actionpack 4.0.3 → 4.0.4.rc1

data/lib/action_view/helpers/asset_tag_helper.rb

@@ -154,14 +154,14 @@ module ActionView
       #
       # ==== Examples
       #
-      #   favicon_link_tag '/myicon.ico'
+      #   favicon_link_tag 'myicon.ico'
       #   # => <link href="/assets/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />
       #
       # Mobile Safari looks for a different <link> tag, pointing to an image that
       # will be used if you add the page to the home screen of an iPod Touch, iPhone, or iPad.
       # The following call would generate such a tag:
       #
-      #   favicon_link_tag '/mb-icon.png', rel: 'apple-touch-icon', type: 'image/png'
+      #   favicon_link_tag 'mb-icon.png', rel: 'apple-touch-icon', type: 'image/png'
       #   # => <link href="/assets/mb-icon.png" rel="apple-touch-icon" type="image/png" />
       def favicon_link_tag(source='favicon.ico', options={})
         tag('link', {

data/lib/action_view/helpers/atom_feed_helper.rb

@@ -64,7 +64,7 @@ module ActionView
       #         'xmlns:openSearch' => 'http://a9.com/-/spec/opensearch/1.1/'}) do |feed|
       #       feed.title("My great blog!")
       #       feed.updated((@posts.first.created_at))
-      #       feed.tag!(openSearch:totalResults, 10)
+      #       feed.tag!('openSearch:totalResults', 10)
       #
       #       @posts.each do |post|
       #         feed.entry(post) do |entry|

data/lib/action_view/helpers/csrf_helper.rb

@@ -12,8 +12,10 @@ module ActionView
       # These are used to generate the dynamic forms that implement non-remote links with
       # <tt>:method</tt>.
       #
-      # Note that regular forms generate hidden fields, and that Ajax calls are whitelisted,
-      # so they do not use these tags.
+      # You don't need to use these tags for regular forms as they generate their own hidden fields.
+      #
+      # For AJAX requests other than GETs, extract the "csrf-token" from the meta-tag and send as the
+      # "X-CSRF-Token" HTTP header. If you are using jQuery with jquery-rails this happens automatically.
       def csrf_meta_tags
         if protect_against_forgery?
           [

data/lib/action_view/helpers/date_helper.rb

@@ -178,8 +178,12 @@ module ActionView
       # * <tt>:use_month_names</tt>   - Set to an array with 12 month names if you want to customize month names.
       #   Note: You can also use Rails' i18n functionality for this.
       # * <tt>:date_separator</tt>    - Specifies a string to separate the date fields. Default is "" (i.e. nothing).
-      # * <tt>:start_year</tt>        - Set the start year for the year select. Default is <tt>Time.now.year - 5</tt>.
-      # * <tt>:end_year</tt>          - Set the end year for the year select. Default is <tt>Time.now.year + 5</tt>.
+      # * <tt>:start_year</tt>        - Set the start year for the year select. Default is <tt>Date.today.year - 5</tt>if
+      #   you are creating new record. While editing existing record, <tt>:start_year</tt> defaults to
+      #   current selected year minus 5.
+      # * <tt>:end_year</tt>          - Set the end year for the year select. Default is <tt>Date.today.year + 5</tt> if
+      #   you are creating new record. While editing existing record, <tt>:end_year</tt> defaults to
+      #   current selected year plus 5.
       # * <tt>:discard_day</tt>       - Set to true if you don't want to show a day select. This includes the day
       #   as a hidden field instead of showing a select field. Also note that this implicitly sets the day to be the
       #   first of the given month in order to not create invalid dates like 31 February.
@@ -1070,7 +1074,7 @@ module ActionView
       # Wraps ActionView::Helpers::DateHelper#datetime_select for form builders:
       #
       #   <%= form_for @person do |f| %>
-      #     <%= f.time_select :last_request_at %>
+      #     <%= f.datetime_select :last_request_at %>
       #     <%= f.submit %>
       #   <% end %>
       #

data/lib/action_view/helpers/form_helper.rb

@@ -692,7 +692,7 @@ module ActionView
       #
       # Note that fields_for will automatically generate a hidden field
       # to store the ID of the record. There are circumstances where this
-      # hidden field is not needed and you can pass <tt>hidden_field_id: false</tt>
+      # hidden field is not needed and you can pass <tt>include_id: false</tt>
       # to prevent fields_for from rendering it automatically.
       def fields_for(record_name, record_object = nil, options = {}, &block)
         builder = instantiate_builder(record_name, record_object, options)
@@ -1507,7 +1507,7 @@ module ActionView
       #
       # Note that fields_for will automatically generate a hidden field
       # to store the ID of the record. There are circumstances where this
-      # hidden field is not needed and you can pass <tt>hidden_field_id: false</tt>
+      # hidden field is not needed and you can pass <tt>include_id: false</tt>
       # to prevent fields_for from rendering it automatically.
       def fields_for(record_name, record_object = nil, fields_options = {}, &block)
         fields_options, record_object = record_object, nil if record_object.is_a?(Hash) && record_object.extractable_options?

data/lib/action_view/helpers/form_options_helper.rb

@@ -765,7 +765,7 @@ module ActionView
       # Wraps ActionView::Helpers::FormOptionsHelper#select for form builders:
       #
       #   <%= form_for @post do |f| %>
-      #     <%= f.select :person_id, Person.all.collect {|p| [ p.name, p.id ] }, { include_blank: true }) %>
+      #     <%= f.select :person_id, Person.all.collect {|p| [ p.name, p.id ] }, { include_blank: true } %>
       #     <%= f.submit %>
       #   <% end %>
       #

data/lib/action_view/helpers/form_tag_helper.rb

@@ -480,7 +480,7 @@ module ActionView
       #   #     <strong>Ask me!</strong>
       #   #    </button>
       #
-      #   button_tag "Checkout", data: { disable_with => "Please wait..." }
+      #   button_tag "Checkout", data: { :disable_with => "Please wait..." }
       #   # => <button data-disable-with="Please wait..." name="button" type="submit">Checkout</button>
       #
       def button_tag(content_or_options = nil, options = nil, &block)

data/lib/action_view/helpers/number_helper.rb

@@ -100,10 +100,10 @@ module ActionView
       #
       #   number_to_currency(-1234567890.50, negative_format: "(%u%n)")
       #   # => ($1,234,567,890.50)
-      #   number_to_currency(1234567890.50, unit: "£", separator: ",", delimiter: "")
-      #   # => £1234567890,50
-      #   number_to_currency(1234567890.50, unit: "£", separator: ",", delimiter: "", format: "%n %u")
-      #   # => 1234567890,50 £
+      #   number_to_currency(1234567890.50, unit: "R$", separator: ",", delimiter: "")
+      #   # => R$1234567890,50
+      #   number_to_currency(1234567890.50, unit: "R$", separator: ",", delimiter: "", format: "%n %u")
+      #   # => 1234567890,50 R$
       def number_to_currency(number, options = {})
         return unless number
         options = escape_unsafe_options(options.symbolize_keys)

data/lib/action_view/helpers/tag_helper.rb

@@ -111,7 +111,7 @@ module ActionView
       #   cdata_section("hello]]>world")
       #   # => <![CDATA[hello]]]]><![CDATA[>world]]>
       def cdata_section(content)
-        splitted = content.gsub(']]>', ']]]]><![CDATA[>')
+        splitted = content.to_s.gsub(']]>', ']]]]><![CDATA[>')
         "<![CDATA[#{splitted}]]>".html_safe
       end
 

data/lib/action_view/helpers/tags/collection_helpers.rb

@@ -18,7 +18,7 @@ module ActionView
           end
 
           def label(label_html_options={}, &block)
-            html_options = label_html_options.merge(@input_html_options)
+            html_options = @input_html_options.slice(:index, :namespace).merge(label_html_options)
             @template_object.label(@object_name, @sanitized_attribute_name, @text, html_options, &block)
           end
         end

data/lib/action_view/helpers/tags/label.rb

@@ -30,14 +30,13 @@ module ActionView
           add_default_name_and_id_for_value(tag_value, name_and_id)
           options.delete("index")
           options.delete("namespace")
-          options.delete("multiple")
           options["for"] = name_and_id["id"] unless options.key?("for")
 
           if block_given?
             content = @template_object.capture(&block)
           else
             content = if @content.blank?
-                        @object_name.gsub!(/\[(.*)_attributes\]\[\d\]/, '.\1')
+                        @object_name.gsub!(/\[(.*)_attributes\]\[\d+\]/, '.\1')
                         method_and_value = tag_value.present? ? "#{@method_name}.#{tag_value}" : @method_name
 
                         if object.respond_to?(:to_model)

data/lib/action_view/helpers/text_helper.rb

@@ -31,6 +31,8 @@ module ActionView
 
       include SanitizeHelper
       include TagHelper
+      include OutputSafetyHelper
+
       # The preferred method of outputting text in your views is to use the
       # <%= "text" %> eRuby syntax. The regular _puts_ and _print_ methods
       # do not operate as expected in an eRuby code block. If you absolutely must
@@ -80,6 +82,9 @@ module ActionView
       #   # => "And they f... (continued)"
       #
       #   truncate("<p>Once upon a time in a world far far away</p>")
+      #   # => "&lt;p&gt;Once upon a time in a wo..."
+      #
+      #   truncate("<p>Once upon a time in a world far far away</p>", escape: false)
       #   # => "<p>Once upon a time in a wo..."
       #
       #   truncate("Once upon a time in a world far far away") { link_to "Continue", "#" }
@@ -255,7 +260,7 @@ module ActionView
       #   # => "<p>Unblinkable.</p>"
       #
       #   simple_format("<blink>Blinkable!</blink> It's true.", {}, sanitize: false)
-      #   # => "<p><blink>Blinkable!</span> It's true.</p>"
+      #   # => "<p><blink>Blinkable!</blink> It's true.</p>"
       def simple_format(text, html_options = {}, options = {})
         wrapper_tag = options.fetch(:wrapper_tag, :p)
 

data/lib/action_view/helpers/translation_helper.rb

@@ -38,7 +38,13 @@ module ActionView
 
         # If the user has specified rescue_format then pass it all through, otherwise use
         # raise and do the work ourselves
-        options[:raise] = true unless options.key?(:raise) || options.key?(:rescue_format)
+        if options.key?(:raise) || options.key?(:rescue_format)
+          raise_error = options[:raise] || options[:rescue_format]
+        else
+          raise_error = false
+          options[:raise] = true
+        end
+
         if html_safe_translation_key?(key)
           html_safe_options = options.dup
           options.except(*I18n::RESERVED_KEYS).each do |name, value|
@@ -53,6 +59,8 @@ module ActionView
           I18n.translate(scope_key_by_partial(key), options)
         end
       rescue I18n::MissingTranslationData => e
+        raise e if raise_error
+
         keys = I18n.normalize_keys(e.locale, e.key, e.options[:scope])
         content_tag('span', keys.last.to_s.titleize, :class => 'translation_missing', :title => "translation missing: #{keys.join('.')}")
       end

data/lib/action_view/helpers/url_helper.rb

@@ -82,7 +82,7 @@ module ActionView
       #   to using GET. If <tt>href: '#'</tt> is used and the user has JavaScript
       #   disabled clicking the link will have no effect. If you are relying on the
       #   POST behavior, you should check for it in your controller's action by using
-      #   the request object's methods for <tt>post?</tt>, <tt>delete?</tt>, <tt>:patch</tt>, or <tt>put?</tt>.
+      #   the request object's methods for <tt>post?</tt>, <tt>delete?</tt>, <tt>patch?</tt>, or <tt>put?</tt>.
       # * <tt>remote: true</tt> - This will allow the unobtrusive JavaScript
       #   driver to make an Ajax request to the URL in question instead of following
       #   the link. The drivers each provide mechanisms for listening for the

data/lib/action_view/template.rb

@@ -142,7 +142,7 @@ module ActionView
         compile!(view)
         view.send(method_name, locals, buffer, &block)
       end
-    rescue Exception => e
+    rescue => e
       handle_render_error(view, e)
     end
 
@@ -298,7 +298,7 @@ module ActionView
         begin
           mod.module_eval(source, identifier, 0)
           ObjectSpace.define_finalizer(self, Finalizer[method_name, mod])
-        rescue Exception => e # errors from template code
+        rescue => e # errors from template code
           if logger = (view && view.logger)
             logger.debug "ERROR: compiling #{method_name} RAISED #{e}"
             logger.debug "Function body: #{source}"

data/lib/action_view/template/error.rb

@@ -56,13 +56,13 @@ module ActionView
     class Error < ActionViewError #:nodoc:
       SOURCE_CODE_RADIUS = 3
 
-      attr_reader :original_exception, :backtrace
+      attr_reader :original_exception
 
       def initialize(template, original_exception)
         super(original_exception.message)
         @template, @original_exception = template, original_exception
         @sub_templates = nil
-        @backtrace = original_exception.backtrace
+        set_backtrace(original_exception.backtrace)
       end
 
       def file_name

data/lib/action_view/template/text.rb

@@ -27,7 +27,7 @@ module ActionView #:nodoc:
       end
 
       def formats
-        [@type.to_sym]
+        [@type.respond_to?(:ref) ? @type.ref : @type.to_s]
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: actionpack
 version: !ruby/object:Gem::Version
-  version: 4.0.3
+  version: 4.0.4.rc1
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-02-18 00:00:00.000000000 Z
+date: 2014-03-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.0.3
+        version: 4.0.4.rc1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.0.3
+        version: 4.0.4.rc1
 - !ruby/object:Gem::Dependency
   name: builder
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.0.3
+        version: 4.0.4.rc1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.0.3
+        version: 4.0.4.rc1
 - !ruby/object:Gem::Dependency
   name: tzinfo
   requirement: !ruby/object:Gem::Requirement
@@ -375,13 +375,13 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements:
 - none
 rubyforge_project: 
-rubygems_version: 2.2.0
+rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
 summary: Web-flow and rendering framework putting the VC in MVC (part of Rails).