16 KiB
Rails 5.1.7 (March 27, 2019)
- No changes.
Rails 5.1.6.2 (March 11, 2019)
- No changes.
Rails 5.1.6.1 (November 27, 2018)
- No changes.
Rails 5.1.6 (March 29, 2018)
-
Check exclude before flagging cookies as secure.
Catherine Khuu
Rails 5.1.5 (February 14, 2018)
-
Fix optimized url helpers when using relative url root
Fixes #31220.
Andrew White
-
Ensure dev and prod puma configs do not clobber
ActionDispatch::SystemTesting
defaults. Adds workers: 0 and daemon: falseMax Schwenk
Rails 5.1.4 (September 07, 2017)
-
Make
take_failed_screenshot
work within engine.Fixes #30405.
Yuji Yaginuma
Rails 5.1.4.rc1 (August 24, 2017)
- No changes.
Rails 5.1.3 (August 03, 2017)
- No changes.
Rails 5.1.3.rc3 (July 31, 2017)
- No changes.
Rails 5.1.3.rc2 (July 25, 2017)
- No changes.
Rails 5.1.3.rc1 (July 19, 2017)
- No changes.
Rails 5.1.2 (June 26, 2017)
-
Fallback
ActionController::Parameters#to_s
toHash#to_s
.Kir Shatrov
-
driven_by
now registers poltergeist and capybara-webkitIf driver poltergeist or capybara-webkit is set for System Tests,
driven_by
will register the driver and set additional options passed via:options
param.Refer to drivers documentation to learn what options can be passed.
Mario Chavez
Rails 5.1.1 (May 12, 2017)
- No changes.
Rails 5.1.0 (April 27, 2017)
-
Raise exception when calling
to_h
andto_hash
in an unpermitted Parameters.Before we returned either an empty hash or only the always permitted parameters (
:controller
and:action
by default).The previous behavior was dangerous because in order to get the attributes users usually fallback to use
to_unsafe_h that
could potentially introduce security issues.Rafael Mendonça França
-
Deprecate
config.action_controller.raise_on_unfiltered_parameters
.This option has no effect in Rails 5.1.
Rafael Mendonça França
-
Use more specific check for :format in route path
The current check for whether to add an optional format to the path is very lax and will match things like
:format_id
where there are nested resources, e.g:resources :formats do resources :items end
Fix this by using a more restrictive regex pattern that looks for the patterns
(.:format)
,.:format
or/
at the end of the path. Note that we need to allow for multiple closing parenthesis since the route may be of this form:get "/books(/:action(.:format))", controller: "books"
This probably isn't what's intended since it means that the default index action route doesn't support a format but we have a test for it so we need to allow it.
Fixes #28517.
Andrew White
-
Add
action_controller_api
andaction_controller_base
load hooks to be called inActiveSupport.on_load
ActionController::Base
andActionController::API
have differing implementations. This means that the one umbrella hookaction_controller
is not able to address certain situations where a method may not exist in a certain implementation.This is fixed by adding two new hooks so you can target
ActionController::Base
vsActionController::API
Fixes #27013.
Julian Nadeau
-
Don't include default headers in
ActionController::Metal
responsesThe commit e16afe6 introduced an unintentional change of behavior where the default headers were included in responses from
ActionController::Metal
based controllers. This is now reverted to the previous behavior of having no default headers.Fixes #25820.
Jon Moss
-
Fix
NameError
raised inActionController::Renderer#with_defaults
Hiroyuki Ishii
-
Added
#reverse_merge
and#reverse_merge!
methods toActionController::Parameters
Edouard Chin, Mitsutaka Mimura
-
Fix malformed URLS when using
ApplicationController.renderer
The Rack environment variable
rack.url_scheme
was not being set soscheme
was returningnil
. This caused URLs to be malformed with the default settings. Fix this by settingrack.url_scheme
when the environment is normalized.Fixes #28151.
George Vrettos
-
Commit flash changes when using a redirect route.
Fixes #27992.
Andrew White
-
Prefer
remove_method
overundef_method
when reloading routesWhen
undef_method
is used it prevents access to other implementations of that url helper in the ancestor chain so useremove_method
instead to restore access.Andrew White
-
Add the
resolve
method to the routing DSLThis new method allows customization of the polymorphic mapping of models:
resource :basket resolve("Basket") { [:basket] }
<%= form_for @basket do |form| %> <!-- basket form --> <% end %>
This generates the correct singular URL for the form instead of the default resources member url, e.g.
/basket
vs./basket/:id
.Fixes #1769.
Andrew White
-
Add the
direct
method to the routing DSLThis new method allows creation of custom url helpers, e.g:
direct(:apple) { "http://www.apple.com" } >> apple_url => "http://www.apple.com"
This has the advantage of being available everywhere url helpers are available unlike custom url helpers defined in helper modules, etc.
Andrew White
-
Add
ActionDispatch::SystemTestCase
to Action PackAdds Capybara integration directly into Rails through Action Pack!
See PR #26703
Eileen M. Uchitelle
-
Remove deprecated
.to_prepare
,.to_cleanup
,.prepare!
and.cleanup!
fromActionDispatch::Reloader
.Rafael Mendonça França
-
Remove deprecated
ActionDispatch::Callbacks.to_prepare
andActionDispatch::Callbacks.to_cleanup
.Rafael Mendonça França
-
Remove deprecated
ActionController::Metal.call
.Rafael Mendonça França
-
Remove deprecated
ActionController::Metal#env
.Rafael Mendonça França
-
Make
with_routing
test helper work when testing controllers inheriting fromActionController::API
Julia López
-
Use accept header in integration tests with
as: :json
Instead of appending the
format
to the request path, Rails will figure out the format from the header instead.This allows devs to use
:as
on routes that don't have a format.Fixes #27144.
Kasper Timm Hansen
-
Reset a new session directly after its creation in
ActionDispatch::IntegrationTest#open_session
.Fixes #22742.
Tawan Sierek
-
Fixes incorrect output from
rails routes
when using singular resources.Fixes #26606.
Erick Reyna
-
Fixes multiple calls to
logger.fatal
instead of a single call, for every line in an exception backtrace, when printing trace fromDebugExceptions
middleware.Fixes #26134.
Vipul A M
-
Add support for arbitrary hashes in strong parameters:
params.permit(preferences: {})
Xavier Noria
-
Add
ActionController::Parameters#merge!
, which behaves the same asHash#merge!
.Yuji Yaginuma
-
Allow keys not found in
RACK_KEY_TRANSLATION
for setting the environment when rendering arbitrary templates.Sammy Larbi
-
Remove deprecated support to non-keyword arguments in
ActionDispatch::IntegrationTest#process
,#get
,#post
,#patch
,#put
,#delete
, and#head
.Rafael Mendonça França
-
Remove deprecated
ActionDispatch::IntegrationTest#*_via_redirect
.Rafael Mendonça França
-
Remove deprecated
ActionDispatch::IntegrationTest#xml_http_request
.Rafael Mendonça França
-
Remove deprecated support for passing
:path
and route path as strings inActionDispatch::Routing::Mapper#match
.Rafael Mendonça França
-
Remove deprecated support for passing path as
nil
inActionDispatch::Routing::Mapper#match
.Rafael Mendonça França
-
Remove deprecated
cache_control
argument fromActionDispatch::Static#initialize
.Rafael Mendonça França
-
Remove deprecated support to passing strings or symbols to the middleware stack.
Rafael Mendonça França
-
Change HSTS subdomain to true.
Rafael Mendonça França
-
Remove deprecated
host
andport
ssl options.Rafael Mendonça França
-
Remove deprecated
const_error
argument inActionDispatch::Session::SessionRestoreError#initialize
.Rafael Mendonça França
-
Remove deprecated
#original_exception
inActionDispatch::Session::SessionRestoreError
.Rafael Mendonça França
-
Deprecate
ActionDispatch::ParamsParser::ParseError
in favor ofActionDispatch::Http::Parameters::ParseError
.Rafael Mendonça França
-
Remove deprecated
ActionDispatch::ParamsParser
.Rafael Mendonça França
-
Remove deprecated
original_exception
andmessage
arguments inActionDispatch::ParamsParser::ParseError#initialize
.Rafael Mendonça França
-
Remove deprecated
#original_exception
inActionDispatch::ParamsParser::ParseError
.Rafael Mendonça França
-
Remove deprecated access to mime types through constants.
Rafael Mendonça França
-
Remove deprecated support to non-keyword arguments in
ActionController::TestCase#process
,#get
,#post
,#patch
,#put
,#delete
, and#head
.Rafael Mendonça França
-
Remove deprecated
xml_http_request
andxhr
methods inActionController::TestCase
.Rafael Mendonça França
-
Remove deprecated methods in
ActionController::Parameters
.Rafael Mendonça França
-
Remove deprecated support to comparing a
ActionController::Parameters
with aHash
.Rafael Mendonça França
-
Remove deprecated support to
:text
inrender
.Rafael Mendonça França
-
Remove deprecated support to
:nothing
inrender
.Rafael Mendonça França
-
Remove deprecated support to
:back
inredirect_to
.Rafael Mendonça França
-
Remove deprecated support to passing status as option
head
.Rafael Mendonça França
-
Remove deprecated support to passing original exception to
ActionController::BadRequest
and theActionController::BadRequest#original_exception
method.Rafael Mendonça França
-
Remove deprecated methods
skip_action_callback
,skip_filter
,before_filter
,prepend_before_filter
,skip_before_filter
,append_before_filter
,around_filter
prepend_around_filter
,skip_around_filter
,append_around_filter
,after_filter
,prepend_after_filter
,skip_after_filter
andappend_after_filter
.Rafael Mendonça França
-
Show an "unmatched constraints" error when params fail to match constraints on a matched route, rather than a "missing keys" error.
Fixes #26470.
Chris Carter
-
Fix adding implicitly rendered template digests to ETags.
Fixes a case when modifying an implicitly rendered template for a controller action using
fresh_when
orstale?
would not result in a newETag
value.Javan Makhmali
-
Make
fixture_file_upload
work in integration tests.Yuji Yaginuma
-
Add
to_param
toActionController::Parameters
deprecations.In the future
ActionController::Parameters
are discouraged from being used in URLs without explicit whitelisting. Go throughto_h
to useto_param
.Kir Shatrov
-
Fix nested multiple roots
The PR #20940 enabled the use of multiple roots with different constraints at the top level but unfortunately didn't work when those roots were inside a namespace and also broke the use of root inside a namespace after a top level root was defined because the check for the existence of the named route used the global :root name and not the namespaced name.
This is fixed by using the name_for_action method to expand the :root name to the full namespaced name. We can pass nil for the second argument as we're not dealing with resource definitions so don't need to handle the cases for edit and new routes.
Fixes #26148.
Ryo Hashimoto, Andrew White
-
Include the content of the flash in the auto-generated etag. This solves the following problem:
- POST /messages
- redirect_to messages_url, notice: 'Message was created'
- GET /messages/1
- GET /messages
Step 4 would before still include the flash message, even though it's no longer relevant, because the etag cache was recorded with the flash in place and didn't change when it was gone.
DHH
-
SSL: Changes redirect behavior for all non-GET and non-HEAD requests (like POST/PUT/PATCH etc) to
http://
resources to redirect tohttps://
with a 307 status code instead of 301 status code.307 status code instructs the HTTP clients to preserve the original request method while redirecting. It has been part of HTTP RFC since 1999 and is implemented/recognized by most (if not all) user agents.
# Before POST http://example.com/articles (i.e. ArticlesContoller#create) redirects to GET https://example.com/articles (i.e. ArticlesContoller#index) # After POST http://example.com/articles (i.e. ArticlesContoller#create) redirects to POST https://example.com/articles (i.e. ArticlesContoller#create)
Chirag Singhal
-
Add
:as
option toActionController:TestCase#process
and related methods.Specifying
as: mime_type
allows theCONTENT_TYPE
header to be specified in controller tests without manually doing this through@request.headers['CONTENT_TYPE']
.Everest Stefan Munro-Zeisberger
-
Show cache hits and misses when rendering partials.
Partials using the
cache
helper will show whether a render hit or missed the cache:Rendered messages/_message.html.erb in 1.2 ms [cache hit] Rendered recordings/threads/_thread.html.erb in 1.5 ms [cache miss]
This removes the need for the old fragment cache logging:
Read fragment views/v1/2914079/v1/2914079/recordings/70182313-20160225015037000000/d0bdf2974e1ef6d31685c3b392ad0b74 (0.6ms) Rendered messages/_message.html.erb in 1.2 ms [cache hit] Write fragment views/v1/2914079/v1/2914079/recordings/70182313-20160225015037000000/3b4e249ac9d168c617e32e84b99218b5 (1.1ms) Rendered recordings/threads/_thread.html.erb in 1.5 ms [cache miss]
Though that full output can be reenabled with
config.action_controller.enable_fragment_cache_logging = true
.Stan Lo
-
Don't override the
Accept
header in integration tests when called withxhr: true
.Fixes #25859.
David Chen
-
Fix
defaults
option for root route.A regression from some refactoring for the 5.0 release, this change fixes the use of
defaults
(default parameters) in theroot
routing method.Chris Arcand
-
Check
request.path_parameters
encoding at the point they're set.Check for any non-UTF8 characters in path parameters at the point they're set in
env
. Previously they were checked for when used to get a controller class, but this meant routes that went directly to a Rack app, or skipped controller instantiation for some other reason, had to defend against non-UTF8 characters themselves.Grey Baker
-
Don't raise
ActionController::UnknownHttpMethod
fromActionDispatch::Static
.Pass
Rack::Request
objects toActionDispatch::FileHandler
to avoid it raisingActionController::UnknownHttpMethod
. If an unknown method is passed, it should pass exception higher in the stack instead, once we've had a chance to define exception handling behaviour.Grey Baker
-
Handle
Rack::QueryParser
errors inActionDispatch::ExceptionWrapper
.Updated
ActionDispatch::ExceptionWrapper
to handle the Rack 2.0 namespace forParameterTypeError
andInvalidParameterError
errors.Grey Baker
Please check 5-0-stable for previous changes.