Permalink
Commits on May 4, 2018
  1. v3.1.0

    dgalarza committed May 4, 2018
  2. Test against Rails 5.2

    dgalarza committed May 4, 2018
    Updates controller specs to use `be_successful` as opposed to
    `be_success` to do deprecation of `be_success`
  3. Update copyright

    dgalarza committed May 4, 2018
  4. Update rails-html-sanitizer

    dgalarza committed May 4, 2018
    CVE-2018-3741
  5. Rework PageFinder restrictions

    jonathanhefner authored and dgalarza committed May 28, 2016
    The idea behind this rework is that PageFinder should reject a page_id
    if and only if it does not resolve to a sub-path of content_path.  This
    changes the previous behavior in the following ways:
    
    * non-ASCII characters are now allowed (e.g. "résumé" => "pages/résumé")
    
    * page_ids with leading dots are now explicitly allowed (e.g.
      ".gitconfig" => "pages/.gitconfig") [NOTE: this could already be
      hacked into working with e.g. "_/../.file" => "pages/.file" or
      "subdir/.file" => "pages/subdir/.file"]
    
    * page_ids which resolve to outside the content_path immediately error,
      instead of coercing to a sub-path (e.g. "../secret" => error, instead
      of "../secret" => "pages/secret")
    
    * the trailing slash on content_path is now optional (previously,
      forgetting the trailing slash resulted in a confusing 404)
    
    This rework also removes (obsoletes?) a subtle bug in the page_id
    character whitelist wherein "+-=" was interpreted as ("+".."=") instead
    of ["+", "-", "="].  Ironically, this bug is what allowed nested paths
    in page_ids to work at all.
Commits on Apr 6, 2018
  1. Remove unsupported versions of Rails from testing

    dgalarza committed Apr 6, 2018
    Rails is only supporting down to version 4.2 for severe security issues.
    This removes versions 4.0 and 4.1 from the testing matrix, helping
    simplify things a bit.
    
    http://guides.rubyonrails.org/maintenance_policy.html
  2. Valid pages should include anything Rails handles

    dgalarza committed Apr 6, 2018
    Instead of requiring an extension like `.html.haml`, allow `.haml`. Look
    up what handlers exist within the application using
    `ActionView::template.template_handler_extensions`.
  3. Merge pull request #262 from nicolasleger/patch-2

    dgalarza committed Apr 6, 2018
    [CI] Test against Ruby 2.5
Commits on Feb 23, 2018
  1. [CI] Test against Ruby 2.5

    nicolasleger committed Feb 23, 2018
Commits on Dec 15, 2017
Commits on Jun 21, 2017
  1. Test against Ruby 2.4

    dgalarza committed Jun 21, 2017
  2. Test against Rails 5.1.x

    dgalarza committed Jun 20, 2017
    Removes `headers` call in HTTPMethodShim since it is not supported as a
    keyword argument anymore. We weren't making use of it as it is.
Commits on Jun 20, 2017
  1. Utilize Rails view lookup paths to find templates

    dgalarza committed Jun 19, 2017
    In the root_route constraint, make use of the Rails view context lookup
    in order to determine if a given template exists or not. This leaves us
    with not having to deal with manually looking files up in the view
    structure since Rails is good at this already.
    
    Doing this allows us to resolve 241 and 247
Commits on Jun 19, 2017
  1. Update copyright

    dgalarza committed Jun 19, 2017
  2. Update Travis status badge

    dgalarza committed Jun 19, 2017
  3. Add some feature specs for HighVoltage

    dgalarza committed Jun 19, 2017
    This will be helpful for testing in PR #245
    
    * Add Capybara gem as development dependency
    * Upgrade rspec_rails
  4. Merge pull request #251 from maecapozzi/patch-1

    dgalarza committed Jun 19, 2017
    Update README.md to provide clarity.
Commits on May 10, 2017
  1. Update README.md to provide clarity.

    maecapozzi committed May 10, 2017
    My suggestion is to clarify that there are two ways to install High Voltage, either by directly including the gem in your Gemfile, or by running `gem install high_voltage`.
Commits on Mar 24, 2017
  1. Ensure Rails 5 specs are running on travis

    dgalarza committed Mar 17, 2017
    * Remove missing_template_error shim
    
      It appears that Rails 5 moved back to raising an
      ActionView::MissingTemplate error since the beta version we were testing
      against. Since travis wasn't properly configured to test against Rails
      5, this wasn't caught during the transition.
    
    * Exclude Rails 5 testing from ruby 2.0 and 2.1
Commits on Mar 17, 2017
  1. Merge pull request #244 from jorinvo/patch-1

    dgalarza committed Mar 17, 2017
    Little typo
Commits on Mar 10, 2017
  1. Update thoughtbot logo

    tysongach committed Mar 10, 2017
Commits on Dec 9, 2016
  1. little typo

    jorinvo committed Dec 9, 2016
    And thanks for sharing so much open source work :)
Commits on Dec 5, 2016
  1. Merge pull request #243 from jjb/patch-1

    dgalarza committed Dec 5, 2016
    switch erb tag to non-output variety
  2. Test against Rails 5 release instead of Beta

    dgalarza committed Jul 1, 2016
    Rails 5 raises a `ActionView::Template::Error` instead of
    `ActionView::MissingTemplate` when a partial is missing now. This adds a
    shim to handle the difference in testing across different versions of
    Rails.
Commits on Oct 12, 2016
  1. switch erb tag to non-output variety

    jjb committed Oct 12, 2016
Commits on Apr 15, 2016
  1. v3.0.0

    dgalarza committed Apr 15, 2016
  2. Merge pull request #232 from cattekin/master

    dgalarza committed Apr 15, 2016
    Handle URL with explicit .html format on root routes
  3. Merge pull request #228 from piratebroadcast/patch-1

    dgalarza committed Apr 15, 2016
    Update readme.md
Commits on Mar 22, 2016
  1. Handle .html extensions on Root Routes Constraints

    cattekin committed Mar 22, 2016
    When using root route constraints, requesting an existing static page
    with an explicit format will raise a routing error.
    
    This patch updates the root routes matcher to return correctly when the
    path ends with .html,
    and adds tests to ensure the right filename is being checked for .
Commits on Mar 11, 2016
  1. Test against Rails 5

    dgalarza committed Mar 4, 2016
    Heavily inspired by derekprior's work on testing Clearance against Rails 5.
    This will pave the way to releasing HighVoltage 3.0 which removes
    caching support but provides Rails 5 support.
Commits on Feb 12, 2016
  1. Update readme.md

    piratebroadcast committed Feb 12, 2016
    Added rails tags to link_to helper