actionview 4.2.11.1 → 5.2.4.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionview might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +94 -275
- data/MIT-LICENSE +1 -1
- data/README.rdoc +5 -6
- data/lib/action_view/base.rb +38 -28
- data/lib/action_view/buffers.rb +3 -1
- data/lib/action_view/context.rb +3 -3
- data/lib/action_view/dependency_tracker.rb +54 -20
- data/lib/action_view/digestor.rb +94 -83
- data/lib/action_view/flows.rb +11 -11
- data/lib/action_view/gem_version.rb +5 -3
- data/lib/action_view/helpers/active_model_helper.rb +17 -11
- data/lib/action_view/helpers/asset_tag_helper.rb +244 -62
- data/lib/action_view/helpers/asset_url_helper.rb +170 -67
- data/lib/action_view/helpers/atom_feed_helper.rb +19 -17
- data/lib/action_view/helpers/cache_helper.rb +105 -42
- data/lib/action_view/helpers/capture_helper.rb +16 -13
- data/lib/action_view/helpers/controller_helper.rb +15 -4
- data/lib/action_view/helpers/csp_helper.rb +24 -0
- data/lib/action_view/helpers/csrf_helper.rb +7 -5
- data/lib/action_view/helpers/date_helper.rb +170 -112
- data/lib/action_view/helpers/debug_helper.rb +7 -6
- data/lib/action_view/helpers/form_helper.rb +521 -127
- data/lib/action_view/helpers/form_options_helper.rb +109 -63
- data/lib/action_view/helpers/form_tag_helper.rb +110 -67
- data/lib/action_view/helpers/javascript_helper.rb +27 -12
- data/lib/action_view/helpers/number_helper.rb +77 -58
- data/lib/action_view/helpers/output_safety_helper.rb +36 -4
- data/lib/action_view/helpers/record_tag_helper.rb +14 -99
- data/lib/action_view/helpers/rendering_helper.rb +6 -5
- data/lib/action_view/helpers/sanitize_helper.rb +20 -15
- data/lib/action_view/helpers/tag_helper.rb +198 -73
- data/lib/action_view/helpers/tags/base.rb +134 -97
- data/lib/action_view/helpers/tags/check_box.rb +20 -18
- data/lib/action_view/helpers/tags/checkable.rb +4 -2
- data/lib/action_view/helpers/tags/collection_check_boxes.rb +12 -33
- data/lib/action_view/helpers/tags/collection_helpers.rb +70 -36
- data/lib/action_view/helpers/tags/collection_radio_buttons.rb +6 -11
- data/lib/action_view/helpers/tags/collection_select.rb +4 -2
- data/lib/action_view/helpers/tags/color_field.rb +3 -1
- data/lib/action_view/helpers/tags/date_field.rb +2 -0
- data/lib/action_view/helpers/tags/date_select.rb +38 -36
- data/lib/action_view/helpers/tags/datetime_field.rb +4 -2
- data/lib/action_view/helpers/tags/datetime_local_field.rb +2 -0
- data/lib/action_view/helpers/tags/datetime_select.rb +2 -0
- data/lib/action_view/helpers/tags/email_field.rb +2 -0
- data/lib/action_view/helpers/tags/file_field.rb +2 -0
- data/lib/action_view/helpers/tags/grouped_collection_select.rb +4 -2
- data/lib/action_view/helpers/tags/hidden_field.rb +2 -0
- data/lib/action_view/helpers/tags/label.rb +3 -1
- data/lib/action_view/helpers/tags/month_field.rb +2 -0
- data/lib/action_view/helpers/tags/number_field.rb +2 -0
- data/lib/action_view/helpers/tags/password_field.rb +3 -1
- data/lib/action_view/helpers/tags/placeholderable.rb +3 -1
- data/lib/action_view/helpers/tags/radio_button.rb +7 -5
- data/lib/action_view/helpers/tags/range_field.rb +2 -0
- data/lib/action_view/helpers/tags/search_field.rb +14 -9
- data/lib/action_view/helpers/tags/select.rb +11 -9
- data/lib/action_view/helpers/tags/tel_field.rb +2 -0
- data/lib/action_view/helpers/tags/text_area.rb +4 -2
- data/lib/action_view/helpers/tags/text_field.rb +8 -7
- data/lib/action_view/helpers/tags/time_field.rb +2 -0
- data/lib/action_view/helpers/tags/time_select.rb +2 -0
- data/lib/action_view/helpers/tags/time_zone_select.rb +3 -1
- data/lib/action_view/helpers/tags/translator.rb +17 -13
- data/lib/action_view/helpers/tags/url_field.rb +2 -0
- data/lib/action_view/helpers/tags/week_field.rb +2 -0
- data/lib/action_view/helpers/tags.rb +3 -1
- data/lib/action_view/helpers/text_helper.rb +55 -36
- data/lib/action_view/helpers/translation_helper.rb +74 -32
- data/lib/action_view/helpers/url_helper.rb +159 -104
- data/lib/action_view/helpers.rb +5 -1
- data/lib/action_view/layouts.rb +65 -58
- data/lib/action_view/log_subscriber.rb +60 -8
- data/lib/action_view/lookup_context.rb +80 -65
- data/lib/action_view/model_naming.rb +3 -1
- data/lib/action_view/path_set.rb +30 -19
- data/lib/action_view/railtie.rb +39 -6
- data/lib/action_view/record_identifier.rb +53 -25
- data/lib/action_view/renderer/abstract_renderer.rb +21 -15
- data/lib/action_view/renderer/partial_renderer/collection_caching.rb +57 -0
- data/lib/action_view/renderer/partial_renderer.rb +218 -214
- data/lib/action_view/renderer/renderer.rb +8 -6
- data/lib/action_view/renderer/streaming_template_renderer.rb +50 -48
- data/lib/action_view/renderer/template_renderer.rb +67 -66
- data/lib/action_view/rendering.rb +19 -14
- data/lib/action_view/routing_url_for.rb +27 -17
- data/lib/action_view/tasks/cache_digests.rake +25 -0
- data/lib/action_view/template/error.rb +16 -16
- data/lib/action_view/template/handlers/builder.rb +10 -11
- data/lib/action_view/template/handlers/erb/erubi.rb +83 -0
- data/lib/action_view/template/handlers/erb.rb +9 -80
- data/lib/action_view/template/handlers/html.rb +11 -0
- data/lib/action_view/template/handlers/raw.rb +3 -3
- data/lib/action_view/template/handlers.rb +11 -7
- data/lib/action_view/template/html.rb +5 -5
- data/lib/action_view/template/resolver.rb +140 -115
- data/lib/action_view/template/text.rb +8 -9
- data/lib/action_view/template/types.rb +18 -18
- data/lib/action_view/template.rb +56 -31
- data/lib/action_view/test_case.rb +50 -29
- data/lib/action_view/testing/resolvers.rb +31 -31
- data/lib/action_view/version.rb +3 -1
- data/lib/action_view/view_paths.rb +28 -34
- data/lib/action_view.rb +8 -7
- data/lib/assets/compiled/rails-ujs.js +720 -0
- metadata +25 -24
- data/lib/action_view/tasks/dependencies.rake +0 -23
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 285d9a982fd985cc0c7b694548154f3e7b52dac3dfa42c9c7dbbd61d07f6ed81
|
4
|
+
data.tar.gz: e877ec1372d604047b00f5a665397a42952ca07f7ed470a7c64a7c8913630f1e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6293206a2f96b9a349fe3f40f1f42fa81727e38e8333149b60df3bfd56afb39fced4f23c2643eb6fd477bf5b8095e1b31b70cd8f5abbe9d7c577fab225fadfa5
|
7
|
+
data.tar.gz: b5bffb0c64df5ba0640b1fbc0d4b75ca3e672f3172a4cd9c97280a35681be4419e82ac93b4093c6b2889c05fb26dd02e651e14c75e0aed98006ddadda2ca181d
|
data/CHANGELOG.md
CHANGED
@@ -1,357 +1,176 @@
|
|
1
|
-
## Rails
|
2
|
-
|
3
|
-
* No changes.
|
4
|
-
|
5
|
-
|
6
|
-
## Rails 4.2.11 (November 27, 2018) ##
|
7
|
-
|
8
|
-
* No changes.
|
1
|
+
## Rails 5.2.4.4 (September 09, 2020) ##
|
9
2
|
|
3
|
+
* [CVE-2020-15169] Fix potential XSS vulnerability in the `translate`/`t` helper
|
10
4
|
|
11
|
-
|
12
|
-
|
13
|
-
* No changes.
|
5
|
+
*Jonathan Hefner*
|
14
6
|
|
15
7
|
|
16
|
-
## Rails
|
8
|
+
## Rails 5.2.4.3 (May 18, 2020) ##
|
17
9
|
|
18
|
-
*
|
10
|
+
* [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs
|
19
11
|
|
20
12
|
|
21
|
-
## Rails
|
13
|
+
## Rails 5.2.4.1 (December 18, 2019) ##
|
22
14
|
|
23
15
|
* No changes.
|
24
16
|
|
25
17
|
|
26
|
-
## Rails
|
27
|
-
|
28
|
-
* No changes.
|
29
|
-
|
30
|
-
|
31
|
-
## Rails 4.2.6 (March 07, 2016) ##
|
32
|
-
|
33
|
-
* Fix stripping the digest from the automatically generated img tag alt
|
34
|
-
attribute when assets are handled by Sprockets >=3.0.
|
35
|
-
|
36
|
-
*Bart de Water*
|
37
|
-
|
38
|
-
* Create a new `ActiveSupport::SafeBuffer` instance when `content_for` is flushed.
|
39
|
-
|
40
|
-
Fixes #19890
|
41
|
-
|
42
|
-
*Yoong Kang Lim*
|
43
|
-
|
44
|
-
* Respect value of `:object` if `:object` is false when rendering.
|
45
|
-
|
46
|
-
Fixes #22260.
|
47
|
-
|
48
|
-
*Yuichiro Kaneko*
|
49
|
-
|
50
|
-
* Generate `week_field` input values using a 1-based index and not a 0-based index
|
51
|
-
as per the W3 spec: http://www.w3.org/TR/html-markup/datatypes.html#form.data.week
|
52
|
-
|
53
|
-
*Christoph Geschwind*
|
54
|
-
|
55
|
-
|
56
|
-
## Rails 4.2.5.2 (February 26, 2016) ##
|
57
|
-
|
58
|
-
* Do not allow render with unpermitted parameter.
|
59
|
-
|
60
|
-
Fixes CVE-2016-2098.
|
61
|
-
|
62
|
-
*Arthur Neves*
|
63
|
-
|
64
|
-
|
65
|
-
## Rails 4.2.5.1 (January 25, 2015) ##
|
66
|
-
|
67
|
-
* Adds boolean argument outside_app_allowed to `ActionView::Resolver#find_templates`
|
68
|
-
method.
|
69
|
-
|
70
|
-
*Aaron Patterson*
|
71
|
-
|
72
|
-
|
73
|
-
## Rails 4.2.5 (November 12, 2015) ##
|
74
|
-
|
75
|
-
* Fix `mail_to` when called with `nil` as argument.
|
76
|
-
|
77
|
-
*Rafael Mendonça França*
|
78
|
-
|
79
|
-
* `url_for` does not modify its arguments when generating polymorphic URLs.
|
80
|
-
|
81
|
-
*Bernerd Schaefer*
|
82
|
-
|
83
|
-
|
84
|
-
## Rails 4.2.4 (August 24, 2015) ##
|
85
|
-
|
86
|
-
* No Changes *
|
87
|
-
|
88
|
-
|
89
|
-
## Rails 4.2.3 (June 25, 2015) ##
|
90
|
-
|
91
|
-
* `translate` should handle `raise` flag correctly in case of both main and default
|
92
|
-
translation is missing.
|
93
|
-
|
94
|
-
Fixes #19967
|
18
|
+
## Rails 5.2.4 (November 27, 2019) ##
|
95
19
|
|
96
|
-
|
20
|
+
* Allow programmatic click events to trigger Rails UJS click handlers.
|
21
|
+
Programmatic click events (eg. ones generated by `Rails.fire(link, "click")`) don't specify a button. These events were being incorrectly stopped by code meant to ignore scroll wheel and right clicks introduced in #34573.
|
97
22
|
|
98
|
-
*
|
23
|
+
*Sudara Williams*
|
99
24
|
|
100
|
-
Fixes #19640.
|
101
25
|
|
102
|
-
|
26
|
+
## Rails 5.2.3 (March 27, 2019) ##
|
103
27
|
|
104
|
-
*
|
105
|
-
|
106
|
-
|
28
|
+
* Prevent non-primary mouse keys from triggering Rails UJS click handlers.
|
29
|
+
Firefox fires click events even if the click was triggered by non-primary mouse keys such as right- or scroll-wheel-clicks.
|
30
|
+
For example, right-clicking a link such as the one described below (with an underlying ajax request registered on click) should not cause that request to occur.
|
107
31
|
|
108
|
-
|
32
|
+
```
|
33
|
+
<%= link_to 'Remote', remote_path, class: 'remote', remote: true, data: { type: :json } %>
|
34
|
+
```
|
109
35
|
|
110
|
-
|
36
|
+
Fixes #34541
|
111
37
|
|
112
|
-
*
|
113
|
-
as input when `precision: 0` is used.
|
38
|
+
*Wolfgang Hobmaier*
|
114
39
|
|
115
|
-
Fixes #19227.
|
116
40
|
|
117
|
-
|
41
|
+
## Rails 5.2.2.1 (March 11, 2019) ##
|
118
42
|
|
43
|
+
* Only accept formats from registered mime types
|
119
44
|
|
120
|
-
|
45
|
+
A lack of filtering on mime types could allow an attacker to read
|
46
|
+
arbitrary files on the target server or to perform a denial of service
|
47
|
+
attack.
|
121
48
|
|
122
|
-
|
49
|
+
Fixes CVE-2019-5418
|
50
|
+
Fixes CVE-2019-5419
|
123
51
|
|
52
|
+
*John Hawthorn*, *Eileen M. Uchitelle*, *Aaron Patterson*
|
124
53
|
|
125
|
-
## Rails 4.2.1 (March 19, 2015) ##
|
126
54
|
|
127
|
-
|
128
|
-
but are not themselves safe, should not be marked as html_safe.
|
55
|
+
## Rails 5.2.2 (December 04, 2018) ##
|
129
56
|
|
130
|
-
|
131
|
-
|
132
|
-
* Added an explicit error message, in `ActionView::PartialRenderer`
|
133
|
-
for partial `rendering`, when the value of option `as` has invalid characters.
|
134
|
-
|
135
|
-
*Angelo Capilleri*
|
136
|
-
|
137
|
-
|
138
|
-
## Rails 4.2.0 (December 20, 2014) ##
|
139
|
-
|
140
|
-
* Local variable in a partial is now available even if a falsy value is
|
141
|
-
passed to `:object` when rendering a partial.
|
142
|
-
|
143
|
-
Fixes #17373.
|
144
|
-
|
145
|
-
*Agis Anastasopoulos*
|
146
|
-
|
147
|
-
* Add support for `:enforce_utf8` option in `form_for`.
|
148
|
-
|
149
|
-
This is the same option that was added in 06388b0 to `form_tag` and allows
|
150
|
-
users to skip the insertion of the UTF8 enforcer tag in a form.
|
151
|
-
|
152
|
-
* claudiob *
|
153
|
-
|
154
|
-
* Fix a bug that <%= foo(){ %> and <%= foo()do %> in view templates were not regarded
|
155
|
-
as Ruby block calls.
|
156
|
-
|
157
|
-
* Akira Matsuda *
|
158
|
-
|
159
|
-
* Update `select_tag` to work correctly with `:include_blank` option passing a string.
|
160
|
-
|
161
|
-
Fixes #16483.
|
162
|
-
|
163
|
-
*Frank Groeneveld*
|
164
|
-
|
165
|
-
* Changed the meaning of `render "foo/bar"`.
|
166
|
-
|
167
|
-
Previously, calling `render "foo/bar"` in a controller action is equivalent
|
168
|
-
to `render file: "foo/bar"`. In Rails 4.2, this has been changed to mean
|
169
|
-
`render template: "foo/bar"` instead. If you need to render a file, please
|
170
|
-
change your code to use the explicit form (`render file: "foo/bar"`) instead.
|
171
|
-
|
172
|
-
*Jeremy Jackson*
|
173
|
-
|
174
|
-
* Add support for ARIA attributes in tags.
|
175
|
-
|
176
|
-
Example:
|
177
|
-
|
178
|
-
<%= f.text_field :name, aria: { required: "true", hidden: "false" } %>
|
179
|
-
|
180
|
-
now generates:
|
181
|
-
|
182
|
-
<input aria-hidden="false" aria-required="true" id="user_name" name="user[name]" type="text">
|
183
|
-
|
184
|
-
*Paola Garcia Casadiego*
|
185
|
-
|
186
|
-
* Provide a `builder` object when using the `label` form helper in block form.
|
187
|
-
|
188
|
-
The new `builder` object responds to `translation`, allowing I18n fallback support
|
189
|
-
when you want to customize how a particular label is presented.
|
190
|
-
|
191
|
-
*Alex Robbin*
|
192
|
-
|
193
|
-
* Add I18n support for input/textarea placeholder text.
|
194
|
-
|
195
|
-
Placeholder I18n follows the same convention as `label` I18n.
|
196
|
-
|
197
|
-
*Alex Robbin*
|
198
|
-
|
199
|
-
* Fix that render layout: 'messages/layout' should also be added to the dependency tracker tree.
|
200
|
-
|
201
|
-
*DHH*
|
202
|
-
|
203
|
-
* Add `PartialIteration` object used when rendering collections.
|
204
|
-
|
205
|
-
The iteration object is available as the local variable
|
206
|
-
`#{template_name}_iteration` when rendering partials with collections.
|
207
|
-
|
208
|
-
It gives access to the `size` of the collection being iterated over,
|
209
|
-
the current `index` and two convenience methods `first?` and `last?`.
|
210
|
-
|
211
|
-
*Joel Junström*, *Lucas Uyezu*
|
212
|
-
|
213
|
-
* Return an absolute instead of relative path from an asset url in the case
|
214
|
-
of the `asset_host` proc returning nil.
|
215
|
-
|
216
|
-
*Jolyon Pawlyn*
|
217
|
-
|
218
|
-
* Fix `html_escape_once` to properly handle hex escape sequences (e.g. ᨫ).
|
219
|
-
|
220
|
-
*John F. Douthat*
|
221
|
-
|
222
|
-
* Added String support for min and max properties for date field helpers.
|
223
|
-
|
224
|
-
*Todd Bealmear*
|
225
|
-
|
226
|
-
* The `highlight` helper now accepts a block to be used instead of the `highlighter`
|
227
|
-
option.
|
57
|
+
* No changes.
|
228
58
|
|
229
|
-
*Lucas Mazza*
|
230
59
|
|
231
|
-
|
60
|
+
## Rails 5.2.1.1 (November 27, 2018) ##
|
232
61
|
|
233
|
-
|
62
|
+
* No changes.
|
234
63
|
|
235
|
-
* Flatten the array parameter in `safe_join`, so it behaves consistently with
|
236
|
-
`Array#join`.
|
237
64
|
|
238
|
-
|
65
|
+
## Rails 5.2.1 (August 07, 2018) ##
|
239
66
|
|
240
|
-
*
|
241
|
-
|
67
|
+
* Fix leak of `skip_default_ids` and `allow_method_names_outside_object` options
|
68
|
+
to HTML attributes.
|
242
69
|
|
243
|
-
*
|
70
|
+
*Yurii Cherniavskyi*
|
244
71
|
|
245
|
-
*
|
72
|
+
* Fix issue with `button_to`'s `to_form_params`
|
246
73
|
|
247
|
-
|
74
|
+
`button_to` was throwing exception when invoked with `params` hash that
|
75
|
+
contains symbol and string keys. The reason for the exception was that
|
76
|
+
`to_form_params` was comparing the given symbol and string keys.
|
248
77
|
|
249
|
-
|
78
|
+
The issue is fixed by turning all keys to strings inside
|
79
|
+
`to_form_params` before comparing them.
|
250
80
|
|
251
|
-
*
|
81
|
+
*Georgi Georgiev*
|
252
82
|
|
253
|
-
|
83
|
+
* Fix JavaScript views rendering does not work with Firefox when using
|
84
|
+
Content Security Policy.
|
254
85
|
|
255
|
-
|
256
|
-
overwrites `config.action_controller.asset_host` for particular asset.
|
86
|
+
Fixes #32577.
|
257
87
|
|
258
|
-
*
|
88
|
+
*Yuji Yaginuma*
|
259
89
|
|
260
|
-
*
|
261
|
-
|
262
|
-
|
90
|
+
* Add the `nonce: true` option for `javascript_include_tag` helper to
|
91
|
+
support automatic nonce generation for Content Security Policy.
|
92
|
+
Works the same way as `javascript_tag nonce: true` does.
|
263
93
|
|
264
|
-
*
|
94
|
+
*Yaroslav Markin*
|
265
95
|
|
266
|
-
* Take label values into account when doing I18n lookups for model attributes.
|
267
96
|
|
268
|
-
|
97
|
+
## Rails 5.2.0 (April 09, 2018) ##
|
269
98
|
|
270
|
-
|
271
|
-
<%= form_for @post do |f| %>
|
272
|
-
<%= f.label :type, value: "long" %>
|
273
|
-
<% end %>
|
99
|
+
* Pass the `:skip_pipeline` option in `image_submit_tag` when calling `path_to_image`.
|
274
100
|
|
275
|
-
|
276
|
-
en:
|
277
|
-
activerecord:
|
278
|
-
attributes:
|
279
|
-
post/long: "Long-form Post"
|
101
|
+
Fixes #32248.
|
280
102
|
|
281
|
-
|
282
|
-
Post".
|
103
|
+
*Andrew White*
|
283
104
|
|
284
|
-
|
105
|
+
* Allow the use of callable objects as group methods for grouped selects.
|
285
106
|
|
286
|
-
|
107
|
+
Until now, the `option_groups_from_collection_for_select` method was only able to
|
108
|
+
handle method names as `group_method` and `group_label_method` parameters,
|
109
|
+
it is now able to receive procs and other callable objects too.
|
287
110
|
|
288
|
-
|
111
|
+
*Jérémie Bonal*
|
289
112
|
|
290
|
-
|
113
|
+
* Add `preload_link_tag` helper.
|
291
114
|
|
292
|
-
|
115
|
+
This helper that allows to the browser to initiate early fetch of resources
|
116
|
+
(different to the specified in `javascript_include_tag` and `stylesheet_link_tag`).
|
117
|
+
Additionally, this sends Early Hints if supported by browser.
|
293
118
|
|
294
|
-
|
119
|
+
*Guillermo Iguaran*
|
295
120
|
|
296
|
-
|
121
|
+
* Change `form_with` to generates ids by default.
|
297
122
|
|
298
|
-
|
299
|
-
`
|
123
|
+
When `form_with` was introduced we disabled the automatic generation of ids
|
124
|
+
that was enabled in `form_for`. This usually is not an good idea since labels don't work
|
125
|
+
when the input doesn't have an id and it made harder to test with Capybara.
|
300
126
|
|
301
|
-
|
127
|
+
You can still disable the automatic generation of ids setting `config.action_view.form_with_generates_ids`
|
128
|
+
to `false.`
|
302
129
|
|
303
|
-
|
304
|
-
<link href="/assets/myicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />
|
130
|
+
*Nick Pezza*
|
305
131
|
|
306
|
-
|
132
|
+
* Fix issues with `field_error_proc` wrapping `optgroup` and select divider `option`.
|
307
133
|
|
308
|
-
|
309
|
-
<link href="/assets/myicon.ico" rel="shortcut icon" type="image/x-icon" />
|
134
|
+
Fixes #31088
|
310
135
|
|
311
|
-
*
|
136
|
+
*Matthias Neumayr*
|
312
137
|
|
313
|
-
* Remove
|
138
|
+
* Remove deprecated Erubis ERB handler.
|
314
139
|
|
315
|
-
|
316
|
-
inside a form are valid HTML5, and the absence of inline styles help in validating
|
317
|
-
for Content Security Policy.
|
140
|
+
*Rafael Mendonça França*
|
318
141
|
|
319
|
-
|
142
|
+
* Remove default `alt` text generation.
|
320
143
|
|
321
|
-
|
144
|
+
Fixes #30096
|
322
145
|
|
323
|
-
|
146
|
+
*Cameron Cundiff*
|
324
147
|
|
325
|
-
|
148
|
+
* Add `srcset` option to `image_tag` helper.
|
326
149
|
|
327
|
-
*
|
150
|
+
*Roberto Miranda*
|
328
151
|
|
329
|
-
|
152
|
+
* Fix issues with scopes and engine on `current_page?` method.
|
330
153
|
|
331
|
-
|
332
|
-
as input.
|
154
|
+
Fixes #29401.
|
333
155
|
|
334
|
-
|
156
|
+
*Nikita Savrov*
|
335
157
|
|
336
|
-
|
158
|
+
* Generate field ids in `collection_check_boxes` and `collection_radio_buttons`.
|
337
159
|
|
338
|
-
|
160
|
+
This makes sure that the labels are linked up with the fields.
|
339
161
|
|
340
|
-
|
162
|
+
Fixes #29014.
|
341
163
|
|
342
|
-
*
|
343
|
-
applied correctly.
|
164
|
+
*Yuji Yaginuma*
|
344
165
|
|
345
|
-
|
166
|
+
* Add `:json` type to `auto_discovery_link_tag` to support [JSON Feeds](https://jsonfeed.org/version/1).
|
346
167
|
|
347
|
-
*
|
168
|
+
*Mike Gunderloy*
|
348
169
|
|
349
|
-
*
|
170
|
+
* Update `distance_of_time_in_words` helper to display better error messages
|
171
|
+
for bad input.
|
350
172
|
|
351
|
-
|
352
|
-
to support variants and allow more flexibility in the future. The support for
|
353
|
-
regular (required) arguments is deprecated and will be removed in Rails 5.0 or later.
|
173
|
+
*Jay Hayes*
|
354
174
|
|
355
|
-
*Piotr Chmolowski, Łukasz Strzałkowski*
|
356
175
|
|
357
|
-
Please check [
|
176
|
+
Please check [5-1-stable](https://github.com/rails/rails/blob/5-1-stable/actionview/CHANGELOG.md) for previous changes.
|
data/MIT-LICENSE
CHANGED
data/README.rdoc
CHANGED
@@ -9,18 +9,18 @@ used to inline short Ruby snippets inside HTML), and XML Builder.
|
|
9
9
|
|
10
10
|
The latest version of Action View can be installed with RubyGems:
|
11
11
|
|
12
|
-
|
12
|
+
$ gem install actionview
|
13
13
|
|
14
|
-
Source code can be downloaded as part of the Rails project on GitHub
|
14
|
+
Source code can be downloaded as part of the Rails project on GitHub:
|
15
15
|
|
16
|
-
* https://github.com/rails/rails/tree/
|
16
|
+
* https://github.com/rails/rails/tree/5-2-stable/actionview
|
17
17
|
|
18
18
|
|
19
19
|
== License
|
20
20
|
|
21
21
|
Action View is released under the MIT license:
|
22
22
|
|
23
|
-
*
|
23
|
+
* https://opensource.org/licenses/MIT
|
24
24
|
|
25
25
|
|
26
26
|
== Support
|
@@ -29,11 +29,10 @@ API documentation is at
|
|
29
29
|
|
30
30
|
* http://api.rubyonrails.org
|
31
31
|
|
32
|
-
Bug reports
|
32
|
+
Bug reports for the Ruby on Rails project can be filed here:
|
33
33
|
|
34
34
|
* https://github.com/rails/rails/issues
|
35
35
|
|
36
36
|
Feature requests should be discussed on the rails-core mailing list here:
|
37
37
|
|
38
38
|
* https://groups.google.com/forum/?fromgroups#!forum/rubyonrails-core
|
39
|
-
|
data/lib/action_view/base.rb
CHANGED
@@ -1,23 +1,25 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
6
|
-
require
|
7
|
-
require
|
8
|
-
require
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "active_support/core_ext/module/attr_internal"
|
4
|
+
require "active_support/core_ext/module/attribute_accessors"
|
5
|
+
require "active_support/ordered_options"
|
6
|
+
require "action_view/log_subscriber"
|
7
|
+
require "action_view/helpers"
|
8
|
+
require "action_view/context"
|
9
|
+
require "action_view/template"
|
10
|
+
require "action_view/lookup_context"
|
9
11
|
|
10
12
|
module ActionView #:nodoc:
|
11
13
|
# = Action View Base
|
12
14
|
#
|
13
15
|
# Action View templates can be written in several ways.
|
14
|
-
# If the template file has a <tt>.erb</tt> extension, then it uses the
|
16
|
+
# If the template file has a <tt>.erb</tt> extension, then it uses the erubi[https://rubygems.org/gems/erubi]
|
15
17
|
# template system which can embed Ruby into an HTML document.
|
16
18
|
# If the template file has a <tt>.builder</tt> extension, then Jim Weirich's Builder::XmlMarkup library is used.
|
17
19
|
#
|
18
20
|
# == ERB
|
19
21
|
#
|
20
|
-
# You trigger ERB by using embeddings such as
|
22
|
+
# You trigger ERB by using embeddings such as <tt><% %></tt>, <tt><% -%></tt>, and <tt><%= %></tt>. The <tt><%= %></tt> tag set is used when you want output. Consider the
|
21
23
|
# following loop for names:
|
22
24
|
#
|
23
25
|
# <b>Names of all the people</b>
|
@@ -25,7 +27,7 @@ module ActionView #:nodoc:
|
|
25
27
|
# Name: <%= person.name %><br/>
|
26
28
|
# <% end %>
|
27
29
|
#
|
28
|
-
# The loop is setup in regular embedding tags
|
30
|
+
# The loop is setup in regular embedding tags <tt><% %></tt>, and the name is written using the output embedding tag <tt><%= %></tt>. Note that this
|
29
31
|
# is not just a usage suggestion. Regular output functions like print or puts won't work with ERB templates. So this would be wrong:
|
30
32
|
#
|
31
33
|
# <%# WRONG %>
|
@@ -33,9 +35,9 @@ module ActionView #:nodoc:
|
|
33
35
|
#
|
34
36
|
# If you absolutely must write from within a function use +concat+.
|
35
37
|
#
|
36
|
-
# When on a line that only contains whitespaces except for the tag,
|
37
|
-
# including the trailing newline.
|
38
|
-
# Note however that
|
38
|
+
# When on a line that only contains whitespaces except for the tag, <tt><% %></tt> suppresses leading and trailing whitespace,
|
39
|
+
# including the trailing newline. <tt><% %></tt> and <tt><%- -%></tt> are the same.
|
40
|
+
# Note however that <tt><%= %></tt> and <tt><%= -%></tt> are different: only the latter removes trailing whitespaces.
|
39
41
|
#
|
40
42
|
# === Using sub templates
|
41
43
|
#
|
@@ -70,6 +72,14 @@ module ActionView #:nodoc:
|
|
70
72
|
# Headline: <%= headline %>
|
71
73
|
# First name: <%= person.first_name %>
|
72
74
|
#
|
75
|
+
# The local variables passed to sub templates can be accessed as a hash using the <tt>local_assigns</tt> hash. This lets you access the
|
76
|
+
# variables as:
|
77
|
+
#
|
78
|
+
# Headline: <%= local_assigns[:headline] %>
|
79
|
+
#
|
80
|
+
# This is useful in cases where you aren't sure if the local variable has been assigned. Alternatively, you could also use
|
81
|
+
# <tt>defined? headline</tt> to first check if the variable has been assigned before using it.
|
82
|
+
#
|
73
83
|
# === Template caching
|
74
84
|
#
|
75
85
|
# By default, Rails will compile each template to a method in order to render it. When you alter a template,
|
@@ -102,7 +112,7 @@ module ActionView #:nodoc:
|
|
102
112
|
# <p>A product of Danish Design during the Winter of '79...</p>
|
103
113
|
# </div>
|
104
114
|
#
|
105
|
-
#
|
115
|
+
# Here is a full-length RSS example actually used on Basecamp:
|
106
116
|
#
|
107
117
|
# xml.rss("version" => "2.0", "xmlns:dc" => "http://purl.org/dc/elements/1.1/") do
|
108
118
|
# xml.channel do
|
@@ -126,38 +136,37 @@ module ActionView #:nodoc:
|
|
126
136
|
# end
|
127
137
|
# end
|
128
138
|
#
|
129
|
-
# For more information on Builder please consult the
|
130
|
-
# code
|
139
|
+
# For more information on Builder please consult the {source
|
140
|
+
# code}[https://github.com/jimweirich/builder].
|
131
141
|
class Base
|
132
142
|
include Helpers, ::ERB::Util, Context
|
133
143
|
|
134
144
|
# Specify the proc used to decorate input tags that refer to attributes with errors.
|
135
|
-
cattr_accessor :field_error_proc
|
136
|
-
@@field_error_proc = Proc.new{ |html_tag, instance| "<div class=\"field_with_errors\">#{html_tag}</div>".html_safe }
|
145
|
+
cattr_accessor :field_error_proc, default: Proc.new { |html_tag, instance| "<div class=\"field_with_errors\">#{html_tag}</div>".html_safe }
|
137
146
|
|
138
147
|
# How to complete the streaming when an exception occurs.
|
139
148
|
# This is our best guess: first try to close the attribute, then the tag.
|
140
|
-
cattr_accessor :streaming_completion_on_exception
|
141
|
-
@@streaming_completion_on_exception = %("><script>window.location = "/500.html"</script></html>)
|
149
|
+
cattr_accessor :streaming_completion_on_exception, default: %("><script>window.location = "/500.html"</script></html>)
|
142
150
|
|
143
151
|
# Specify whether rendering within namespaced controllers should prefix
|
144
152
|
# the partial paths for ActiveModel objects with the namespace.
|
145
153
|
# (e.g., an Admin::PostsController would render @post using /admin/posts/_post.erb)
|
146
|
-
cattr_accessor :prefix_partial_path_with_controller_namespace
|
147
|
-
@@prefix_partial_path_with_controller_namespace = true
|
154
|
+
cattr_accessor :prefix_partial_path_with_controller_namespace, default: true
|
148
155
|
|
149
156
|
# Specify default_formats that can be rendered.
|
150
157
|
cattr_accessor :default_formats
|
151
158
|
|
152
159
|
# Specify whether an error should be raised for missing translations
|
153
|
-
cattr_accessor :raise_on_missing_translations
|
154
|
-
|
160
|
+
cattr_accessor :raise_on_missing_translations, default: false
|
161
|
+
|
162
|
+
# Specify whether submit_tag should automatically disable on click
|
163
|
+
cattr_accessor :automatically_disable_submit_tag, default: true
|
155
164
|
|
156
165
|
class_attribute :_routes
|
157
166
|
class_attribute :logger
|
158
167
|
|
159
168
|
class << self
|
160
|
-
delegate :erb_trim_mode=, :
|
169
|
+
delegate :erb_trim_mode=, to: "ActionView::Template::Handlers::ERB"
|
161
170
|
|
162
171
|
def cache_template_loading
|
163
172
|
ActionView::Resolver.caching?
|
@@ -175,8 +184,8 @@ module ActionView #:nodoc:
|
|
175
184
|
attr_accessor :view_renderer
|
176
185
|
attr_internal :config, :assigns
|
177
186
|
|
178
|
-
delegate :lookup_context, :
|
179
|
-
delegate :formats, :formats=, :locale, :locale=, :view_paths, :view_paths=, :
|
187
|
+
delegate :lookup_context, to: :view_renderer
|
188
|
+
delegate :formats, :formats=, :locale, :locale=, :view_paths, :view_paths=, to: :lookup_context
|
180
189
|
|
181
190
|
def assign(new_assigns) # :nodoc:
|
182
191
|
@_assigns = new_assigns.each { |key, value| instance_variable_set("@#{key}", value) }
|
@@ -195,6 +204,7 @@ module ActionView #:nodoc:
|
|
195
204
|
@view_renderer = ActionView::Renderer.new(lookup_context)
|
196
205
|
end
|
197
206
|
|
207
|
+
@cache_hit = {}
|
198
208
|
assign(assigns)
|
199
209
|
assign_controller(controller)
|
200
210
|
_prepare_context
|