actionpack 1.10.2 → 1.11.0

data/CHANGELOG

@@ -1,3 +1,57 @@
+*1.11.0* (November 7th, 2005)
+
+* Added request as instance method to views, so you can do <%= request.env["HTTP_REFERER"] %>, just like you can already access response, session, and the likes [DHH]
+
+* Fix conflict with assert_tag and Glue gem #2255 [david.felstead@gmail.com]
+
+* Add documentation to assert_tag indicating that it only works with well-formed XHTML #1937, #2570 [Jamis Buck]
+
+* Added action_pack.rb stub so that ActionPack::Version loads properly [Sam Stephenson]
+
+* Added short-hand to assert_tag so assert_tag :tag => "span" can be written as assert_tag "span" [DHH]
+
+* Added skip_before_filter/skip_after_filter for easier control of the filter chain in inheritance hierachies [DHH]. Example:
+
+    class ApplicationController < ActionController::Base
+      before_filter :authenticate
+    end
+    
+    class WeblogController < ApplicationController
+      # will run the :authenticate filter
+    end
+    
+    class SignupController < ActionController::Base
+      # will not run the :authenticate filter
+      skip_before_filter :authenticate
+    end
+
+* Added redirect_to :back as a short-hand for redirect_to(request.env["HTTP_REFERER"]) [DHH]
+
+* Change javascript_include_tag :defaults to not use script.aculo.us loader, which facilitates the use of plugins for future script.aculo.us and third party javascript extensions, and provide register_javascript_include_default for plugins to specify additional JavaScript files to load. Removed slider.js and builder.js from actionpack. [Thomas Fuchs]
+
+* Fix problem where redirecting components can cause an infinite loop [Rick Olson]
+
+* Added support for the queue option on visual_effect [Thomas Fuchs]
+
+* Update script.aculo.us to V1.5_rc4 [Thomas Fuchs]
+
+* Fix that render :text didn't interpolate instance variables #2629, #2626 [skaes]
+
+* Fix line number detection and escape RAILS_ROOT in backtrace Regexp [Nicholas Seckar]
+
+* Fixed document.getElementsByClassName from Prototype to be speedy again [Sam Stephenson]
+
+* Recognize ./#{RAILS_ROOT} as RAILS_ROOT in error traces [Nicholas Seckar]
+
+* Remove ARStore session fingerprinting [Nicholas Seckar]
+
+* Fix obscure bug in ARStore [Nicholas Seckar]
+
+* Added TextHelper#strip_tags for removing HTML tags from a string (using HTMLTokenizer) #2229 [marcin@junkheap.net]
+
+* Added a reader for flash.now, so it's possible to do stuff like flash.now[:alert] ||= 'New if not set' #2422 [Caio Chassot]
+
+
 *1.10.2* (October 26th, 2005)
 
 * Reset template variables after using render_to_string [skaes@web.de]
@@ -519,7 +573,7 @@
 
 * Added ActionController::Base.asset_host that will then be used by all the asset helpers. This enables you to easily offload static content like javascripts and images to a separate server tuned just for that.
 
-* Fixed action/fragment caching using the filestore when a directory and a file wanted to to use the same name. Now there's a .cache prefix that sidesteps the conflict #1188 [imbcmdth@hotmail.com]
+* Fixed action/fragment caching using the filestore when a directory and a file wanted to use the same name. Now there's a .cache prefix that sidesteps the conflict #1188 [imbcmdth@hotmail.com]
 
 * Fixed missing id uniqueness in FormTag#radio_button #1207 [Jarkko]
 
@@ -1127,7 +1181,7 @@
 
 * Added POST support for the breakpoint retries, so form processing that raises an exception can be retried with the original request [Florian Gross]
 
-* Fixed regression with Base#reset_session that wouldn't use the the DEFAULT_SESSION_OPTIONS [adam@the-kramers.net]
+* Fixed regression with Base#reset_session that wouldn't use the DEFAULT_SESSION_OPTIONS [adam@the-kramers.net]
 
 * Fixed error rendering of rxml documents to not just swallow the exception and return 0 (still not guessing the right line, but hey)
 
@@ -1379,7 +1433,7 @@
 * Added another case to DateHelper#distance_in_minutes to return "less than a minute" instead of "0 minutes" and "1 minute" instead of "1 minutes"
 
 * Added a hidden field to checkboxes generated with FormHelper#check_box that will make sure that the unchecked value (usually 0)
-  is sent even if the checkbox is not checked. This relieves the controller from doing custom checking if the the checkbox wasn't
+  is sent even if the checkbox is not checked. This relieves the controller from doing custom checking if the checkbox wasn't
   checked. BEWARE: This might conflict with your run-on-the-mill work-around code. [Tobias Luetke]
 
 * Fixed error_message_on to just use the first if more than one error had been added [marcel]

data/README

@@ -24,14 +24,14 @@ ActiveRecord[http://activerecord.rubyonrails.org] (an object-relational
 mapping package), but that doesn't mean that Action Pack depends on Active
 Record. Action Pack is an independent package that can be used with any sort
 of backend (Instiki[http://www.instiki.org], which is based on an older version
-of Action Pack, uses Madeleine for example). Read more about the role Action
+of Action Pack, used Madeleine for example). Read more about the role Action
 Pack can play when used together with Active Record on
 http://www.rubyonrails.org.
 
 A short rundown of the major features:
 
 * Actions grouped in controller as methods instead of separate command objects
-  and can therefore helper share methods.
+  and can therefore share helper methods.
 
     BlogController < ActionController::Base
       def display
@@ -103,15 +103,15 @@ A short rundown of the major features:
       def list
         # Before this action is run, the user will be authenticated, the cache
         # will be examined to see if a valid copy of the results already
-        # exist, and the action will be logged for auditing.
+        # exists, and the action will be logged for auditing.
         
         # After this action has run, the output will first be localized then 
-        # compressed to minimize bandwith usage
+        # compressed to minimize bandwidth usage
       end
       
       private
         def authenticate
-          # Implement the filter will full access to both request and response
+          # Implement the filter with full access to both request and response
         end
     end
   
@@ -316,7 +316,7 @@ A short rundown of the major features:
 
     <%= form "post" %>
     
-    ...will generate something like (the selects will have more options of
+    ...will generate something like (the selects will have more options, of
     course):
     
     <form action="create" method="POST">
@@ -413,7 +413,7 @@ And the templates look like this:
   
 This simple setup will list all the posts in the system on the index page,
 which is called by accessing /weblog/. It uses the form builder for the Active
-Record model to make the new screen, which in turns hand everything over to
+Record model to make the new screen, which in turn hands everything over to
 the create action (that's the default target for the form builder when given a
 new model). After creating the post, it'll redirect to the display page using
 an URL such as /weblog/display/5 (where 5 is the id of the post).

data/lib/action_controller/assertions.rb

@@ -8,9 +8,9 @@ module Test #:nodoc:
     # In addition to these specific assertions, you also have easy access to various collections that the regular test/unit assertions
     # can be used against. These collections are:
     #
-    # * assigns: Instance variables assigned in the action that's available for the view.
+    # * assigns: Instance variables assigned in the action that are available for the view.
     # * session: Objects being saved in the session.
-    # * flash: The flash objects being currently in the session.
+    # * flash: The flash objects currently in the session.
     # * cookies: Cookies being sent to the user on this request.
     # 
     # These collections can be used just like any other hash:
@@ -25,13 +25,13 @@ module Test #:nodoc:
     #
     # On top of the collections, you have the complete url that a given action redirected to available in redirect_to_url.
     #
-    # For redirects within the same controller, you can even call follow_redirect and the redirect will be follow triggering another
+    # For redirects within the same controller, you can even call follow_redirect and the redirect will be followed, triggering another
     # action call which can then be asserted against.
     #
     # == Manipulating the request collections
     #
-    # The collections described above link to the response, so you can test if what the actions were expected to do happen. But
-    # some times you also want to manipulate these collections in the request coming in. This is really only relevant for sessions
+    # The collections described above link to the response, so you can test if what the actions were expected to do happened. But
+    # sometimes you also want to manipulate these collections in the incoming request. This is really only relevant for sessions
     # and cookies, though. For sessions, you just do:
     #
     #   @request.session[:key] = "value"
@@ -68,7 +68,7 @@ module Test #:nodoc:
       end
 
       # Assert that the redirection options passed in match those of the redirect called in the latest action. This match can be partial,
-      # such at assert_redirected_to(:controller => "weblog") will also match the redirection of 
+      # such that assert_redirected_to(:controller => "weblog") will also match the redirection of 
       # redirect_to(:controller => "weblog", :action => "show") and so on.
       def assert_redirected_to(options = {}, message=nil)
         clean_backtrace do
@@ -118,7 +118,7 @@ module Test #:nodoc:
         end
       end
 
-      # Asserts that the routing of the given path is handled correctly and that the parsed options match.
+      # Asserts that the routing of the given path was handled correctly and that the parsed options match.
       def assert_recognizes(expected_options, path, extras={}, message=nil)
         clean_backtrace do 
           path = "/#{path}" unless path[0..0] == '/'
@@ -159,8 +159,8 @@ module Test #:nodoc:
         end
       end
 
-      # asserts that path and options match both ways, in other words, the URL generated from 
-      # options is same as path, and also that the options recognized from path are same as options
+      # Asserts that path and options match both ways; in other words, the URL generated from 
+      # options is the same as path, and also that the options recognized from path are the same as options
       def assert_routing(path, options, defaults={}, extras={}, message=nil)
         assert_recognizes(options, path, extras, message)
         
@@ -221,6 +221,15 @@ module Test #:nodoc:
       #   # assert that there is a "span" tag
       #   assert_tag :tag => "span"
       #
+      #   # assert that there is a "span" tag with id="x"
+      #   assert_tag :tag => "span", :attributes => { :id => "x" }
+      #
+      #   # assert that there is a "span" tag using the short-hand
+      #   assert_tag :span
+      #
+      #   # assert that there is a "span" tag with id="x" using the short-hand
+      #   assert_tag :span, :attributes => { :id => "x" }
+      #
       #   # assert that there is a "span" inside of a "div"
       #   assert_tag :tag => "span", :parent => { :tag => "div" }
       #
@@ -248,8 +257,15 @@ module Test #:nodoc:
       #                           :attributes => { :class => "enum" } },
       #              :descendant => { :tag => "span",
       #                               :child => /hello world/ }
-      def assert_tag(opts)
+      #
+      # <strong>Please note</strong: #assert_tag and #assert_no_tag only work
+      # with well-formed XHTML. They recognize a few tags as implicitly self-closing
+      # (like br and hr and such) but will not work correctly with tags
+      # that allow optional closing tags (p, li, td). <em>You must explicitly
+      # close all of your tags to use these assertions.</em>
+      def assert_tag(*opts)
         clean_backtrace do
+          opts = opts.size > 1 ? opts.last.merge({ :tag => opts.first.to_s }) : opts.first
           tag = find_tag(opts)
           assert tag, "expected tag, but no tag found matching #{opts.inspect} in:\n#{@response.body.inspect}"
         end
@@ -257,8 +273,9 @@ module Test #:nodoc:
       
       # Identical to #assert_tag, but asserts that a matching tag does _not_
       # exist. (See #assert_tag for a full discussion of the syntax.)
-      def assert_no_tag(opts)
+      def assert_no_tag(*opts)
         clean_backtrace do
+          opts = opts.size > 1 ? opts.last.merge({ :tag => opts.first.to_s }) : opts.first
           tag = find_tag(opts)
           assert !tag, "expected no tag, but found tag matching #{opts.inspect} in:\n#{@response.body.inspect}"
         end

data/lib/action_controller/base.rb

@@ -89,7 +89,7 @@ module ActionController #:nodoc:
   #
   # == Parameters
   #
-  # All request parameters whether they come from a GET or POST request, or from the URL, are available through the params hash.
+  # All request parameters, whether they come from a GET or POST request, or from the URL, are available through the params hash.
   # So an action that was performed through /weblog/list?category=All&limit=5 will include { "category" => "All", "limit" => 5 }
   # in params.
   #
@@ -165,7 +165,7 @@ module ActionController #:nodoc:
   # the post again, but rather just show it one more time.
   # 
   # This sounds fairly simple, but the redirection is complicated by the quest for a phenomenon known as "pretty urls". Instead of accepting
-  # the dreadful beings that is "weblog_controller?action=show&post_id=5", Action Controller goes out of its way to represent the former as
+  # the dreadful being that is "weblog_controller?action=show&post_id=5", Action Controller goes out of its way to represent the former as
   # "/weblog/show/5". And this is even the simple case. As an example of a more advanced pretty url consider
   # "/library/books/ISBN/0743536703/show", which can be mapped to books_controller?action=show&type=ISBN&id=0743536703.
   # 
@@ -188,7 +188,7 @@ module ActionController #:nodoc:
   #
   # == Calling multiple redirects or renders
   #
-  # An action should conclude by a single render or redirect. Attempting to try to do either again will result in a DoubleRenderError:
+  # An action should conclude with a single render or redirect. Attempting to try to do either again will result in a DoubleRenderError:
   #
   #   def do_something
   #     redirect_to :action => "elsewhere"
@@ -241,7 +241,7 @@ module ActionController #:nodoc:
     @@debug_routes = true
     cattr_accessor :debug_routes
 
-    # Controls whether the application is thread-safe, so multi-threaded servers like WEBrick knows whether to apply a mutex
+    # Controls whether the application is thread-safe, so multi-threaded servers like WEBrick know whether to apply a mutex
     # around the performance of each action. Action Pack and Active Record are by default thread-safe, but many applications
     # may not be. Turned off by default.
     @@allow_concurrency = false
@@ -276,7 +276,7 @@ module ActionController #:nodoc:
     attr_accessor :response
     
     # Holds a hash of objects in the session. Accessed like <tt>session[:person]</tt> to get the object tied to the "person"
-    # key. The session will hold any type of object as values, but the key should be a string.
+    # key. The session will hold any type of object as values, but the key should be a string or symbol.
     attr_accessor :session
     
     # Holds a hash of header names and values. Accessed like <tt>headers["Cache-Control"]</tt> to get the value of the Cache-Control
@@ -306,7 +306,7 @@ module ActionController #:nodoc:
         @controller_name ||= controller_class_name.sub(/Controller$/, '').underscore
       end
       
-      # Convert the class name from something like "OneModule::TwoModule::NeatController" to "one_module/two_module/neat".
+      # Converts the class name from something like "OneModule::TwoModule::NeatController" to "one_module/two_module/neat".
       def controller_path
         unless @controller_path
           components = self.name.to_s.split('::')
@@ -363,9 +363,9 @@ module ActionController #:nodoc:
 
         log_processing if logger
         send(method, *arguments)
-        close_session
-
         @response
+      ensure
+        close_session
       end
 
       # Returns a URL that has been rewritten according to the options hash and the defined Routes. 
@@ -373,7 +373,7 @@ module ActionController #:nodoc:
       # �
       # <tt>url_for</tt> is used to:
       # �
-      # All keys given to url_for are forwarded to the Route module save for the following:
+      # All keys given to url_for are forwarded to the Route module, save for the following:
       # * <tt>:anchor</tt> -- specifies the anchor name to be appended to the path. For example, 
       #   <tt>url_for :controller => 'posts', :action => 'show', :id => 10, :anchor => 'comments'</tt> 
       #   will produce "/posts/show/10#comments".
@@ -408,7 +408,7 @@ module ActionController #:nodoc:
       # The final rule is applied while the URL is being generated and is best illustrated by an example. Let us consider the
       # route given by <tt>map.connect 'people/:last/:first/:action', :action => 'bio', :controller => 'people'</tt>.
       #
-      # Suppose that the current URL is "people/hh/david/contacts". Let's consider a few different cases URLs which are generated
+      # Suppose that the current URL is "people/hh/david/contacts". Let's consider a few different cases of URLs which are generated
       # from this page.
       #
       # * <tt>url_for :action => 'bio'</tt> -- During the generation of this URL, default values will be used for the first and
@@ -436,7 +436,7 @@ module ActionController #:nodoc:
       #   url_for :overwrite_params => { :action => 'print' }
       #
       # This takes the current URL as is and only exchanges the action. In contrast, <tt>url_for :action => 'print'</tt>
-      # would have slashed-off the path components are the changed action.
+      # would have slashed-off the path components after the changed action.
       def url_for(options = {}, *parameters_for_method_reference) #:doc:
         case options
           when String then options
@@ -481,7 +481,7 @@ module ActionController #:nodoc:
       #
       # === Rendering partials
       # 
-      # Partial rendering is most commonly used together with Ajax calls that only updates one or a few elements on a page
+      # Partial rendering is most commonly used together with Ajax calls that only update one or a few elements on a page
       # without reloading. Rendering of partials from the controller makes it possible to use the same partial template in
       # both the full-page rendering (by calling it from within the template) and when sub-page updates happen (from the
       # controller action responding to Ajax calls). By default, the current layout is not used.
@@ -542,7 +542,7 @@ module ActionController #:nodoc:
       #   # Renders the clear text "Hi there!" within the current active layout (if one exists)
       #   render :text => "Explosion!", :layout => true
       #
-      #   # Renders the clear text "Hi there!" within the the layout 
+      #   # Renders the clear text "Hi there!" within the layout 
       #   # placed in "app/views/layouts/special.r(html|xml)"
       #   render :text => "Explosion!", :layout => "special"
       #
@@ -683,7 +683,7 @@ module ActionController #:nodoc:
         @performed_render = false
       end
 
-      # Clears the redirected results from the headers, resetting the status to 200 and returns 
+      # Clears the redirected results from the headers, resets the status to 200 and returns 
       # the URL that was used to redirect or nil if there was no redirected URL
       # Note that +redirect_to+ will change the body of the response to indicate a redirection.
       # The response body is not reset here, see +erase_render_results+
@@ -726,12 +726,15 @@ module ActionController #:nodoc:
       #
       # * <tt>Hash</tt>: The URL will be generated by calling url_for with the +options+.
       # * <tt>String starting with protocol:// (like http://)</tt>: Is passed straight through as the target for redirection.
-      # * <tt>String not containing a protocol</tt>: The current current protocol and host is prepended to the string.
+      # * <tt>String not containing a protocol</tt>: The current protocol and host is prepended to the string.
+      # * <tt>:back</tt>: Back to the page that issued the request. Useful for forms that are triggered from multiple places.
+      #   Short-hand for redirect_to(request.env["HTTP_REFERER"])
       # 
       # Examples:
       #   redirect_to :action => "show", :id => 5
       #   redirect_to "http://www.rubyonrails.org"
       #   redirect_to "/images/screenshot.jpg"
+      #   redirect_to :back
       #
       # The redirection happens as a "302 Moved" header.
       def redirect_to(options = {}, *parameters_for_method_reference) #:doc:
@@ -745,6 +748,9 @@ module ActionController #:nodoc:
 
           when String
             redirect_to(request.protocol + request.host_with_port + options)
+          
+          when :back
+            redirect_to(request.env["HTTP_REFERER"])
 
           else
             if parameters_for_method_reference.empty?
@@ -805,6 +811,7 @@ module ActionController #:nodoc:
         raise "You must assign a template class through ActionController.template_class= before processing a request" unless @@template_class
         
         response.template = self.class.view_class.new(self.class.view_root, {}, self)
+        response.redirected_to = nil
         @performed_render = @performed_redirect = false
       end
     

data/lib/action_controller/caching.rb

@@ -18,7 +18,7 @@ module ActionController #:nodoc:
     end
 
     # Page caching is an approach to caching where the entire action output of is stored as a HTML file that the web server 
-    # can serve without going through the Action Pack. This can be as much as 100 times faster than going the process of dynamically
+    # can serve without going through the Action Pack. This can be as much as 100 times faster than going through the process of dynamically
     # generating the content. Unfortunately, this incredible speed-up is only available to stateless pages where all visitors
     # are treated the same. Content management systems -- including weblogs and wikis -- have many pages that are a great fit
     # for this approach, but account-based systems where people log in and manipulate their own data are often less likely candidates.
@@ -140,7 +140,7 @@ module ActionController #:nodoc:
 
     # Action caching is similar to page caching by the fact that the entire output of the response is cached, but unlike page caching, 
     # every request still goes through the Action Pack. The key benefit of this is that filters are run before the cache is served, which
-    # allows for authentication and other restrictions on whether someone are supposed to see the cache. Example:
+    # allows for authentication and other restrictions on whether someone is allowed to see the cache. Example:
     #
     #   class ListsController < ApplicationController
     #     before_filter :authenticate, :except => :public
@@ -228,7 +228,7 @@ module ActionController #:nodoc:
     # In order to use the fragment caching, you need to designate where the caches should be stored. This is done by assigning a fragment store
     # of which there are four different kinds:
     #
-    # * FileStore: Keeps the fragments on disk in the +cache_path+, which works well for all types of environments and share the fragments for
+    # * FileStore: Keeps the fragments on disk in the +cache_path+, which works well for all types of environments and shares the fragments for
     #   all the web server processes running off the same application directory.
     # * MemoryStore: Keeps the fragments in memory, which is fine for WEBrick and for FCGI (if you don't care that each FCGI process holds its
     #   own fragment store). It's not suitable for CGI as the process is thrown away at the end of each request. It can potentially also take
@@ -256,7 +256,7 @@ module ActionController #:nodoc:
             @@fragment_cache_store = if store.is_a?(Symbol)
               store_class_name = (store == :drb_store ? "DRbStore" : store.to_s.camelize)
               store_class = ActionController::Caching::Fragments.const_get(store_class_name)
-              parameters.empty? ? store.new : store_class.new(*parameters)
+              store_class.new(*parameters)
             else
               store
             end
@@ -481,14 +481,14 @@ module ActionController #:nodoc:
     #     end
     #   end
     #
-    # The sweeper is assigned on the controllers that wish to have its job performed using the <tt>cache_sweeper</tt> class method:
+    # The sweeper is assigned in the controllers that wish to have its job performed using the <tt>cache_sweeper</tt> class method:
     #
     #   class ListsController < ApplicationController
     #     caches_action :index, :show, :public, :feed
     #     cache_sweeper :list_sweeper, :only => [ :edit, :destroy, :share ]
     #   end
     #
-    # In the example above, four actions are cached and three actions are responsible of expiring those caches.
+    # In the example above, four actions are cached and three actions are responsible for expiring those caches.
     module Sweeping
       def self.append_features(base) #:nodoc:
         super

data/lib/action_controller/components.rb

@@ -1,5 +1,5 @@
 module ActionController #:nodoc:
-  # Components allows you to call other actions for their rendered response while execution another action. You can either delegate
+  # Components allows you to call other actions for their rendered response while executing another action. You can either delegate
   # the entire response rendering or you can mix a partial response in with your other content.
   #
   #   class WeblogController < ActionController::Base

data/lib/action_controller/cookies.rb

@@ -1,6 +1,6 @@
 module ActionController #:nodoc:
-  # Cookies are read and written through ActionController#cookies. The cookies being read is what was received along with the request,
-  # the cookies being written is what will be sent out will the response. Cookies are read by value (so you won't get the cookie object
+  # Cookies are read and written through ActionController#cookies. The cookies being read are what were received along with the request,
+  # the cookies being written are what will be sent out with the response. Cookies are read by value (so you won't get the cookie object
   # itself back -- just the value it holds). Examples for writing:
   #
   #   cookies[:user_name] = "david" # => Will set a simple session cookie
@@ -43,7 +43,7 @@ module ActionController #:nodoc:
       update(@cookies)
     end
 
-    # Returns the value of the cookie by +name+ -- or nil if no such cookie exist. You set new cookies using either the cookie method
+    # Returns the value of the cookie by +name+ -- or nil if no such cookie exists. You set new cookies using either the cookie method
     # or cookies[]= (for simple name/value cookies without options).
     def [](name)
       @cookies[name.to_s].value.first if @cookies[name.to_s] && @cookies[name.to_s].respond_to?(:value)