actionview 5.2.7.1 → 6.0.0.beta1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionview might be problematic. Click here for more details.

Files changed (46) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +106 -152
  3. data/MIT-LICENSE +1 -1
  4. data/README.rdoc +1 -1
  5. data/lib/action_view/buffers.rb +15 -0
  6. data/lib/action_view/context.rb +5 -4
  7. data/lib/action_view/digestor.rb +7 -6
  8. data/lib/action_view/gem_version.rb +4 -4
  9. data/lib/action_view/helpers/asset_tag_helper.rb +4 -27
  10. data/lib/action_view/helpers/asset_url_helper.rb +4 -3
  11. data/lib/action_view/helpers/cache_helper.rb +18 -10
  12. data/lib/action_view/helpers/capture_helper.rb +4 -0
  13. data/lib/action_view/helpers/csrf_helper.rb +1 -1
  14. data/lib/action_view/helpers/date_helper.rb +69 -25
  15. data/lib/action_view/helpers/form_helper.rb +240 -8
  16. data/lib/action_view/helpers/form_options_helper.rb +23 -15
  17. data/lib/action_view/helpers/form_tag_helper.rb +9 -9
  18. data/lib/action_view/helpers/javascript_helper.rb +10 -11
  19. data/lib/action_view/helpers/number_helper.rb +5 -0
  20. data/lib/action_view/helpers/sanitize_helper.rb +3 -3
  21. data/lib/action_view/helpers/tag_helper.rb +13 -43
  22. data/lib/action_view/helpers/tags/base.rb +8 -4
  23. data/lib/action_view/helpers/tags/color_field.rb +1 -1
  24. data/lib/action_view/helpers/tags/translator.rb +1 -6
  25. data/lib/action_view/helpers/text_helper.rb +3 -3
  26. data/lib/action_view/helpers/translation_helper.rb +11 -18
  27. data/lib/action_view/helpers/url_helper.rb +14 -14
  28. data/lib/action_view/helpers.rb +0 -2
  29. data/lib/action_view/log_subscriber.rb +6 -6
  30. data/lib/action_view/lookup_context.rb +4 -4
  31. data/lib/action_view/railtie.rb +18 -0
  32. data/lib/action_view/record_identifier.rb +2 -2
  33. data/lib/action_view/renderer/partial_renderer/collection_caching.rb +40 -1
  34. data/lib/action_view/renderer/partial_renderer.rb +2 -2
  35. data/lib/action_view/renderer/streaming_template_renderer.rb +1 -1
  36. data/lib/action_view/rendering.rb +5 -4
  37. data/lib/action_view/routing_url_for.rb +12 -11
  38. data/lib/action_view/template/handlers/erb.rb +12 -2
  39. data/lib/action_view/template/resolver.rb +56 -16
  40. data/lib/action_view/template.rb +25 -8
  41. data/lib/action_view/test_case.rb +1 -1
  42. data/lib/action_view/testing/resolvers.rb +1 -1
  43. data/lib/action_view.rb +1 -1
  44. data/lib/assets/compiled/rails-ujs.js +39 -22
  45. metadata +17 -18
  46. data/lib/action_view/helpers/record_tag_helper.rb +0 -23
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0b2a6c8b465b9914ab6831b8972018525cb2fc2a0c7f950a693ba7895ff52923
4
- data.tar.gz: 1e9b4548ad481fed3e2b7dec7d256a611e858c8eee70e118d38daaa93f72f7b8
3
+ metadata.gz: 58d19af0e853c217ca89f2167775195c7a44ebba26e4d9a682aabeb6a25b6af4
4
+ data.tar.gz: 15d2c9faa90c17d33772df3ce0eacccecb090e7310af47ab1d82bca6448a2a11
5
5
  SHA512:
6
- metadata.gz: a2e838a423037a30cf4e4e12e8aab64c8e8493f1a370f921be0f7cfbfa92669da4f13cf7cd3c03c42d2c3a2f516b661ba1ca7baa4cf409bf3709b12d3b9692af
7
- data.tar.gz: a705450df376aa7abcdd1762ee4f5a9cfc3165bd5102c7c82a7209f8910bd8d46f52d014c3a3feb5f22bfac327414dfeacd75d948b0e2f0ae5d746f0aab71dc7
6
+ metadata.gz: dc169a10649b5f6cdfb8488bd16cbb7cab049081e7a6c53821cfab497e8035c7843c690e3bffcffc571bf2f610e5f2b7eee80283f622262d5ff9f1f20c8ef210
7
+ data.tar.gz: ed371d7bec363bafe775d5a1ed3d11a1002f96589c142c662afabc1862c71314427fc07004d0bfa4bc2ac5078f0c0b38410ccca1ee738594223a1a3a336ffa14
data/CHANGELOG.md CHANGED
@@ -1,90 +1,18 @@
1
- ## Rails 5.2.7.1 (April 26, 2022) ##
1
+ ## Rails 6.0.0.beta1 (January 18, 2019) ##
2
2
 
3
- * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
3
+ * Remove deprecated `image_alt` helper.
4
4
 
5
- Escape dangerous characters in names of tags and names of attributes in the
6
- tag helpers, following the XML specification. Rename the option
7
- `:escape_attributes` to `:escape`, to simplify by applying the option to the
8
- whole tag.
9
-
10
- *Álvaro Martín Fraguas*
11
-
12
-
13
- ## Rails 5.2.7 (March 10, 2022) ##
14
-
15
- * No changes.
16
-
17
-
18
- ## Rails 5.2.6.3 (March 08, 2022) ##
19
-
20
- * No changes.
21
-
22
-
23
- ## Rails 5.2.6.2 (February 11, 2022) ##
24
-
25
- * No changes.
26
-
27
-
28
- ## Rails 5.2.6.1 (February 11, 2022) ##
29
-
30
- * No changes.
31
-
32
-
33
- ## Rails 5.2.6 (May 05, 2021) ##
34
-
35
- * No changes.
36
-
37
-
38
- ## Rails 5.2.5 (March 26, 2021) ##
39
-
40
- * No changes.
41
-
42
-
43
- ## Rails 5.2.4.6 (May 05, 2021) ##
44
-
45
- * No changes.
46
-
47
-
48
- ## Rails 5.2.4.5 (February 10, 2021) ##
49
-
50
- * No changes.
51
-
52
-
53
- ## Rails 5.2.4.4 (September 09, 2020) ##
54
-
55
- * [CVE-2020-15169] Fix potential XSS vulnerability in the `translate`/`t` helper
56
-
57
- *Jonathan Hefner*
58
-
59
-
60
- ## Rails 5.2.4.3 (May 18, 2020) ##
61
-
62
- * [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs
63
-
64
-
65
- ## Rails 5.2.4.2 (March 19, 2020) ##
66
-
67
- * Fix possible XSS vector in `escape_javascript` helper
68
-
69
- CVE-2020-5267
70
-
71
- *Aaron Patterson*
72
-
73
-
74
- ## Rails 5.2.4.1 (December 18, 2019) ##
75
-
76
- * No changes.
77
-
78
-
79
- ## Rails 5.2.4 (November 27, 2019) ##
5
+ *Rafael Mendonça França*
80
6
 
81
- * Allow programmatic click events to trigger Rails UJS click handlers.
82
- Programmatic click events (eg. ones generated by `Rails.fire(link, "click")`) don't specify a button. These events were being incorrectly stopped by code meant to ignore scroll wheel and right clicks introduced in #34573.
7
+ * Fix the need of `#protect_against_forgery?` method defined in
8
+ `ActionView::Base` subclasses. This prevents the use of forms and buttons.
83
9
 
84
- *Sudara Williams*
10
+ *Genadi Samokovarov*
85
11
 
12
+ * Fix UJS permanently showing disabled text in a[data-remote][data-disable-with] elements within forms.
13
+ Fixes #33889
86
14
 
87
- ## Rails 5.2.3 (March 27, 2019) ##
15
+ *Wolfgang Hobmaier*
88
16
 
89
17
  * Prevent non-primary mouse keys from triggering Rails UJS click handlers.
90
18
  Firefox fires click events even if the click was triggered by non-primary mouse keys such as right- or scroll-wheel-clicks.
@@ -98,37 +26,50 @@
98
26
 
99
27
  *Wolfgang Hobmaier*
100
28
 
29
+ * Prevent `ActionView::TextHelper#word_wrap` from unexpectedly stripping white space from the _left_ side of lines.
30
+
31
+ For example, given input like this:
101
32
 
102
- ## Rails 5.2.2.1 (March 11, 2019) ##
33
+ ```
34
+ This is a paragraph with an initial indent,
35
+ followed by additional lines that are not indented,
36
+ and finally terminated with a blockquote:
37
+ "A pithy saying"
38
+ ```
103
39
 
104
- * Only accept formats from registered mime types
40
+ Calling `word_wrap` should not trim the indents on the first and last lines.
105
41
 
106
- A lack of filtering on mime types could allow an attacker to read
107
- arbitrary files on the target server or to perform a denial of service
108
- attack.
42
+ Fixes #34487
109
43
 
110
- Fixes CVE-2019-5418
111
- Fixes CVE-2019-5419
44
+ *Lyle Mullican*
112
45
 
113
- *John Hawthorn*, *Eileen M. Uchitelle*, *Aaron Patterson*
46
+ * Add allocations to template rendering instrumentation.
114
47
 
48
+ Adds the allocations for template and partial rendering to the server output on render.
115
49
 
116
- ## Rails 5.2.2 (December 04, 2018) ##
50
+ ```
51
+ Rendered posts/_form.html.erb (Duration: 7.1ms | Allocations: 6004)
52
+ Rendered posts/new.html.erb within layouts/application (Duration: 8.3ms | Allocations: 6654)
53
+ Completed 200 OK in 858ms (Views: 848.4ms | ActiveRecord: 0.4ms | Allocations: 1539564)
54
+ ```
117
55
 
118
- * No changes.
56
+ *Eileen M. Uchitelle*, *Aaron Patterson*
119
57
 
58
+ * Respect the `only_path` option passed to `url_for` when the options are passed in as an array
120
59
 
121
- ## Rails 5.2.1.1 (November 27, 2018) ##
60
+ Fixes #33237.
122
61
 
123
- * No changes.
62
+ *Joel Ambass*
124
63
 
64
+ * Deprecate calling private model methods from view helpers.
125
65
 
126
- ## Rails 5.2.1 (August 07, 2018) ##
66
+ For example, in methods like `options_from_collection_for_select`
67
+ and `collection_select` it is possible to call private methods from
68
+ the objects used.
127
69
 
128
- * Fix leak of `skip_default_ids` and `allow_method_names_outside_object` options
129
- to HTML attributes.
70
+ Fixes #33546.
130
71
 
131
- *Yurii Cherniavskyi*
72
+ *Ana María Martínez Gómez*
132
73
 
133
74
  * Fix issue with `button_to`'s `to_form_params`
134
75
 
@@ -141,97 +82,110 @@
141
82
 
142
83
  *Georgi Georgiev*
143
84
 
144
- * Fix JavaScript views rendering does not work with Firefox when using
145
- Content Security Policy.
146
-
147
- Fixes #32577.
148
-
149
- *Yuji Yaginuma*
85
+ * Mark arrays of translations as trusted safe by using the `_html` suffix.
150
86
 
151
- * Add the `nonce: true` option for `javascript_include_tag` helper to
152
- support automatic nonce generation for Content Security Policy.
153
- Works the same way as `javascript_tag nonce: true` does.
87
+ Example:
154
88
 
155
- *Yaroslav Markin*
89
+ en:
90
+ foo_html:
91
+ - "One"
92
+ - "<strong>Two</strong>"
93
+ - "Three &#128075; &#128578;"
156
94
 
95
+ *Juan Broullon*
157
96
 
158
- ## Rails 5.2.0 (April 09, 2018) ##
97
+ * Add `year_format` option to date_select tag. This option makes it possible to customize year
98
+ names. Lambda should be passed to use this option.
159
99
 
160
- * Pass the `:skip_pipeline` option in `image_submit_tag` when calling `path_to_image`.
100
+ Example:
161
101
 
162
- Fixes #32248.
102
+ date_select('user_birthday', '', start_year: 1998, end_year: 2000, year_format: ->year { "Heisei #{year - 1988}" })
163
103
 
164
- *Andrew White*
165
-
166
- * Allow the use of callable objects as group methods for grouped selects.
104
+ The HTML produced:
167
105
 
168
- Until now, the `option_groups_from_collection_for_select` method was only able to
169
- handle method names as `group_method` and `group_label_method` parameters,
170
- it is now able to receive procs and other callable objects too.
106
+ <select id="user_birthday__1i" name="user_birthday[(1i)]">
107
+ <option value="1998">Heisei 10</option>
108
+ <option value="1999">Heisei 11</option>
109
+ <option value="2000">Heisei 12</option>
110
+ </select>
111
+ /* The rest is omitted */
171
112
 
172
- *Jérémie Bonal*
113
+ *Koki Ryu*
173
114
 
174
- * Add `preload_link_tag` helper.
115
+ * Fix JavaScript views rendering does not work with Firefox when using
116
+ Content Security Policy.
175
117
 
176
- This helper that allows to the browser to initiate early fetch of resources
177
- (different to the specified in `javascript_include_tag` and `stylesheet_link_tag`).
178
- Additionally, this sends Early Hints if supported by browser.
118
+ Fixes #32577.
179
119
 
180
- *Guillermo Iguaran*
120
+ *Yuji Yaginuma*
181
121
 
182
- * Change `form_with` to generates ids by default.
122
+ * Add the `nonce: true` option for `javascript_include_tag` helper to
123
+ support automatic nonce generation for Content Security Policy.
124
+ Works the same way as `javascript_tag nonce: true` does.
183
125
 
184
- When `form_with` was introduced we disabled the automatic generation of ids
185
- that was enabled in `form_for`. This usually is not an good idea since labels don't work
186
- when the input doesn't have an id and it made harder to test with Capybara.
126
+ *Yaroslav Markin*
187
127
 
188
- You can still disable the automatic generation of ids setting `config.action_view.form_with_generates_ids`
189
- to `false.`
128
+ * Remove `ActionView::Helpers::RecordTagHelper`.
190
129
 
191
- *Nick Pezza*
130
+ *Yoshiyuki Hirano*
192
131
 
193
- * Fix issues with `field_error_proc` wrapping `optgroup` and select divider `option`.
132
+ * Disable `ActionView::Template` finalizers in test environment.
194
133
 
195
- Fixes #31088
134
+ Template finalization can be expensive in large view test suites.
135
+ Add a configuration option,
136
+ `action_view.finalize_compiled_template_methods`, and turn it off in
137
+ the test environment.
196
138
 
197
- *Matthias Neumayr*
139
+ *Simon Coffey*
198
140
 
199
- * Remove deprecated Erubis ERB handler.
141
+ * Extract the `confirm` call in its own, overridable method in `rails_ujs`.
200
142
 
201
- *Rafael Mendonça França*
143
+ Example:
202
144
 
203
- * Remove default `alt` text generation.
145
+ Rails.confirm = function(message, element) {
146
+ return (my_bootstrap_modal_confirm(message));
147
+ }
204
148
 
205
- Fixes #30096
149
+ *Mathieu Mahé*
206
150
 
207
- *Cameron Cundiff*
151
+ * Enable select tag helper to mark `prompt` option as `selected` and/or `disabled` for `required`
152
+ field.
208
153
 
209
- * Add `srcset` option to `image_tag` helper.
154
+ Example:
210
155
 
211
- *Roberto Miranda*
156
+ select :post,
157
+ :category,
158
+ ["lifestyle", "programming", "spiritual"],
159
+ { selected: "", disabled: "", prompt: "Choose one" },
160
+ { required: true }
212
161
 
213
- * Fix issues with scopes and engine on `current_page?` method.
162
+ Placeholder option would be selected and disabled.
214
163
 
215
- Fixes #29401.
164
+ The HTML produced:
216
165
 
217
- *Nikita Savrov*
166
+ <select required="required" name="post[category]" id="post_category">
167
+ <option disabled="disabled" selected="selected" value="">Choose one</option>
168
+ <option value="lifestyle">lifestyle</option>
169
+ <option value="programming">programming</option>
170
+ <option value="spiritual">spiritual</option></select>
218
171
 
219
- * Generate field ids in `collection_check_boxes` and `collection_radio_buttons`.
172
+ *Sergey Prikhodko*
220
173
 
221
- This makes sure that the labels are linked up with the fields.
174
+ * Don't enforce UTF-8 by default.
222
175
 
223
- Fixes #29014.
176
+ With the disabling of TLS 1.0 by most major websites, continuing to run
177
+ IE8 or lower becomes increasingly difficult so default to not enforcing
178
+ UTF-8 encoding as it's not relevant to other browsers.
224
179
 
225
- *Yuji Yaginuma*
180
+ *Andrew White*
226
181
 
227
- * Add `:json` type to `auto_discovery_link_tag` to support [JSON Feeds](https://jsonfeed.org/version/1).
182
+ * Change translation key of `submit_tag` from `module_name_class_name` to `module_name/class_name`.
228
183
 
229
- *Mike Gunderloy*
184
+ *Rui Onodera*
230
185
 
231
- * Update `distance_of_time_in_words` helper to display better error messages
232
- for bad input.
186
+ * Rails 6 requires Ruby 2.5.0 or newer.
233
187
 
234
- *Jay Hayes*
188
+ *Jeremy Daer*, *Kasper Timm Hansen*
235
189
 
236
190
 
237
- Please check [5-1-stable](https://github.com/rails/rails/blob/5-1-stable/actionview/CHANGELOG.md) for previous changes.
191
+ Please check [5-2-stable](https://github.com/rails/rails/blob/5-2-stable/actionview/CHANGELOG.md) for previous changes.
data/MIT-LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2004-2018 David Heinemeier Hansson
1
+ Copyright (c) 2004-2019 David Heinemeier Hansson
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/README.rdoc CHANGED
@@ -13,7 +13,7 @@ The latest version of Action View can be installed with RubyGems:
13
13
 
14
14
  Source code can be downloaded as part of the Rails project on GitHub:
15
15
 
16
- * https://github.com/rails/rails/tree/5-2-stable/actionview
16
+ * https://github.com/rails/rails/tree/master/actionview
17
17
 
18
18
 
19
19
  == License
@@ -3,6 +3,21 @@
3
3
  require "active_support/core_ext/string/output_safety"
4
4
 
5
5
  module ActionView
6
+ # Used as a buffer for views
7
+ #
8
+ # The main difference between this and ActiveSupport::SafeBuffer
9
+ # is for the methods `<<` and `safe_expr_append=` the inputs are
10
+ # checked for nil before they are assigned and `to_s` is called on
11
+ # the input. For example:
12
+ #
13
+ # obuf = ActionView::OutputBuffer.new "hello"
14
+ # obuf << 5
15
+ # puts obuf # => "hello5"
16
+ #
17
+ # sbuf = ActiveSupport::SafeBuffer.new "hello"
18
+ # sbuf << 5
19
+ # puts sbuf # => "hello\u0005"
20
+ #
6
21
  class OutputBuffer < ActiveSupport::SafeBuffer #:nodoc:
7
22
  def initialize(*)
8
23
  super
@@ -10,10 +10,11 @@ module ActionView
10
10
  # Action View contexts are supplied to Action Controller to render a template.
11
11
  # The default Action View context is ActionView::Base.
12
12
  #
13
- # In order to work with ActionController, a Context must just include this module.
14
- # The initialization of the variables used by the context (@output_buffer, @view_flow,
15
- # and @virtual_path) is responsibility of the object that includes this module
16
- # (although you can call _prepare_context defined below).
13
+ # In order to work with Action Controller, a Context must just include this
14
+ # module. The initialization of the variables used by the context
15
+ # (@output_buffer, @view_flow, and @virtual_path) is responsibility of the
16
+ # object that includes this module (although you can call _prepare_context
17
+ # defined below).
17
18
  module Context
18
19
  include CompiledTemplates
19
20
  attr_accessor :output_buffer, :view_flow
@@ -1,8 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require "concurrent/map"
4
3
  require "action_view/dependency_tracker"
5
- require "monitor"
6
4
 
7
5
  module ActionView
8
6
  class Digestor
@@ -20,9 +18,12 @@ module ActionView
20
18
  # * <tt>name</tt> - Template name
21
19
  # * <tt>finder</tt> - An instance of <tt>ActionView::LookupContext</tt>
22
20
  # * <tt>dependencies</tt> - An array of dependent views
23
- def digest(name:, finder:, dependencies: [])
24
- dependencies ||= []
25
- cache_key = [ name, finder.rendered_format, dependencies ].flatten.compact.join(".")
21
+ def digest(name:, finder:, dependencies: nil)
22
+ if dependencies.nil? || dependencies.empty?
23
+ cache_key = "#{name}.#{finder.rendered_format}"
24
+ else
25
+ cache_key = [ name, finder.rendered_format, dependencies ].flatten.compact.join(".")
26
+ end
26
27
 
27
28
  # this is a correctly done double-checked locking idiom
28
29
  # (Concurrent::Map's lookups have volatile semantics)
@@ -32,7 +33,7 @@ module ActionView
32
33
  root = tree(name, finder, partial)
33
34
  dependencies.each do |injected_dep|
34
35
  root.children << Injected.new(injected_dep, nil, nil)
35
- end
36
+ end if dependencies
36
37
  finder.digest_cache[cache_key] = root.digest(finder)
37
38
  end
38
39
  end
@@ -7,10 +7,10 @@ module ActionView
7
7
  end
8
8
 
9
9
  module VERSION
10
- MAJOR = 5
11
- MINOR = 2
12
- TINY = 7
13
- PRE = "1"
10
+ MAJOR = 6
11
+ MINOR = 0
12
+ TINY = 0
13
+ PRE = "beta1"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
@@ -55,7 +55,7 @@ module ActionView
55
55
  # that path.
56
56
  # * <tt>:skip_pipeline</tt> - This option is used to bypass the asset pipeline
57
57
  # when it is set to true.
58
- # * <tt>:nonce<tt> - When set to true, adds an automatic nonce value if
58
+ # * <tt>:nonce</tt> - When set to true, adds an automatic nonce value if
59
59
  # you have Content Security Policy enabled.
60
60
  #
61
61
  # ==== Examples
@@ -98,7 +98,7 @@ module ActionView
98
98
  if tag_options["nonce"] == true
99
99
  tag_options["nonce"] = content_security_policy_nonce
100
100
  end
101
- content_tag("script".freeze, "", tag_options)
101
+ content_tag("script", "", tag_options)
102
102
  }.join("\n").html_safe
103
103
 
104
104
  request.send_early_hints("Link" => early_hints_links.join("\n")) if respond_to?(:request) && request
@@ -333,9 +333,9 @@ module ActionView
333
333
  #
334
334
  # image_tag(user.avatar)
335
335
  # # => <img src="/rails/active_storage/blobs/.../tiger.jpg" />
336
- # image_tag(user.avatar.variant(resize: "100x100"))
336
+ # image_tag(user.avatar.variant(resize_to_fit: [100, 100]))
337
337
  # # => <img src="/rails/active_storage/variants/.../tiger.jpg" />
338
- # image_tag(user.avatar.variant(resize: "100x100"), size: '100')
338
+ # image_tag(user.avatar.variant(resize_to_fit: [100, 100]), size: '100')
339
339
  # # => <img width="100" height="100" src="/rails/active_storage/variants/.../tiger.jpg" />
340
340
  def image_tag(source, options = {})
341
341
  options = options.symbolize_keys
@@ -355,29 +355,6 @@ module ActionView
355
355
  tag("img", options)
356
356
  end
357
357
 
358
- # Returns a string suitable for an HTML image tag alt attribute.
359
- # The +src+ argument is meant to be an image file path.
360
- # The method removes the basename of the file path and the digest,
361
- # if any. It also removes hyphens and underscores from file names and
362
- # replaces them with spaces, returning a space-separated, titleized
363
- # string.
364
- #
365
- # ==== Examples
366
- #
367
- # image_alt('rails.png')
368
- # # => Rails
369
- #
370
- # image_alt('hyphenated-file-name.png')
371
- # # => Hyphenated file name
372
- #
373
- # image_alt('underscored_file_name.png')
374
- # # => Underscored file name
375
- def image_alt(src)
376
- ActiveSupport::Deprecation.warn("image_alt is deprecated and will be removed from Rails 6.0. You must explicitly set alt text on images.")
377
-
378
- File.basename(src, ".*".freeze).sub(/-[[:xdigit:]]{32,64}\z/, "".freeze).tr("-_".freeze, " ".freeze).capitalize
379
- end
380
-
381
358
  # Returns an HTML video tag for the +sources+. If +sources+ is a string,
382
359
  # a single video tag will be returned. If +sources+ is an array, a video
383
360
  # tag with nested source tags for each source will be returned. The
@@ -98,8 +98,9 @@ module ActionView
98
98
  # have SSL certificates for each of the asset hosts this technique allows you
99
99
  # to avoid warnings in the client about mixed media.
100
100
  # Note that the +request+ parameter might not be supplied, e.g. when the assets
101
- # are precompiled via a Rake task. Make sure to use a +Proc+ instead of a lambda,
102
- # since a +Proc+ allows missing parameters and sets them to +nil+.
101
+ # are precompiled with the command `rails assets:precompile`. Make sure to use a
102
+ # +Proc+ instead of a lambda, since a +Proc+ allows missing parameters and sets them
103
+ # to +nil+.
103
104
  #
104
105
  # config.action_controller.asset_host = Proc.new { |source, request|
105
106
  # if request && request.ssl?
@@ -187,7 +188,7 @@ module ActionView
187
188
  return "" if source.blank?
188
189
  return source if URI_REGEXP.match?(source)
189
190
 
190
- tail, source = source[/([\?#].+)$/], source.sub(/([\?#].+)$/, "".freeze)
191
+ tail, source = source[/([\?#].+)$/], source.sub(/([\?#].+)$/, "")
191
192
 
192
193
  if extname = compute_asset_extname(source, options)
193
194
  source = "#{source}#{extname}"
@@ -201,34 +201,42 @@ module ActionView
201
201
  end
202
202
 
203
203
  # This helper returns the name of a cache key for a given fragment cache
204
- # call. By supplying +skip_digest:+ true to cache, the digestion of cache
204
+ # call. By supplying <tt>skip_digest: true</tt> to cache, the digestion of cache
205
205
  # fragments can be manually bypassed. This is useful when cache fragments
206
206
  # cannot be manually expired unless you know the exact key which is the
207
207
  # case when using memcached.
208
208
  #
209
209
  # The digest will be generated using +virtual_path:+ if it is provided.
210
210
  #
211
- def cache_fragment_name(name = {}, skip_digest: nil, virtual_path: nil)
211
+ def cache_fragment_name(name = {}, skip_digest: nil, virtual_path: nil, digest_path: nil)
212
212
  if skip_digest
213
213
  name
214
214
  else
215
- fragment_name_with_digest(name, virtual_path)
215
+ fragment_name_with_digest(name, virtual_path, digest_path)
216
+ end
217
+ end
218
+
219
+ def digest_path_from_virtual(virtual_path) # :nodoc:
220
+ digest = Digestor.digest(name: virtual_path, finder: lookup_context, dependencies: view_cache_dependencies)
221
+
222
+ if digest.present?
223
+ "#{virtual_path}:#{digest}"
224
+ else
225
+ virtual_path
216
226
  end
217
227
  end
218
228
 
219
229
  private
220
230
 
221
- def fragment_name_with_digest(name, virtual_path)
231
+ def fragment_name_with_digest(name, virtual_path, digest_path)
222
232
  virtual_path ||= @virtual_path
223
233
 
224
- if virtual_path
234
+ if virtual_path || digest_path
225
235
  name = controller.url_for(name).split("://").last if name.is_a?(Hash)
226
236
 
227
- if digest = Digestor.digest(name: virtual_path, finder: lookup_context, dependencies: view_cache_dependencies).presence
228
- [ "#{virtual_path}:#{digest}", name ]
229
- else
230
- [ virtual_path, name ]
231
- end
237
+ digest_path ||= digest_path_from_virtual(virtual_path)
238
+
239
+ [ digest_path, name ]
232
240
  else
233
241
  name
234
242
  end
@@ -36,6 +36,10 @@ module ActionView
36
36
  # </body>
37
37
  # </html>
38
38
  #
39
+ # The return of capture is the string generated by the block. For Example:
40
+ #
41
+ # @greeting # => "Welcome to my shiny new web page! The date and time is 2018-09-06 11:09:16 -0500"
42
+ #
39
43
  def capture(*args)
40
44
  value = nil
41
45
  buffer = with_output_buffer { value = yield(*args) }
@@ -20,7 +20,7 @@ module ActionView
20
20
  # "X-CSRF-Token" HTTP header. If you are using rails-ujs this happens automatically.
21
21
  #
22
22
  def csrf_meta_tags
23
- if protect_against_forgery?
23
+ if defined?(protect_against_forgery?) && protect_against_forgery?
24
24
  [
25
25
  tag("meta", name: "csrf-param", content: request_forgery_protection_token),
26
26
  tag("meta", name: "csrf-token", content: form_authenticity_token)