showing its namespace
This will make `rails g rspec:install --help` shows "rails generate rspec:install [options]" and not "rails generate install  [options]"
6ae9e9b
Jan 04, 2011
Added one more failing test for bug #6036 af2999d
Use id instead of quoted_id to prevent double quoting. Fixes failing …
…test for bug #6036.
e95b5b3
Pratik Bump rack-test version b7bb795
Jan 05, 2011
fix difference between behaviour of blank and empty
Signed-off-by: José Valim <jose.valim@gmail.com>
05da752
Jan 09, 2011
Larry Sprock Backport tests for subclassed arrays 9bc338e
John Allison Improve select helpers by allowing a selected value of false. This is…
… useful when using a select helper with a boolean attribute, and the attribute is false. (e.g. f.select :allow_comments)
9ab3ceb
bluetrans-deploy use Object#class instead of Object#type 9933859
Мар'ян Крекотень (Marjan Krekoteń) Refactor to handle the X-Cascade without having to raise an exception 117cad8
Jan 10, 2011
bluetrans-deploy primary_key is returned as either string or symbol, in columns loop m…
…ap everything to string
2deaa25
Aaron Patterson calculate to_s on the primary key once 09f3736
Aaron Patterson use SQLite3::VERSION rather than the deprecated class b7e5a64
Raimonds Simanovskis Always return decimal average of integer fields
In previous version if database adapter (e.g. SQLite and Oracle) returned non-String calculated values then type_cast_using_column converted decimal average value of intefer field to integer value. Now operation parameter is always checked to decide which conversion of calculated value should be done.
e1a064a
Aaron Patterson adding to_d to BigDecimal 2cb497b
Jan 11, 2011
Ernie Miller Fix polymorphic belongs_to associationproxy raising errors when loadi…
…ng target.
97eddc0
Jan 12, 2011
Santiago Pastorino CI should run isolated tests 3b9e72b
Santiago Pastorino Allow view in AV::TestCase to access it's controller helpers methods 3f247cb
Josh Kalderimis In AS, only inflector/methods is need in proxy_wrappers.rb, as well a…
…s date, date_time, and time conversions.rb. This fixes an issue when requiring json and AS saying that i18n is also required.

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
c6d5414
Josh Kalderimis Fixed various isolated test missing requires within AS.
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
35d5b64
Aaron Patterson sorry, the CI cannot lie to us anymore 4781673
Aaron Patterson reraising should be in the rescue block 20062e7
Aaron Patterson use raise to create exceptions and to set the backtrace 8874733
Aaron Patterson remove locales external to the system before assertion 58f90b2
Santiago Pastorino Reuse the view_context from the controller, this make the test enviro…
…nment more similar to the code applications uses
acecf00
Xavier Noria upgrades RDoc and horo dependencies
RDoc 2.x was missing some stuff, let's align this with master
5de1314
Santiago Pastorino Allow generators nested in more than one level 3667438
Aaron Patterson include_in_memory? should check against @target list in case of new r…
…ecords. [#6257 state:resolved]
10fa49b
Jan 13, 2011
Santiago Pastorino Add missing require 0f5e815
Santiago Pastorino One more missing require f4dcf19
Santiago Pastorino sorry, the CI cannot lie to us anymore (Part II) 460f173
Jan 16, 2011
Aaron Patterson updating sqlite3-ruby => sqlite3 9d87f41
Jon Leighton Added deprecation warning for has_and_belongs_to_many associations wh…
…ere the join table has additional attributes other than the keys. Access to these attributes is removed in 3.1. Please use has_many :through instead.
bcbff10
Jan 17, 2011
Aaron Patterson minitest added @__io__, so we should ignore it too a58670b
Jan 18, 2011
Michael Koziarski Use the derived request_method from AD::Request rather than the raw R…
…EQUEST_METHOD from rack.

This takes _method into account so the log shows the method which ActionController sees.
64c1cb3
Aaron Patterson Changing sqlite3-ruby to sqlite3. backporting 8f88a28 to 3-0-stable. 97d4766
Jan 19, 2011
Jamis Buck make TestCaseTest work for pre-1.9 rubies, too fd19ade
Jamis Buck scrub instance variables from test cases on teardown
this prevents test state from accumulating, resulting in leaked
objects and slow tests due to overactive GC.
1e98920
Jamis Buck rein in GC during tests by making them run (at most) once per second
this can provide a significant performance boost during testing, by
preventing the GC from running too frequently.
35984f5
Added a testcase for bug [#5329]
Signed-off-by: José Valim <jose.valim@gmail.com>
b4bc49c
José Valim Solve SystemStackError when changing locale inside ActionMailer [#5329
…state:resolved]
46b23f8
Jamis Buck Revert "rein in GC during tests by making them run (at most) once per…
… second"

This reverts commit 35984f5.
039b807
Jamis Buck Revert "scrub instance variables from test cases on teardown"
This reverts commit 1e98920.
e5664b5
Jamis Buck Revert "make TestCaseTest work for pre-1.9 rubies, too"
This reverts commit fd19ade.
683cb50
Jan 24, 2011
Aaron Patterson Merge remote branch 'jonleighton/deprecate_habtm_attributes-3-0-stabl…
…e' into 3-0-stable

* jonleighton/deprecate_habtm_attributes-3-0-stable:
  Added deprecation warning for has_and_belongs_to_many associations where the join table has additional attributes other than the keys. Access to these attributes is removed in 3.1. Please use has_many :through instead.
f420c2e
Jan 28, 2011
Santiago Pastorino Bump mail version up 5f509c2
Jan 30, 2011
Mikel Lindsaar Fix gitignore to ignore tmp/ correctly, credit telemachus 54e72a5
Jan 31, 2011
Michael Koziarski Prepare for the 3.0.4 release 0cbf9b2
Feb 01, 2011
Michael Koziarski Be sure to javascript_escape the email address to prevent apostrophes…
… inadvertently causing javascript errors.

This fixes CVE-2011-0446
e3dd210
José Valim Ensure render is case sensitive even on systems with case-insensitive…
… filesystems.

This fixes CVE-2011-0449
6f80224
José Valim Use Mime::Type references. ad9d21d
Aaron Patterson limit() should sanitize limit values
This fixes CVE-2011-0448
354da43
Michael Koziarski Change the CSRF whitelisting to only apply to get requests
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:

 X-CSRF-Token: ...

This fixes CVE-2011-0447
66ce384
Michael Koziarski Make rails.js include the CSRF token in the X-CSRF-Token header with …
…every ajax request.
7b64ade
Feb 09, 2011
Michael Koziarski Prepare for the 3.0.4 release 1081ea6