actionview 5.2.8.1 → 6.0.0.beta1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionview might be problematic. Click here for more details.

Files changed (46) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +106 -162
  3. data/MIT-LICENSE +1 -1
  4. data/README.rdoc +1 -1
  5. data/lib/action_view/buffers.rb +15 -0
  6. data/lib/action_view/context.rb +5 -4
  7. data/lib/action_view/digestor.rb +7 -6
  8. data/lib/action_view/gem_version.rb +4 -4
  9. data/lib/action_view/helpers/asset_tag_helper.rb +4 -27
  10. data/lib/action_view/helpers/asset_url_helper.rb +4 -3
  11. data/lib/action_view/helpers/cache_helper.rb +18 -10
  12. data/lib/action_view/helpers/capture_helper.rb +4 -0
  13. data/lib/action_view/helpers/csrf_helper.rb +1 -1
  14. data/lib/action_view/helpers/date_helper.rb +69 -25
  15. data/lib/action_view/helpers/form_helper.rb +240 -8
  16. data/lib/action_view/helpers/form_options_helper.rb +23 -15
  17. data/lib/action_view/helpers/form_tag_helper.rb +9 -9
  18. data/lib/action_view/helpers/javascript_helper.rb +10 -11
  19. data/lib/action_view/helpers/number_helper.rb +5 -0
  20. data/lib/action_view/helpers/sanitize_helper.rb +3 -3
  21. data/lib/action_view/helpers/tag_helper.rb +13 -43
  22. data/lib/action_view/helpers/tags/base.rb +8 -4
  23. data/lib/action_view/helpers/tags/color_field.rb +1 -1
  24. data/lib/action_view/helpers/tags/translator.rb +1 -6
  25. data/lib/action_view/helpers/text_helper.rb +3 -3
  26. data/lib/action_view/helpers/translation_helper.rb +11 -18
  27. data/lib/action_view/helpers/url_helper.rb +14 -14
  28. data/lib/action_view/helpers.rb +0 -2
  29. data/lib/action_view/log_subscriber.rb +6 -6
  30. data/lib/action_view/lookup_context.rb +4 -4
  31. data/lib/action_view/railtie.rb +18 -0
  32. data/lib/action_view/record_identifier.rb +2 -2
  33. data/lib/action_view/renderer/partial_renderer/collection_caching.rb +40 -1
  34. data/lib/action_view/renderer/partial_renderer.rb +2 -2
  35. data/lib/action_view/renderer/streaming_template_renderer.rb +1 -1
  36. data/lib/action_view/rendering.rb +5 -4
  37. data/lib/action_view/routing_url_for.rb +12 -11
  38. data/lib/action_view/template/handlers/erb.rb +12 -2
  39. data/lib/action_view/template/resolver.rb +56 -16
  40. data/lib/action_view/template.rb +25 -8
  41. data/lib/action_view/test_case.rb +1 -1
  42. data/lib/action_view/testing/resolvers.rb +1 -1
  43. data/lib/action_view.rb +1 -1
  44. data/lib/assets/compiled/rails-ujs.js +39 -22
  45. metadata +17 -18
  46. data/lib/action_view/helpers/record_tag_helper.rb +0 -23
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4a732cbd8a2b766ebf37e375ffd2f97c71760de86cb46d9a70702896d07aeb73
4
- data.tar.gz: d76fb4ed63f24c3e6b09b576fe3b945b7eb436059cb703e241da7d7d9343cf90
3
+ metadata.gz: 58d19af0e853c217ca89f2167775195c7a44ebba26e4d9a682aabeb6a25b6af4
4
+ data.tar.gz: 15d2c9faa90c17d33772df3ce0eacccecb090e7310af47ab1d82bca6448a2a11
5
5
  SHA512:
6
- metadata.gz: 69feb0b2c271b42c17c0bc55d0cee3f857aa4a177fe9e27edaf9a5cc101b2a92b5eb0cb678d89c7ea1f40fa1a1c28a6288c2ee9e5dee16db0859777259fce137
7
- data.tar.gz: a04fc509175c93512d6517742c283d617749b1498a422c05a6ab02da17ce0042e33011176c83b97e48638f7e2750921d04fd8855bbfb6fc29a1cb1bbbd63bf8b
6
+ metadata.gz: dc169a10649b5f6cdfb8488bd16cbb7cab049081e7a6c53821cfab497e8035c7843c690e3bffcffc571bf2f610e5f2b7eee80283f622262d5ff9f1f20c8ef210
7
+ data.tar.gz: ed371d7bec363bafe775d5a1ed3d11a1002f96589c142c662afabc1862c71314427fc07004d0bfa4bc2ac5078f0c0b38410ccca1ee738594223a1a3a336ffa14
data/CHANGELOG.md CHANGED
@@ -1,100 +1,18 @@
1
- ## Rails 5.2.8.1 (July 12, 2022) ##
1
+ ## Rails 6.0.0.beta1 (January 18, 2019) ##
2
2
 
3
- * No changes.
3
+ * Remove deprecated `image_alt` helper.
4
4
 
5
+ *Rafael Mendonça França*
5
6
 
6
- ## Rails 5.2.8 (May 09, 2022) ##
7
-
8
- * No changes.
9
-
10
-
11
- ## Rails 5.2.7.1 (April 26, 2022) ##
12
-
13
- * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
14
-
15
- Escape dangerous characters in names of tags and names of attributes in the
16
- tag helpers, following the XML specification. Rename the option
17
- `:escape_attributes` to `:escape`, to simplify by applying the option to the
18
- whole tag.
19
-
20
- *Álvaro Martín Fraguas*
21
-
22
-
23
- ## Rails 5.2.7 (March 10, 2022) ##
24
-
25
- * No changes.
26
-
27
-
28
- ## Rails 5.2.6.3 (March 08, 2022) ##
29
-
30
- * No changes.
31
-
32
-
33
- ## Rails 5.2.6.2 (February 11, 2022) ##
34
-
35
- * No changes.
36
-
37
-
38
- ## Rails 5.2.6.1 (February 11, 2022) ##
39
-
40
- * No changes.
41
-
42
-
43
- ## Rails 5.2.6 (May 05, 2021) ##
44
-
45
- * No changes.
46
-
47
-
48
- ## Rails 5.2.5 (March 26, 2021) ##
49
-
50
- * No changes.
51
-
52
-
53
- ## Rails 5.2.4.6 (May 05, 2021) ##
54
-
55
- * No changes.
56
-
57
-
58
- ## Rails 5.2.4.5 (February 10, 2021) ##
59
-
60
- * No changes.
61
-
62
-
63
- ## Rails 5.2.4.4 (September 09, 2020) ##
64
-
65
- * [CVE-2020-15169] Fix potential XSS vulnerability in the `translate`/`t` helper
66
-
67
- *Jonathan Hefner*
68
-
69
-
70
- ## Rails 5.2.4.3 (May 18, 2020) ##
71
-
72
- * [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs
73
-
74
-
75
- ## Rails 5.2.4.2 (March 19, 2020) ##
76
-
77
- * Fix possible XSS vector in `escape_javascript` helper
78
-
79
- CVE-2020-5267
80
-
81
- *Aaron Patterson*
82
-
83
-
84
- ## Rails 5.2.4.1 (December 18, 2019) ##
85
-
86
- * No changes.
87
-
88
-
89
- ## Rails 5.2.4 (November 27, 2019) ##
90
-
91
- * Allow programmatic click events to trigger Rails UJS click handlers.
92
- Programmatic click events (eg. ones generated by `Rails.fire(link, "click")`) don't specify a button. These events were being incorrectly stopped by code meant to ignore scroll wheel and right clicks introduced in #34573.
7
+ * Fix the need of `#protect_against_forgery?` method defined in
8
+ `ActionView::Base` subclasses. This prevents the use of forms and buttons.
93
9
 
94
- *Sudara Williams*
10
+ *Genadi Samokovarov*
95
11
 
12
+ * Fix UJS permanently showing disabled text in a[data-remote][data-disable-with] elements within forms.
13
+ Fixes #33889
96
14
 
97
- ## Rails 5.2.3 (March 27, 2019) ##
15
+ *Wolfgang Hobmaier*
98
16
 
99
17
  * Prevent non-primary mouse keys from triggering Rails UJS click handlers.
100
18
  Firefox fires click events even if the click was triggered by non-primary mouse keys such as right- or scroll-wheel-clicks.
@@ -108,37 +26,50 @@
108
26
 
109
27
  *Wolfgang Hobmaier*
110
28
 
29
+ * Prevent `ActionView::TextHelper#word_wrap` from unexpectedly stripping white space from the _left_ side of lines.
111
30
 
112
- ## Rails 5.2.2.1 (March 11, 2019) ##
31
+ For example, given input like this:
113
32
 
114
- * Only accept formats from registered mime types
33
+ ```
34
+ This is a paragraph with an initial indent,
35
+ followed by additional lines that are not indented,
36
+ and finally terminated with a blockquote:
37
+ "A pithy saying"
38
+ ```
115
39
 
116
- A lack of filtering on mime types could allow an attacker to read
117
- arbitrary files on the target server or to perform a denial of service
118
- attack.
40
+ Calling `word_wrap` should not trim the indents on the first and last lines.
119
41
 
120
- Fixes CVE-2019-5418
121
- Fixes CVE-2019-5419
42
+ Fixes #34487
122
43
 
123
- *John Hawthorn*, *Eileen M. Uchitelle*, *Aaron Patterson*
44
+ *Lyle Mullican*
124
45
 
46
+ * Add allocations to template rendering instrumentation.
125
47
 
126
- ## Rails 5.2.2 (December 04, 2018) ##
48
+ Adds the allocations for template and partial rendering to the server output on render.
49
+
50
+ ```
51
+ Rendered posts/_form.html.erb (Duration: 7.1ms | Allocations: 6004)
52
+ Rendered posts/new.html.erb within layouts/application (Duration: 8.3ms | Allocations: 6654)
53
+ Completed 200 OK in 858ms (Views: 848.4ms | ActiveRecord: 0.4ms | Allocations: 1539564)
54
+ ```
127
55
 
128
- * No changes.
56
+ *Eileen M. Uchitelle*, *Aaron Patterson*
129
57
 
58
+ * Respect the `only_path` option passed to `url_for` when the options are passed in as an array
130
59
 
131
- ## Rails 5.2.1.1 (November 27, 2018) ##
60
+ Fixes #33237.
132
61
 
133
- * No changes.
62
+ *Joel Ambass*
134
63
 
64
+ * Deprecate calling private model methods from view helpers.
135
65
 
136
- ## Rails 5.2.1 (August 07, 2018) ##
66
+ For example, in methods like `options_from_collection_for_select`
67
+ and `collection_select` it is possible to call private methods from
68
+ the objects used.
137
69
 
138
- * Fix leak of `skip_default_ids` and `allow_method_names_outside_object` options
139
- to HTML attributes.
70
+ Fixes #33546.
140
71
 
141
- *Yurii Cherniavskyi*
72
+ *Ana María Martínez Gómez*
142
73
 
143
74
  * Fix issue with `button_to`'s `to_form_params`
144
75
 
@@ -151,97 +82,110 @@
151
82
 
152
83
  *Georgi Georgiev*
153
84
 
154
- * Fix JavaScript views rendering does not work with Firefox when using
155
- Content Security Policy.
85
+ * Mark arrays of translations as trusted safe by using the `_html` suffix.
156
86
 
157
- Fixes #32577.
87
+ Example:
158
88
 
159
- *Yuji Yaginuma*
89
+ en:
90
+ foo_html:
91
+ - "One"
92
+ - "<strong>Two</strong>"
93
+ - "Three &#128075; &#128578;"
160
94
 
161
- * Add the `nonce: true` option for `javascript_include_tag` helper to
162
- support automatic nonce generation for Content Security Policy.
163
- Works the same way as `javascript_tag nonce: true` does.
164
-
165
- *Yaroslav Markin*
95
+ *Juan Broullon*
166
96
 
97
+ * Add `year_format` option to date_select tag. This option makes it possible to customize year
98
+ names. Lambda should be passed to use this option.
167
99
 
168
- ## Rails 5.2.0 (April 09, 2018) ##
100
+ Example:
169
101
 
170
- * Pass the `:skip_pipeline` option in `image_submit_tag` when calling `path_to_image`.
102
+ date_select('user_birthday', '', start_year: 1998, end_year: 2000, year_format: ->year { "Heisei #{year - 1988}" })
171
103
 
172
- Fixes #32248.
104
+ The HTML produced:
173
105
 
174
- *Andrew White*
175
-
176
- * Allow the use of callable objects as group methods for grouped selects.
177
-
178
- Until now, the `option_groups_from_collection_for_select` method was only able to
179
- handle method names as `group_method` and `group_label_method` parameters,
180
- it is now able to receive procs and other callable objects too.
106
+ <select id="user_birthday__1i" name="user_birthday[(1i)]">
107
+ <option value="1998">Heisei 10</option>
108
+ <option value="1999">Heisei 11</option>
109
+ <option value="2000">Heisei 12</option>
110
+ </select>
111
+ /* The rest is omitted */
181
112
 
182
- *Jérémie Bonal*
113
+ *Koki Ryu*
183
114
 
184
- * Add `preload_link_tag` helper.
115
+ * Fix JavaScript views rendering does not work with Firefox when using
116
+ Content Security Policy.
185
117
 
186
- This helper that allows to the browser to initiate early fetch of resources
187
- (different to the specified in `javascript_include_tag` and `stylesheet_link_tag`).
188
- Additionally, this sends Early Hints if supported by browser.
118
+ Fixes #32577.
189
119
 
190
- *Guillermo Iguaran*
120
+ *Yuji Yaginuma*
191
121
 
192
- * Change `form_with` to generates ids by default.
122
+ * Add the `nonce: true` option for `javascript_include_tag` helper to
123
+ support automatic nonce generation for Content Security Policy.
124
+ Works the same way as `javascript_tag nonce: true` does.
193
125
 
194
- When `form_with` was introduced we disabled the automatic generation of ids
195
- that was enabled in `form_for`. This usually is not an good idea since labels don't work
196
- when the input doesn't have an id and it made harder to test with Capybara.
126
+ *Yaroslav Markin*
197
127
 
198
- You can still disable the automatic generation of ids setting `config.action_view.form_with_generates_ids`
199
- to `false.`
128
+ * Remove `ActionView::Helpers::RecordTagHelper`.
200
129
 
201
- *Nick Pezza*
130
+ *Yoshiyuki Hirano*
202
131
 
203
- * Fix issues with `field_error_proc` wrapping `optgroup` and select divider `option`.
132
+ * Disable `ActionView::Template` finalizers in test environment.
204
133
 
205
- Fixes #31088
134
+ Template finalization can be expensive in large view test suites.
135
+ Add a configuration option,
136
+ `action_view.finalize_compiled_template_methods`, and turn it off in
137
+ the test environment.
206
138
 
207
- *Matthias Neumayr*
139
+ *Simon Coffey*
208
140
 
209
- * Remove deprecated Erubis ERB handler.
141
+ * Extract the `confirm` call in its own, overridable method in `rails_ujs`.
210
142
 
211
- *Rafael Mendonça França*
143
+ Example:
212
144
 
213
- * Remove default `alt` text generation.
145
+ Rails.confirm = function(message, element) {
146
+ return (my_bootstrap_modal_confirm(message));
147
+ }
214
148
 
215
- Fixes #30096
149
+ *Mathieu Mahé*
216
150
 
217
- *Cameron Cundiff*
151
+ * Enable select tag helper to mark `prompt` option as `selected` and/or `disabled` for `required`
152
+ field.
218
153
 
219
- * Add `srcset` option to `image_tag` helper.
154
+ Example:
220
155
 
221
- *Roberto Miranda*
156
+ select :post,
157
+ :category,
158
+ ["lifestyle", "programming", "spiritual"],
159
+ { selected: "", disabled: "", prompt: "Choose one" },
160
+ { required: true }
222
161
 
223
- * Fix issues with scopes and engine on `current_page?` method.
162
+ Placeholder option would be selected and disabled.
224
163
 
225
- Fixes #29401.
164
+ The HTML produced:
226
165
 
227
- *Nikita Savrov*
166
+ <select required="required" name="post[category]" id="post_category">
167
+ <option disabled="disabled" selected="selected" value="">Choose one</option>
168
+ <option value="lifestyle">lifestyle</option>
169
+ <option value="programming">programming</option>
170
+ <option value="spiritual">spiritual</option></select>
228
171
 
229
- * Generate field ids in `collection_check_boxes` and `collection_radio_buttons`.
172
+ *Sergey Prikhodko*
230
173
 
231
- This makes sure that the labels are linked up with the fields.
174
+ * Don't enforce UTF-8 by default.
232
175
 
233
- Fixes #29014.
176
+ With the disabling of TLS 1.0 by most major websites, continuing to run
177
+ IE8 or lower becomes increasingly difficult so default to not enforcing
178
+ UTF-8 encoding as it's not relevant to other browsers.
234
179
 
235
- *Yuji Yaginuma*
180
+ *Andrew White*
236
181
 
237
- * Add `:json` type to `auto_discovery_link_tag` to support [JSON Feeds](https://jsonfeed.org/version/1).
182
+ * Change translation key of `submit_tag` from `module_name_class_name` to `module_name/class_name`.
238
183
 
239
- *Mike Gunderloy*
184
+ *Rui Onodera*
240
185
 
241
- * Update `distance_of_time_in_words` helper to display better error messages
242
- for bad input.
186
+ * Rails 6 requires Ruby 2.5.0 or newer.
243
187
 
244
- *Jay Hayes*
188
+ *Jeremy Daer*, *Kasper Timm Hansen*
245
189
 
246
190
 
247
- Please check [5-1-stable](https://github.com/rails/rails/blob/5-1-stable/actionview/CHANGELOG.md) for previous changes.
191
+ Please check [5-2-stable](https://github.com/rails/rails/blob/5-2-stable/actionview/CHANGELOG.md) for previous changes.
data/MIT-LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2004-2018 David Heinemeier Hansson
1
+ Copyright (c) 2004-2019 David Heinemeier Hansson
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/README.rdoc CHANGED
@@ -13,7 +13,7 @@ The latest version of Action View can be installed with RubyGems:
13
13
 
14
14
  Source code can be downloaded as part of the Rails project on GitHub:
15
15
 
16
- * https://github.com/rails/rails/tree/5-2-stable/actionview
16
+ * https://github.com/rails/rails/tree/master/actionview
17
17
 
18
18
 
19
19
  == License
@@ -3,6 +3,21 @@
3
3
  require "active_support/core_ext/string/output_safety"
4
4
 
5
5
  module ActionView
6
+ # Used as a buffer for views
7
+ #
8
+ # The main difference between this and ActiveSupport::SafeBuffer
9
+ # is for the methods `<<` and `safe_expr_append=` the inputs are
10
+ # checked for nil before they are assigned and `to_s` is called on
11
+ # the input. For example:
12
+ #
13
+ # obuf = ActionView::OutputBuffer.new "hello"
14
+ # obuf << 5
15
+ # puts obuf # => "hello5"
16
+ #
17
+ # sbuf = ActiveSupport::SafeBuffer.new "hello"
18
+ # sbuf << 5
19
+ # puts sbuf # => "hello\u0005"
20
+ #
6
21
  class OutputBuffer < ActiveSupport::SafeBuffer #:nodoc:
7
22
  def initialize(*)
8
23
  super
@@ -10,10 +10,11 @@ module ActionView
10
10
  # Action View contexts are supplied to Action Controller to render a template.
11
11
  # The default Action View context is ActionView::Base.
12
12
  #
13
- # In order to work with ActionController, a Context must just include this module.
14
- # The initialization of the variables used by the context (@output_buffer, @view_flow,
15
- # and @virtual_path) is responsibility of the object that includes this module
16
- # (although you can call _prepare_context defined below).
13
+ # In order to work with Action Controller, a Context must just include this
14
+ # module. The initialization of the variables used by the context
15
+ # (@output_buffer, @view_flow, and @virtual_path) is responsibility of the
16
+ # object that includes this module (although you can call _prepare_context
17
+ # defined below).
17
18
  module Context
18
19
  include CompiledTemplates
19
20
  attr_accessor :output_buffer, :view_flow
@@ -1,8 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require "concurrent/map"
4
3
  require "action_view/dependency_tracker"
5
- require "monitor"
6
4
 
7
5
  module ActionView
8
6
  class Digestor
@@ -20,9 +18,12 @@ module ActionView
20
18
  # * <tt>name</tt> - Template name
21
19
  # * <tt>finder</tt> - An instance of <tt>ActionView::LookupContext</tt>
22
20
  # * <tt>dependencies</tt> - An array of dependent views
23
- def digest(name:, finder:, dependencies: [])
24
- dependencies ||= []
25
- cache_key = [ name, finder.rendered_format, dependencies ].flatten.compact.join(".")
21
+ def digest(name:, finder:, dependencies: nil)
22
+ if dependencies.nil? || dependencies.empty?
23
+ cache_key = "#{name}.#{finder.rendered_format}"
24
+ else
25
+ cache_key = [ name, finder.rendered_format, dependencies ].flatten.compact.join(".")
26
+ end
26
27
 
27
28
  # this is a correctly done double-checked locking idiom
28
29
  # (Concurrent::Map's lookups have volatile semantics)
@@ -32,7 +33,7 @@ module ActionView
32
33
  root = tree(name, finder, partial)
33
34
  dependencies.each do |injected_dep|
34
35
  root.children << Injected.new(injected_dep, nil, nil)
35
- end
36
+ end if dependencies
36
37
  finder.digest_cache[cache_key] = root.digest(finder)
37
38
  end
38
39
  end
@@ -7,10 +7,10 @@ module ActionView
7
7
  end
8
8
 
9
9
  module VERSION
10
- MAJOR = 5
11
- MINOR = 2
12
- TINY = 8
13
- PRE = "1"
10
+ MAJOR = 6
11
+ MINOR = 0
12
+ TINY = 0
13
+ PRE = "beta1"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
@@ -55,7 +55,7 @@ module ActionView
55
55
  # that path.
56
56
  # * <tt>:skip_pipeline</tt> - This option is used to bypass the asset pipeline
57
57
  # when it is set to true.
58
- # * <tt>:nonce<tt> - When set to true, adds an automatic nonce value if
58
+ # * <tt>:nonce</tt> - When set to true, adds an automatic nonce value if
59
59
  # you have Content Security Policy enabled.
60
60
  #
61
61
  # ==== Examples
@@ -98,7 +98,7 @@ module ActionView
98
98
  if tag_options["nonce"] == true
99
99
  tag_options["nonce"] = content_security_policy_nonce
100
100
  end
101
- content_tag("script".freeze, "", tag_options)
101
+ content_tag("script", "", tag_options)
102
102
  }.join("\n").html_safe
103
103
 
104
104
  request.send_early_hints("Link" => early_hints_links.join("\n")) if respond_to?(:request) && request
@@ -333,9 +333,9 @@ module ActionView
333
333
  #
334
334
  # image_tag(user.avatar)
335
335
  # # => <img src="/rails/active_storage/blobs/.../tiger.jpg" />
336
- # image_tag(user.avatar.variant(resize: "100x100"))
336
+ # image_tag(user.avatar.variant(resize_to_fit: [100, 100]))
337
337
  # # => <img src="/rails/active_storage/variants/.../tiger.jpg" />
338
- # image_tag(user.avatar.variant(resize: "100x100"), size: '100')
338
+ # image_tag(user.avatar.variant(resize_to_fit: [100, 100]), size: '100')
339
339
  # # => <img width="100" height="100" src="/rails/active_storage/variants/.../tiger.jpg" />
340
340
  def image_tag(source, options = {})
341
341
  options = options.symbolize_keys
@@ -355,29 +355,6 @@ module ActionView
355
355
  tag("img", options)
356
356
  end
357
357
 
358
- # Returns a string suitable for an HTML image tag alt attribute.
359
- # The +src+ argument is meant to be an image file path.
360
- # The method removes the basename of the file path and the digest,
361
- # if any. It also removes hyphens and underscores from file names and
362
- # replaces them with spaces, returning a space-separated, titleized
363
- # string.
364
- #
365
- # ==== Examples
366
- #
367
- # image_alt('rails.png')
368
- # # => Rails
369
- #
370
- # image_alt('hyphenated-file-name.png')
371
- # # => Hyphenated file name
372
- #
373
- # image_alt('underscored_file_name.png')
374
- # # => Underscored file name
375
- def image_alt(src)
376
- ActiveSupport::Deprecation.warn("image_alt is deprecated and will be removed from Rails 6.0. You must explicitly set alt text on images.")
377
-
378
- File.basename(src, ".*".freeze).sub(/-[[:xdigit:]]{32,64}\z/, "".freeze).tr("-_".freeze, " ".freeze).capitalize
379
- end
380
-
381
358
  # Returns an HTML video tag for the +sources+. If +sources+ is a string,
382
359
  # a single video tag will be returned. If +sources+ is an array, a video
383
360
  # tag with nested source tags for each source will be returned. The
@@ -98,8 +98,9 @@ module ActionView
98
98
  # have SSL certificates for each of the asset hosts this technique allows you
99
99
  # to avoid warnings in the client about mixed media.
100
100
  # Note that the +request+ parameter might not be supplied, e.g. when the assets
101
- # are precompiled via a Rake task. Make sure to use a +Proc+ instead of a lambda,
102
- # since a +Proc+ allows missing parameters and sets them to +nil+.
101
+ # are precompiled with the command `rails assets:precompile`. Make sure to use a
102
+ # +Proc+ instead of a lambda, since a +Proc+ allows missing parameters and sets them
103
+ # to +nil+.
103
104
  #
104
105
  # config.action_controller.asset_host = Proc.new { |source, request|
105
106
  # if request && request.ssl?
@@ -187,7 +188,7 @@ module ActionView
187
188
  return "" if source.blank?
188
189
  return source if URI_REGEXP.match?(source)
189
190
 
190
- tail, source = source[/([\?#].+)$/], source.sub(/([\?#].+)$/, "".freeze)
191
+ tail, source = source[/([\?#].+)$/], source.sub(/([\?#].+)$/, "")
191
192
 
192
193
  if extname = compute_asset_extname(source, options)
193
194
  source = "#{source}#{extname}"
@@ -201,34 +201,42 @@ module ActionView
201
201
  end
202
202
 
203
203
  # This helper returns the name of a cache key for a given fragment cache
204
- # call. By supplying +skip_digest:+ true to cache, the digestion of cache
204
+ # call. By supplying <tt>skip_digest: true</tt> to cache, the digestion of cache
205
205
  # fragments can be manually bypassed. This is useful when cache fragments
206
206
  # cannot be manually expired unless you know the exact key which is the
207
207
  # case when using memcached.
208
208
  #
209
209
  # The digest will be generated using +virtual_path:+ if it is provided.
210
210
  #
211
- def cache_fragment_name(name = {}, skip_digest: nil, virtual_path: nil)
211
+ def cache_fragment_name(name = {}, skip_digest: nil, virtual_path: nil, digest_path: nil)
212
212
  if skip_digest
213
213
  name
214
214
  else
215
- fragment_name_with_digest(name, virtual_path)
215
+ fragment_name_with_digest(name, virtual_path, digest_path)
216
+ end
217
+ end
218
+
219
+ def digest_path_from_virtual(virtual_path) # :nodoc:
220
+ digest = Digestor.digest(name: virtual_path, finder: lookup_context, dependencies: view_cache_dependencies)
221
+
222
+ if digest.present?
223
+ "#{virtual_path}:#{digest}"
224
+ else
225
+ virtual_path
216
226
  end
217
227
  end
218
228
 
219
229
  private
220
230
 
221
- def fragment_name_with_digest(name, virtual_path)
231
+ def fragment_name_with_digest(name, virtual_path, digest_path)
222
232
  virtual_path ||= @virtual_path
223
233
 
224
- if virtual_path
234
+ if virtual_path || digest_path
225
235
  name = controller.url_for(name).split("://").last if name.is_a?(Hash)
226
236
 
227
- if digest = Digestor.digest(name: virtual_path, finder: lookup_context, dependencies: view_cache_dependencies).presence
228
- [ "#{virtual_path}:#{digest}", name ]
229
- else
230
- [ virtual_path, name ]
231
- end
237
+ digest_path ||= digest_path_from_virtual(virtual_path)
238
+
239
+ [ digest_path, name ]
232
240
  else
233
241
  name
234
242
  end
@@ -36,6 +36,10 @@ module ActionView
36
36
  # </body>
37
37
  # </html>
38
38
  #
39
+ # The return of capture is the string generated by the block. For Example:
40
+ #
41
+ # @greeting # => "Welcome to my shiny new web page! The date and time is 2018-09-06 11:09:16 -0500"
42
+ #
39
43
  def capture(*args)
40
44
  value = nil
41
45
  buffer = with_output_buffer { value = yield(*args) }
@@ -20,7 +20,7 @@ module ActionView
20
20
  # "X-CSRF-Token" HTTP header. If you are using rails-ujs this happens automatically.
21
21
  #
22
22
  def csrf_meta_tags
23
- if protect_against_forgery?
23
+ if defined?(protect_against_forgery?) && protect_against_forgery?
24
24
  [
25
25
  tag("meta", name: "csrf-param", content: request_forgery_protection_token),
26
26
  tag("meta", name: "csrf-token", content: form_authenticity_token)