actionview 7.0.3.1 → 7.0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +28 -0
- data/lib/action_view/gem_version.rb +1 -1
- data/lib/action_view/helpers/date_helper.rb +1 -1
- data/lib/action_view/helpers/form_helper.rb +9 -5
- data/lib/action_view/helpers/form_tag_helper.rb +42 -18
- data/lib/action_view/helpers/sanitize_helper.rb +1 -1
- data/lib/action_view/helpers/translation_helper.rb +3 -3
- data/lib/action_view/routing_url_for.rb +3 -0
- metadata +12 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 38a00cdee9051217e32ba54c879f068a00394e7da0e776947302d7d854b5c532
|
4
|
+
data.tar.gz: cf3061e644b9cc533c57008dc3c7a7c0808ed697b98a38642b9fd418371b0e3b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 575caeb15a77e353d10b27adbb78616faead346a68ce8729364bf0c2310aa3969cd74e1240126df015eaffa0252c0541039c6efeb989af22481f0e0362306667
|
7
|
+
data.tar.gz: 809d4ce39a33b0ddf53177a23164b1aaf752797ac43a6f7617ef2888532a6469aadd276e9ec06d11bb33c308b0b50e541bb9c4799c56d92a8641458814e127d9
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,31 @@
|
|
1
|
+
## Rails 7.0.4.1 (January 17, 2023) ##
|
2
|
+
|
3
|
+
* No changes.
|
4
|
+
|
5
|
+
|
6
|
+
## Rails 7.0.4 (September 09, 2022) ##
|
7
|
+
|
8
|
+
* Guard against `ActionView::Helpers::FormTagHelper#field_name` calls with nil
|
9
|
+
`object_name` arguments. For example:
|
10
|
+
|
11
|
+
```erb
|
12
|
+
<%= fields do |f| %>
|
13
|
+
<%= f.field_name :body %>
|
14
|
+
<% end %>
|
15
|
+
```
|
16
|
+
|
17
|
+
*Sean Doyle*
|
18
|
+
|
19
|
+
* Strings returned from `strip_tags` are correctly tagged `html_safe?`
|
20
|
+
|
21
|
+
Because these strings contain no HTML elements and the basic entities are escaped, they are safe
|
22
|
+
to be included as-is as PCDATA in HTML content. Tagging them as html-safe avoids double-escaping
|
23
|
+
entities when being concatenated to a SafeBuffer during rendering.
|
24
|
+
|
25
|
+
Fixes [rails/rails-html-sanitizer#124](https://github.com/rails/rails-html-sanitizer/issues/124)
|
26
|
+
|
27
|
+
*Mike Dalessio*
|
28
|
+
|
1
29
|
## Rails 7.0.3.1 (July 12, 2022) ##
|
2
30
|
|
3
31
|
* No changes.
|
@@ -888,7 +888,7 @@ module ActionView
|
|
888
888
|
def month_names
|
889
889
|
@month_names ||= begin
|
890
890
|
month_names = @options[:use_month_names] || translated_month_names
|
891
|
-
month_names
|
891
|
+
month_names = [nil, *month_names] if month_names.size < 13
|
892
892
|
month_names
|
893
893
|
end
|
894
894
|
end
|
@@ -1438,10 +1438,12 @@ module ActionView
|
|
1438
1438
|
# formatted by trying to call +strftime+ with "%H:%M" on the object's value.
|
1439
1439
|
# It is also possible to override this by passing the "value" option.
|
1440
1440
|
#
|
1441
|
-
#
|
1442
|
-
#
|
1441
|
+
# ==== Options
|
1442
|
+
#
|
1443
|
+
# Supports the same options as FormTagHelper#time_field_tag.
|
1444
|
+
#
|
1445
|
+
# ==== Examples
|
1443
1446
|
#
|
1444
|
-
# === Example
|
1445
1447
|
# time_field("task", "started_at")
|
1446
1448
|
# # => <input id="task_started_at" name="task[started_at]" type="time" />
|
1447
1449
|
#
|
@@ -1553,7 +1555,8 @@ module ActionView
|
|
1553
1555
|
# Returns an input tag of type "number".
|
1554
1556
|
#
|
1555
1557
|
# ==== Options
|
1556
|
-
#
|
1558
|
+
#
|
1559
|
+
# Supports the same options as FormTagHelper#number_field_tag.
|
1557
1560
|
def number_field(object_name, method, options = {})
|
1558
1561
|
Tags::NumberField.new(object_name, method, self, options).render
|
1559
1562
|
end
|
@@ -1561,7 +1564,8 @@ module ActionView
|
|
1561
1564
|
# Returns an input tag of type "range".
|
1562
1565
|
#
|
1563
1566
|
# ==== Options
|
1564
|
-
#
|
1567
|
+
#
|
1568
|
+
# Supports the same options as FormTagHelper#range_field_tag.
|
1565
1569
|
def range_field(object_name, method, options = {})
|
1566
1570
|
Tags::RangeField.new(object_name, method, self, options).render
|
1567
1571
|
end
|
@@ -131,7 +131,7 @@ module ActionView
|
|
131
131
|
|
132
132
|
# a little duplication to construct fewer strings
|
133
133
|
case
|
134
|
-
when object_name.
|
134
|
+
when object_name.blank?
|
135
135
|
"#{method_name}#{names}#{multiple ? "[]" : ""}"
|
136
136
|
when index
|
137
137
|
"#{object_name}[#{index}][#{method_name}]#{names}#{multiple ? "[]" : ""}"
|
@@ -657,9 +657,11 @@ module ActionView
|
|
657
657
|
# Creates a text field of type "color".
|
658
658
|
#
|
659
659
|
# ==== Options
|
660
|
-
#
|
660
|
+
#
|
661
|
+
# Supports the same options as #text_field_tag.
|
661
662
|
#
|
662
663
|
# ==== Examples
|
664
|
+
#
|
663
665
|
# color_field_tag 'name'
|
664
666
|
# # => <input id="name" name="name" type="color" />
|
665
667
|
#
|
@@ -678,9 +680,11 @@ module ActionView
|
|
678
680
|
# Creates a text field of type "search".
|
679
681
|
#
|
680
682
|
# ==== Options
|
681
|
-
#
|
683
|
+
#
|
684
|
+
# Supports the same options as #text_field_tag.
|
682
685
|
#
|
683
686
|
# ==== Examples
|
687
|
+
#
|
684
688
|
# search_field_tag 'name'
|
685
689
|
# # => <input id="name" name="name" type="search" />
|
686
690
|
#
|
@@ -699,9 +703,11 @@ module ActionView
|
|
699
703
|
# Creates a text field of type "tel".
|
700
704
|
#
|
701
705
|
# ==== Options
|
702
|
-
#
|
706
|
+
#
|
707
|
+
# Supports the same options as #text_field_tag.
|
703
708
|
#
|
704
709
|
# ==== Examples
|
710
|
+
#
|
705
711
|
# telephone_field_tag 'name'
|
706
712
|
# # => <input id="name" name="name" type="tel" />
|
707
713
|
#
|
@@ -721,9 +727,11 @@ module ActionView
|
|
721
727
|
# Creates a text field of type "date".
|
722
728
|
#
|
723
729
|
# ==== Options
|
724
|
-
#
|
730
|
+
#
|
731
|
+
# Supports the same options as #text_field_tag.
|
725
732
|
#
|
726
733
|
# ==== Examples
|
734
|
+
#
|
727
735
|
# date_field_tag 'name'
|
728
736
|
# # => <input id="name" name="name" type="date" />
|
729
737
|
#
|
@@ -741,23 +749,27 @@ module ActionView
|
|
741
749
|
|
742
750
|
# Creates a text field of type "time".
|
743
751
|
#
|
744
|
-
#
|
752
|
+
# ==== Options
|
753
|
+
#
|
754
|
+
# Supports the same options as #text_field_tag. Additionally, supports:
|
755
|
+
#
|
745
756
|
# * <tt>:min</tt> - The minimum acceptable value.
|
746
757
|
# * <tt>:max</tt> - The maximum acceptable value.
|
747
758
|
# * <tt>:step</tt> - The acceptable value granularity.
|
748
759
|
# * <tt>:include_seconds</tt> - Include seconds and ms in the output timestamp format (true by default).
|
749
|
-
# * Otherwise accepts the same options as text_field_tag.
|
750
760
|
def time_field_tag(name, value = nil, options = {})
|
751
761
|
text_field_tag(name, value, options.merge(type: :time))
|
752
762
|
end
|
753
763
|
|
754
764
|
# Creates a text field of type "datetime-local".
|
755
765
|
#
|
756
|
-
#
|
766
|
+
# ==== Options
|
767
|
+
#
|
768
|
+
# Supports the same options as #text_field_tag. Additionally, supports:
|
769
|
+
#
|
757
770
|
# * <tt>:min</tt> - The minimum acceptable value.
|
758
771
|
# * <tt>:max</tt> - The maximum acceptable value.
|
759
772
|
# * <tt>:step</tt> - The acceptable value granularity.
|
760
|
-
# * Otherwise accepts the same options as text_field_tag.
|
761
773
|
def datetime_field_tag(name, value = nil, options = {})
|
762
774
|
text_field_tag(name, value, options.merge(type: "datetime-local"))
|
763
775
|
end
|
@@ -766,22 +778,26 @@ module ActionView
|
|
766
778
|
|
767
779
|
# Creates a text field of type "month".
|
768
780
|
#
|
769
|
-
#
|
781
|
+
# ==== Options
|
782
|
+
#
|
783
|
+
# Supports the same options as #text_field_tag. Additionally, supports:
|
784
|
+
#
|
770
785
|
# * <tt>:min</tt> - The minimum acceptable value.
|
771
786
|
# * <tt>:max</tt> - The maximum acceptable value.
|
772
787
|
# * <tt>:step</tt> - The acceptable value granularity.
|
773
|
-
# * Otherwise accepts the same options as text_field_tag.
|
774
788
|
def month_field_tag(name, value = nil, options = {})
|
775
789
|
text_field_tag(name, value, options.merge(type: :month))
|
776
790
|
end
|
777
791
|
|
778
792
|
# Creates a text field of type "week".
|
779
793
|
#
|
780
|
-
#
|
794
|
+
# ==== Options
|
795
|
+
#
|
796
|
+
# Supports the same options as #text_field_tag. Additionally, supports:
|
797
|
+
#
|
781
798
|
# * <tt>:min</tt> - The minimum acceptable value.
|
782
799
|
# * <tt>:max</tt> - The maximum acceptable value.
|
783
800
|
# * <tt>:step</tt> - The acceptable value granularity.
|
784
|
-
# * Otherwise accepts the same options as text_field_tag.
|
785
801
|
def week_field_tag(name, value = nil, options = {})
|
786
802
|
text_field_tag(name, value, options.merge(type: :week))
|
787
803
|
end
|
@@ -789,9 +805,11 @@ module ActionView
|
|
789
805
|
# Creates a text field of type "url".
|
790
806
|
#
|
791
807
|
# ==== Options
|
792
|
-
#
|
808
|
+
#
|
809
|
+
# Supports the same options as #text_field_tag.
|
793
810
|
#
|
794
811
|
# ==== Examples
|
812
|
+
#
|
795
813
|
# url_field_tag 'name'
|
796
814
|
# # => <input id="name" name="name" type="url" />
|
797
815
|
#
|
@@ -810,9 +828,11 @@ module ActionView
|
|
810
828
|
# Creates a text field of type "email".
|
811
829
|
#
|
812
830
|
# ==== Options
|
813
|
-
#
|
831
|
+
#
|
832
|
+
# Supports the same options as #text_field_tag.
|
814
833
|
#
|
815
834
|
# ==== Examples
|
835
|
+
#
|
816
836
|
# email_field_tag 'name'
|
817
837
|
# # => <input id="name" name="name" type="email" />
|
818
838
|
#
|
@@ -831,15 +851,18 @@ module ActionView
|
|
831
851
|
# Creates a number field.
|
832
852
|
#
|
833
853
|
# ==== Options
|
854
|
+
#
|
855
|
+
# Supports the same options as #text_field_tag. Additionally, supports:
|
856
|
+
#
|
834
857
|
# * <tt>:min</tt> - The minimum acceptable value.
|
835
858
|
# * <tt>:max</tt> - The maximum acceptable value.
|
836
859
|
# * <tt>:in</tt> - A range specifying the <tt>:min</tt> and
|
837
860
|
# <tt>:max</tt> values.
|
838
861
|
# * <tt>:within</tt> - Same as <tt>:in</tt>.
|
839
862
|
# * <tt>:step</tt> - The acceptable value granularity.
|
840
|
-
# * Otherwise accepts the same options as text_field_tag.
|
841
863
|
#
|
842
864
|
# ==== Examples
|
865
|
+
#
|
843
866
|
# number_field_tag 'quantity'
|
844
867
|
# # => <input id="quantity" name="quantity" type="number" />
|
845
868
|
#
|
@@ -881,12 +904,13 @@ module ActionView
|
|
881
904
|
# Creates a range form element.
|
882
905
|
#
|
883
906
|
# ==== Options
|
884
|
-
#
|
907
|
+
#
|
908
|
+
# Supports the same options as #number_field_tag.
|
885
909
|
def range_field_tag(name, value = nil, options = {})
|
886
910
|
number_field_tag(name, value, options.merge(type: :range))
|
887
911
|
end
|
888
912
|
|
889
|
-
# Creates the hidden
|
913
|
+
# Creates the hidden UTF-8 enforcer tag. Override this method in a helper
|
890
914
|
# to customize the tag.
|
891
915
|
def utf8_enforcer_tag
|
892
916
|
# Use raw HTML to ensure the value is written as an HTML entity; it
|
@@ -101,7 +101,7 @@ module ActionView
|
|
101
101
|
# strip_tags("> A quote from Smith & Wesson")
|
102
102
|
# # => > A quote from Smith & Wesson
|
103
103
|
def strip_tags(html)
|
104
|
-
self.class.full_sanitizer.sanitize(html)
|
104
|
+
self.class.full_sanitizer.sanitize(html)&.html_safe
|
105
105
|
end
|
106
106
|
|
107
107
|
# Strips all link tags from +html+ leaving just the link text.
|
@@ -90,7 +90,7 @@ module ActionView
|
|
90
90
|
|
91
91
|
translated = ActiveSupport::HtmlSafeTranslation.translate(key, **options, default: default)
|
92
92
|
|
93
|
-
break translated unless translated
|
93
|
+
break translated unless translated == MISSING_TRANSLATION
|
94
94
|
|
95
95
|
if alternatives.present? && !alternatives.first.is_a?(Symbol)
|
96
96
|
break alternatives.first && I18n.translate(**options, default: alternatives)
|
@@ -111,7 +111,7 @@ module ActionView
|
|
111
111
|
|
112
112
|
# Delegates to <tt>I18n.localize</tt> with no additional functionality.
|
113
113
|
#
|
114
|
-
# See https://www.rubydoc.info/
|
114
|
+
# See https://www.rubydoc.info/gems/i18n/I18n/Backend/Base:localize
|
115
115
|
# for more information.
|
116
116
|
def localize(object, **options)
|
117
117
|
I18n.localize(object, **options)
|
@@ -119,7 +119,7 @@ module ActionView
|
|
119
119
|
alias :l :localize
|
120
120
|
|
121
121
|
private
|
122
|
-
MISSING_TRANSLATION =
|
122
|
+
MISSING_TRANSLATION = -(2**60)
|
123
123
|
private_constant :MISSING_TRANSLATION
|
124
124
|
|
125
125
|
NO_DEFAULT = [].freeze
|
@@ -47,6 +47,9 @@ module ActionView
|
|
47
47
|
# <%= url_for(action: 'jump', anchor: 'tax&ship') %>
|
48
48
|
# # => /testing/jump/#tax&ship
|
49
49
|
#
|
50
|
+
# <%= url_for(Workshop) %>
|
51
|
+
# # => /workshops
|
52
|
+
#
|
50
53
|
# <%= url_for(Workshop.new) %>
|
51
54
|
# # relies on Workshop answering a persisted? call (and in this case returning false)
|
52
55
|
# # => /workshops
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: actionview
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.0.
|
4
|
+
version: 7.0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-01-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 7.0.
|
19
|
+
version: 7.0.4.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 7.0.
|
26
|
+
version: 7.0.4.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: builder
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -92,28 +92,28 @@ dependencies:
|
|
92
92
|
requirements:
|
93
93
|
- - '='
|
94
94
|
- !ruby/object:Gem::Version
|
95
|
-
version: 7.0.
|
95
|
+
version: 7.0.4.1
|
96
96
|
type: :development
|
97
97
|
prerelease: false
|
98
98
|
version_requirements: !ruby/object:Gem::Requirement
|
99
99
|
requirements:
|
100
100
|
- - '='
|
101
101
|
- !ruby/object:Gem::Version
|
102
|
-
version: 7.0.
|
102
|
+
version: 7.0.4.1
|
103
103
|
- !ruby/object:Gem::Dependency
|
104
104
|
name: activemodel
|
105
105
|
requirement: !ruby/object:Gem::Requirement
|
106
106
|
requirements:
|
107
107
|
- - '='
|
108
108
|
- !ruby/object:Gem::Version
|
109
|
-
version: 7.0.
|
109
|
+
version: 7.0.4.1
|
110
110
|
type: :development
|
111
111
|
prerelease: false
|
112
112
|
version_requirements: !ruby/object:Gem::Requirement
|
113
113
|
requirements:
|
114
114
|
- - '='
|
115
115
|
- !ruby/object:Gem::Version
|
116
|
-
version: 7.0.
|
116
|
+
version: 7.0.4.1
|
117
117
|
description: Simple, battle-tested conventions and helpers for building web pages.
|
118
118
|
email: david@loudthinking.com
|
119
119
|
executables: []
|
@@ -246,10 +246,10 @@ licenses:
|
|
246
246
|
- MIT
|
247
247
|
metadata:
|
248
248
|
bug_tracker_uri: https://github.com/rails/rails/issues
|
249
|
-
changelog_uri: https://github.com/rails/rails/blob/v7.0.
|
250
|
-
documentation_uri: https://api.rubyonrails.org/v7.0.
|
249
|
+
changelog_uri: https://github.com/rails/rails/blob/v7.0.4.1/actionview/CHANGELOG.md
|
250
|
+
documentation_uri: https://api.rubyonrails.org/v7.0.4.1/
|
251
251
|
mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
|
252
|
-
source_code_uri: https://github.com/rails/rails/tree/v7.0.
|
252
|
+
source_code_uri: https://github.com/rails/rails/tree/v7.0.4.1/actionview
|
253
253
|
rubygems_mfa_required: 'true'
|
254
254
|
post_install_message:
|
255
255
|
rdoc_options: []
|
@@ -267,7 +267,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
267
267
|
version: '0'
|
268
268
|
requirements:
|
269
269
|
- none
|
270
|
-
rubygems_version: 3.
|
270
|
+
rubygems_version: 3.4.3
|
271
271
|
signing_key:
|
272
272
|
specification_version: 4
|
273
273
|
summary: Rendering framework putting the V in MVC (part of Rails).
|