actionview 5.2.2.1 → 5.2.3.rc1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionview might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e1ddf7489cf1872707e15a168f18951255a69d8e8192c35f5815541c49625aaf
4
- data.tar.gz: 46cad7c727247d6e343ef5f93e03102e79e67163acefe86a03bd80add0930b24
3
+ metadata.gz: 20b55c23000cc907e0aed85f5811bec79a4d7f818e37d070acdee9e070be6424
4
+ data.tar.gz: 70224fb23e260c9fd5187402ea18c6a5ea89cdb147413135be64e0e514985b13
5
5
  SHA512:
6
- metadata.gz: 43280fe2541a02731231562229de63d98a4cb2fa96e53a6f84a62d7a4f730e765f57d1e7d3d290b49eb262cba91c0d05c46533e624b537d17a475610ea736811
7
- data.tar.gz: c26308cd713ae918f94255617e0f4111ecd1ce7b9a9322caf7eb301144f4492e05c2adb2a31c12ce5568a7c6308bdff429ebf151e00e044147c8ee6a822c42be
6
+ metadata.gz: a1b2b7522e79efb0c107d5d7b79b11eea20b7c72567aa6ed39e24766b47f4efd681ac3dad0f056e43036e4e960faa7e007f158cad1c00a5bd355d18a6edb721f
7
+ data.tar.gz: 1c774076688b21de0faf5e4de096637c0e0b05af77432c84aa9ac7082a6d2152e2e2610dbe298b99b5a89704fa2a9ea9297e29304efcf80c9fbdaf2f80f657f5
@@ -1,3 +1,18 @@
1
+ ## Rails 5.2.3.rc1 (March 21, 2019) ##
2
+
3
+ * Prevent non-primary mouse keys from triggering Rails UJS click handlers.
4
+ Firefox fires click events even if the click was triggered by non-primary mouse keys such as right- or scroll-wheel-clicks.
5
+ For example, right-clicking a link such as the one described below (with an underlying ajax request registered on click) should not cause that request to occur.
6
+
7
+ ```
8
+ <%= link_to 'Remote', remote_path, class: 'remote', remote: true, data: { type: :json } %>
9
+ ```
10
+
11
+ Fixes #34541
12
+
13
+ *Wolfgang Hobmaier*
14
+
15
+
1
16
  ## Rails 5.2.2.1 (March 11, 2019) ##
2
17
 
3
18
  * No changes.
@@ -70,13 +70,11 @@ module ActionView
70
70
  end
71
71
 
72
72
  private
73
- def find_template(finder, *args)
73
+ def find_template(finder, name, prefixes, partial, keys)
74
74
  finder.disable_cache do
75
- if format = finder.rendered_format
76
- finder.find_all(*args, formats: [format]).first || finder.find_all(*args).first
77
- else
78
- finder.find_all(*args).first
79
- end
75
+ format = finder.rendered_format
76
+ result = finder.find_all(name, prefixes, partial, keys, formats: [format]).first if format
77
+ result || finder.find_all(name, prefixes, partial, keys).first
80
78
  end
81
79
  end
82
80
  end
@@ -9,8 +9,8 @@ module ActionView
9
9
  module VERSION
10
10
  MAJOR = 5
11
11
  MINOR = 2
12
- TINY = 2
13
- PRE = "1"
12
+ TINY = 3
13
+ PRE = "rc1"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
@@ -1971,7 +1971,7 @@ module ActionView
1971
1971
 
1972
1972
  convert_to_legacy_options(options)
1973
1973
 
1974
- fields_for(scope || model, model, **options, &block)
1974
+ fields_for(scope || model, model, options, &block)
1975
1975
  end
1976
1976
 
1977
1977
  # Returns a label tag tailored for labelling an input field for a specified attribute (identified by +method+) on an object
@@ -228,7 +228,7 @@ module ActionView
228
228
  # pluralize(2, 'Person', locale: :de)
229
229
  # # => 2 Personen
230
230
  def pluralize(count, singular, plural_arg = nil, plural: plural_arg, locale: I18n.locale)
231
- word = if (count == 1 || count =~ /^1(\.0+)?$/)
231
+ word = if (count == 1 || count.to_s =~ /^1(\.0+)?$/)
232
232
  singular
233
233
  else
234
234
  plural || singular.pluralize(locale)
@@ -32,12 +32,17 @@ Released under the MIT license
32
32
 
33
33
  (function() {
34
34
  (function() {
35
- var cspNonce;
35
+ var nonce;
36
36
 
37
- cspNonce = Rails.cspNonce = function() {
38
- var meta;
39
- meta = document.querySelector('meta[name=csp-nonce]');
40
- return meta && meta.content;
37
+ nonce = null;
38
+
39
+ Rails.loadCSPNonce = function() {
40
+ var ref;
41
+ return nonce = (ref = document.querySelector("meta[name=csp-nonce]")) != null ? ref.content : void 0;
42
+ };
43
+
44
+ Rails.cspNonce = function() {
45
+ return nonce != null ? nonce : Rails.loadCSPNonce();
41
46
  };
42
47
 
43
48
  }).call(this);
@@ -616,22 +621,24 @@ Released under the MIT license
616
621
  return setData(form, 'ujs:submit-button-formmethod', button.getAttribute('formmethod'));
617
622
  };
618
623
 
619
- Rails.handleMetaClick = function(e) {
620
- var data, link, metaClick, method;
624
+ Rails.preventInsignificantClick = function(e) {
625
+ var data, insignificantMetaClick, link, metaClick, method, primaryMouseKey;
621
626
  link = this;
622
627
  method = (link.getAttribute('data-method') || 'GET').toUpperCase();
623
628
  data = link.getAttribute('data-params');
624
629
  metaClick = e.metaKey || e.ctrlKey;
625
- if (metaClick && method === 'GET' && !data) {
630
+ insignificantMetaClick = metaClick && method === 'GET' && !data;
631
+ primaryMouseKey = e.button === 0;
632
+ if (!primaryMouseKey || insignificantMetaClick) {
626
633
  return e.stopImmediatePropagation();
627
634
  }
628
635
  };
629
636
 
630
637
  }).call(this);
631
638
  (function() {
632
- var $, CSRFProtection, delegate, disableElement, enableElement, fire, formSubmitButtonClick, getData, handleConfirm, handleDisabledElement, handleMetaClick, handleMethod, handleRemote, refreshCSRFTokens;
639
+ var $, CSRFProtection, delegate, disableElement, enableElement, fire, formSubmitButtonClick, getData, handleConfirm, handleDisabledElement, handleMethod, handleRemote, loadCSPNonce, preventInsignificantClick, refreshCSRFTokens;
633
640
 
634
- fire = Rails.fire, delegate = Rails.delegate, getData = Rails.getData, $ = Rails.$, refreshCSRFTokens = Rails.refreshCSRFTokens, CSRFProtection = Rails.CSRFProtection, enableElement = Rails.enableElement, disableElement = Rails.disableElement, handleDisabledElement = Rails.handleDisabledElement, handleConfirm = Rails.handleConfirm, handleRemote = Rails.handleRemote, formSubmitButtonClick = Rails.formSubmitButtonClick, handleMetaClick = Rails.handleMetaClick, handleMethod = Rails.handleMethod;
641
+ fire = Rails.fire, delegate = Rails.delegate, getData = Rails.getData, $ = Rails.$, refreshCSRFTokens = Rails.refreshCSRFTokens, CSRFProtection = Rails.CSRFProtection, loadCSPNonce = Rails.loadCSPNonce, enableElement = Rails.enableElement, disableElement = Rails.disableElement, handleDisabledElement = Rails.handleDisabledElement, handleConfirm = Rails.handleConfirm, preventInsignificantClick = Rails.preventInsignificantClick, handleRemote = Rails.handleRemote, formSubmitButtonClick = Rails.formSubmitButtonClick, handleMethod = Rails.handleMethod;
635
642
 
636
643
  if ((typeof jQuery !== "undefined" && jQuery !== null) && (jQuery.ajax != null)) {
637
644
  if (jQuery.rails) {
@@ -665,12 +672,13 @@ Released under the MIT license
665
672
  delegate(document, Rails.linkDisableSelector, 'ajax:stopped', enableElement);
666
673
  delegate(document, Rails.buttonDisableSelector, 'ajax:complete', enableElement);
667
674
  delegate(document, Rails.buttonDisableSelector, 'ajax:stopped', enableElement);
675
+ delegate(document, Rails.linkClickSelector, 'click', preventInsignificantClick);
668
676
  delegate(document, Rails.linkClickSelector, 'click', handleDisabledElement);
669
677
  delegate(document, Rails.linkClickSelector, 'click', handleConfirm);
670
- delegate(document, Rails.linkClickSelector, 'click', handleMetaClick);
671
678
  delegate(document, Rails.linkClickSelector, 'click', disableElement);
672
679
  delegate(document, Rails.linkClickSelector, 'click', handleRemote);
673
680
  delegate(document, Rails.linkClickSelector, 'click', handleMethod);
681
+ delegate(document, Rails.buttonClickSelector, 'click', preventInsignificantClick);
674
682
  delegate(document, Rails.buttonClickSelector, 'click', handleDisabledElement);
675
683
  delegate(document, Rails.buttonClickSelector, 'click', handleConfirm);
676
684
  delegate(document, Rails.buttonClickSelector, 'click', disableElement);
@@ -688,10 +696,12 @@ Released under the MIT license
688
696
  });
689
697
  delegate(document, Rails.formSubmitSelector, 'ajax:send', disableElement);
690
698
  delegate(document, Rails.formSubmitSelector, 'ajax:complete', enableElement);
699
+ delegate(document, Rails.formInputClickSelector, 'click', preventInsignificantClick);
691
700
  delegate(document, Rails.formInputClickSelector, 'click', handleDisabledElement);
692
701
  delegate(document, Rails.formInputClickSelector, 'click', handleConfirm);
693
702
  delegate(document, Rails.formInputClickSelector, 'click', formSubmitButtonClick);
694
703
  document.addEventListener('DOMContentLoaded', refreshCSRFTokens);
704
+ document.addEventListener('DOMContentLoaded', loadCSPNonce);
695
705
  return window._rails_loaded = true;
696
706
  };
697
707
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actionview
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.2.2.1
4
+ version: 5.2.3.rc1
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-03-13 00:00:00.000000000 Z
11
+ date: 2019-03-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 5.2.2.1
19
+ version: 5.2.3.rc1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 5.2.2.1
26
+ version: 5.2.3.rc1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: builder
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -92,28 +92,28 @@ dependencies:
92
92
  requirements:
93
93
  - - '='
94
94
  - !ruby/object:Gem::Version
95
- version: 5.2.2.1
95
+ version: 5.2.3.rc1
96
96
  type: :development
97
97
  prerelease: false
98
98
  version_requirements: !ruby/object:Gem::Requirement
99
99
  requirements:
100
100
  - - '='
101
101
  - !ruby/object:Gem::Version
102
- version: 5.2.2.1
102
+ version: 5.2.3.rc1
103
103
  - !ruby/object:Gem::Dependency
104
104
  name: activemodel
105
105
  requirement: !ruby/object:Gem::Requirement
106
106
  requirements:
107
107
  - - '='
108
108
  - !ruby/object:Gem::Version
109
- version: 5.2.2.1
109
+ version: 5.2.3.rc1
110
110
  type: :development
111
111
  prerelease: false
112
112
  version_requirements: !ruby/object:Gem::Requirement
113
113
  requirements:
114
114
  - - '='
115
115
  - !ruby/object:Gem::Version
116
- version: 5.2.2.1
116
+ version: 5.2.3.rc1
117
117
  description: Simple, battle-tested conventions and helpers for building web pages.
118
118
  email: david@loudthinking.com
119
119
  executables: []
@@ -230,8 +230,8 @@ homepage: http://rubyonrails.org
230
230
  licenses:
231
231
  - MIT
232
232
  metadata:
233
- source_code_uri: https://github.com/rails/rails/tree/v5.2.2.1/actionview
234
- changelog_uri: https://github.com/rails/rails/blob/v5.2.2.1/actionview/CHANGELOG.md
233
+ source_code_uri: https://github.com/rails/rails/tree/v5.2.3.rc1/actionview
234
+ changelog_uri: https://github.com/rails/rails/blob/v5.2.3.rc1/actionview/CHANGELOG.md
235
235
  post_install_message:
236
236
  rdoc_options: []
237
237
  require_paths:
@@ -243,9 +243,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
243
243
  version: 2.2.2
244
244
  required_rubygems_version: !ruby/object:Gem::Requirement
245
245
  requirements:
246
- - - ">="
246
+ - - ">"
247
247
  - !ruby/object:Gem::Version
248
- version: '0'
248
+ version: 1.3.1
249
249
  requirements:
250
250
  - none
251
251
  rubygems_version: 3.0.1