roda 3.28.0 → 3.33.0

data/doc/release_notes/2.13.0.txt

@@ -1,10 +0,0 @@
-= New Features
-
-* The render plugin now supports :check_paths and :allowed_paths
-  options.  Setting :check_paths to true will turn on path checking of
-  template files.  By default, template files are required to be in
-  the :views directory, otherwise an exception will be raised.  Using
-  the :check_paths option can prevent security issues when template
-  names are derived from user input.  The :allowed_paths option
-  overrides which path prefixes are allowed. In Roda 3, :check_paths
-  will default to true.

data/doc/release_notes/2.14.0.txt

@@ -1,44 +0,0 @@
-= New Features
-
-* A symbol_status plugin has been added for using symbolic status names
-  in response.status=:
-
-    class App < Roda
-      plugin :symbol_status
-
-      route do |r|
-        r.is "needs_authorization"
-          response.status = :unauthorized
-        end
-      end
-
-= Other Improvements
-
-* The middleware plugin will now also run the application's middleware
-  when the application is used as middleware.  For example, if you
-  have the following code in your config.ru file:
-
-    class App < Roda
-      plugin :csrf
-      plugin :middleware
-      route{}
-    end
-
-    use App
-  
-  previously, the csrf protection would not be enforced, as it uses a
-  middleware instead of being part of the application. Now, csrf
-  protection will be enforced.  This change makes it so the Roda
-  application operates the same way regardless of whether it is run
-  as the rack application or used as rack middleware.
-
-  Because of this change, if you are nesting roda applications using
-  the middleware plugin, you may need to use the middleware plugin's
-  :env_var option to specify the environment variable used to
-  indicate to the Roda application that it is being run as middleware.
-
-= Backwards Compatibility
-
-* See above changes to the middleware plugin if you are using
-  middleware inside a Roda application that uses the middleware
-  plugin.

data/doc/release_notes/2.15.0.txt

@@ -1,53 +0,0 @@
-= New Features
-
-* A public plugin has been added.  This adds an r.public method
-  for serving all files in the public directory.  The public
-  plugin can replace usage of the static plugin, and is more
-  flexible.  You can place r.public at any point in the routing
-  tree, and it will use the remaining path to lookup the file
-  in the public directory.  You can also pass the :gzip option
-  when loading the plugin, and it will serve already gzipped
-  files to the client if the client supports gzipped transfer
-  encoding and the file exists with a .gz extension.  Example:
-
-    plugin :public
-    route do |r|
-      # Serve public files before routing
-      r.public
-
-      # ...
-    end
-
-* The :header matcher added by the header_matchers plugin now
-  automatically prefixes the key with HTTP_ when looking it up in
-  the environment, if the :header_matcher_prefix application
-  option is set.  This behavior will probably be the default in
-  Roda 3.
-
-    # Before
-    r.on :header => 'http_accept'
-
-    # Now, with :header_matcher_prefix=>true application option
-    r.on :header => 'accept'
-
-* The content_for plugin now accepts an :append=>true option to
-  support appending to the existing content instead of overwriting
-  the existing content if called multiple times.  This behavior
-  will probably be the default in Roda 3.
-
-    # Before
-    content_for(:form, 'a')
-    content_for(:form, 'b')
-    content_for(:form) # => 'b'
-
-    # Now, with :append=>true option
-    content_for(:form, 'a')
-    content_for(:form, 'b')
-    content_for(:form) # => 'ab'
-
-= Other Improvements
-
-* The r.send_file method in the sinatra_helpers plugin now works
-  correctly when using rack 2.
-
-* The specs now run correctly on Windows.

data/doc/release_notes/2.16.0.txt

@@ -1,48 +0,0 @@
-= New Features
-
-* A type_routing plugin has been added.  This plugin allows routing
-  based on the requested type, which can be submitted either via a
-  file extension or Accept header:
-
-    plugin :type_routing
-
-    route do |r|
-      r.get 'a' do
-        r.html{ "<h1>This is the HTML response</h1>" }
-        r.json{ '{"json": "ok"}' }
-        r.xml{ "<root>This is the XML response</root>" }
-      end
-    end
-
-    # /a or /a.html => HTML response
-    # /a.json => JSON response
-    # /a.xml => XML response
-
-  The response content type is set appropriately when the r.html,
-  r.json, or r.xml block is yielded to.  Using plugin options, you can
-  add support for custom types, and choose whether to use only file
-  extensions or only Accept headers for type matching.
-
-* A request_headers plugin has been added. This allows easier access
-  to request headers.  For example, to access a header called
-  X-My-Header, by default you would need to use the CGI mangled name:
-    
-    r.env['HTTP_X_MY_HEADER']
-
-  The request_headers plugin allows the easier to use:
-
-    r.headers['X-My-Header']
-
-* An unescape_path plugin has been added.  By default, Roda does not
-  unescape a URL-encoded PATH_INFO before routing.  This plugin allows
-  URL-encoded PATH_INFO to work, supporting %2f as well as / as path
-  separators, and having captures return unescaped values:
-
-    plugin :unescape_path
-  
-    route do |r|
-      # Assume /b/a URL encoded at %2f%62%2f%61
-      r.on :x, /(.)/ do |*x|
-        # x => ['b', 'a']
-      end
-    end

data/doc/release_notes/2.17.0.txt

@@ -1,62 +0,0 @@
-= New Plugins 
-
-* A run_append_slash plugin has been added, which automatically uses
-  "/" as the path instead of an empty path when calling rack
-  applications with r.run:
-
-    route do |r|
-      r.on "a" do
-        r.run App
-      end
-    end
-    
-    # without run_append_slash:
-    # GET /a => App gets "" as PATH_INFO
-    # GET /a/ => App gets "/" as PATH_INFO
-
-    # with run_append_slash:
-    # GET /a => App gets "/" as PATH_INFO
-    # GET /a/ => App gets "/" as PATH_INFO
-
-  By default, the path is modified directly, but if you want to
-  redirect instead, you can pass a :use_redirects option when loading
-  the plugin.
-
-= New Features
-
-* The assets plugin now supports an :sri option to enable subresource
-  integrity on the link/script tags generated by the assets helper.
-  This option takes either :sha256, :sha384, or :sha512 values,
-  specifying the hash algorithm to use.  Roda 3 will default to using
-  :sri => :sha256.
-
-* The assets plugin now supports a :postprocessor option, which should
-  be a callable object.  If the option is given, it will be called with
-  the filename, type, and rendered asset output of the file (CSS/JS),
-  and should return the postprocessed content to use.  This allows any
-  type of custom postprocessing to be done, such as CSS autoprefixing.
-
-* The render plugin now supports a :layout_opts=>:merge_locals option,
-  which will automatically merge view template locals into layout
-  template locals.  This is useful if you want to use the same local
-  variable for both templates.
-
-* The error_handler plugin now supports a :classes option, allowing
-  you to override which exception classes to handle.  This allows it
-  to be used with libraries which use exception classes that
-  subclass from Exception instead of StandardError.
-
-= Other Improvements
-
-* The type_routing plugin now works correctly when using r.run.
-  Previously, if the type routing plugin recognized and removed
-  the file extension used in the requested path, it would not
-  add the file extension back to the path when passing the request
-  to another rack app.
-
-= Backwards Compatibility
-
-* In the assets plugin, Roda::RodaRequest.assets_matchers now uses
-  symbols instead of strings as the first argument in each entry.
-  This should not affect you unless you were accessing the values
-  directly.

data/doc/release_notes/2.18.0.txt

@@ -1,69 +0,0 @@
-= New Plugins 
-
-* A static_routing plugin has been added, which can give a 3-4x
-  increase in performance for large number of static routes, and
-  makes routing O(1) for static routes.  Static routes are routes
-  that match full paths, with no placeholders, and are checked before
-  using the normal routing tree.
-
-  Static routes are defined via class-level static_* routing methods.
-  There is a static_* routing method for each HTTP verb (e.g.
-  static_get), as well as a static_route method, which will work
-  for any HTTP verb, with the verb-specific method taking priority.
-  By using static_route, you can get significantly faster performance
-  while retaining some of the benefits of Roda's routing tree design
-  (simple shared logic with verb specific behavior). Example:
-
-    plugin :static_routing
-
-    static_route '/foo' do |r|
-      @var = :foo
-
-      r.get do
-        'Not actually reached'
-      end
-
-      r.post{'static POST /#{@var}'}
-    end
-
-    static_get '/foo' do |r|
-      'static GET /foo'
-    end
-
-    route do |r|
-      'Not a static route'
-    end
-
-  Because static routing routes on the full path instead of by
-  path segment, the methods takes the full path as a string,
-  including the leading slash.
-
-* An assets_preloading plugin has been added, which makes it simple
-  to generate HTML link tags or a Link header value to tell the
-  browser to preload assets for performance reasons.
-
-    # In routes, using the Link header:
-    response.headers['Link'] = preload_assets_link_header(:css)
-
-    # In templates, using a link tag:
-    <%= preload_assets_link_tags(:css) %>
-
-= New Features
-
-* RodaRequest#real_remaining_path has been added.  This is designed
-  to be overridden by plugins that modify remaining_path for internal
-  routing purposes.  RodaRequest#run now uses real_remaining_path
-  when passing requests to other rack applications.
-
-* An assets_paths method has been added to the assets plugin.  This
-  is similar to the assets method, but it returns an array of paths
-  to the assets, instead of a HTML link/script tag.
-
-= Other Improvements
-
-* The public plugin now works correctly when used with the
-  type_routing plugin, for paths ending in extensions that
-  type_routing is configured to handle.
-
-* The head plugin now works with the not_allowed plugin if it is
-  loaded after the not_allowed plugin.

data/doc/release_notes/2.19.0.txt

@@ -1,30 +0,0 @@
-= Improvements
-
-* The indifferent_params plugin is now optimized when using Rack 2,
-  using Rack 2's query_parser API, and it no longer needs to do a
-  deep copy of the params.
-
-* The Content-Type and Content-Length headers are no longer added
-  for 1xx, 204, 205, and 304 responses.
-
-* The assets_paths method in the assets plugin now works
-  correctly when subresource integrity is enabled.
-
-* The asset paths are now escaped in tags by the assets and
-  assets_preloading plugins.  While it's unlikely a developer
-  would use an asset path that requires escaping, that case is
-  now handled correctly.
-
-* The h plugin no longer calls Rack::Utils.escape_html, instead
-  implementing it's own html escaping.
-
-* The assets plugin now uses the h plugin, instead of calling
-  Rack::Utils.escape_html.
-
-= Backwards Compatibility
-
-* The h plugin's html escaping no longer escapes "/", which is
-  a behavior change if you are using any recent version of rack.
-  The security arguments made to escape "/" could be applied to
-  many other characters, so if you want to escape "/", you should
-  probably use a separate method that escapes all \W characters.

data/doc/release_notes/2.2.0.txt

@@ -1,97 +0,0 @@
-= New Plugins
-
-* A shared_vars plugin has been added, for sharing variables between
-  multiple Roda apps.  Example:
-
-    class API < Roda
-      plugin :shared_vars
-      route do |r|
-        user = shared[:user]
-        # ...
-      end
-    end
- 
-    class App < Roda
-      plugin :shared_vars
- 
-      route do |r|
-        r.on :user_id do |user_id|
-          shared[:user] = User[user_id]
-          r.run API
-        end
-      end
-    end
- 
-  If you pass a hash to shared, it will update the shared
-  variables with the content of the hash:
- 
-    route do |r|
-      r.on :user_id do |user_id|
-        shared(:user => User[user_id])
-        r.run API
-      end
-    end
- 
-  You can also pass a block to shared, which will set the
-  shared variables only for the given block, restoring the
-  previous shared variables afterward:
- 
-    route do |r|
-      r.on :user_id do |user_id|
-        shared(:user => User[user_id]) do
-          r.run API
-        end
-      end
-    end
-
-* The partials method added by the padrino_render plugin has been
-  extracted into a partials plugin, for users who want to use the
-  partials method without having render use a layout by default.
-
-= Other New Features
-
-* The render plugin when using the :escape option now additionally
-  supports an :escape_safe_classes option, which accepts a class or
-  array of classes that should not be automatically escaped when using
-  <%= %> tags.  This makes easier to integrate with helpers or
-  external libraries that return already html escaped strings, without
-  using <%== %> tags.
-
-  For complete control, an :escaper option is also supported, which
-  will be used for escaping <%= %> strings.  The value of this option
-  should be an object that responds to escape_xml with a single
-  argument and returns an output string.
-
-* A Roda#delay method has been added to the chunked plugin, which
-  delays execution of the given block until right before the content
-  template is rendered.  This allows you to continue to use the
-  routing tree to DRY up your code even when streaming template
-  rendering.  Example:
-
-    r.on 'albums/:d' do |album_id|
-      delay do
-        @album = Album[album_id]
-      end
-      r.get 'info' do
-        chunked(:info)
-      end
-      r.get 'tracks' do
-        chunked(:tracks)
-      end
-    end
-
-* The path plugin now supports a :by_name option, which makes lookup
-  of the class be by name as opposed to by reference.  This is
-  designed for use in development when doing code reloading.
-
-* Roda.path_block has been added to the path plugin for returning the
-  block associated with the given class.
-
-= Other Improvements
-
-* The default_headers plugin now defaults to the same headers that
-  Roda uses by default (just the Content-Type header with text/html
-  value).  Previously, it did not set a Content-Type header if you
-  didn't specify one.
-
-* In the path plugin, Roda#path now works correctly in subclasses.

data/doc/release_notes/2.20.0.txt

@@ -1,5 +0,0 @@
-= New Features
-
-* The render plugin now supports :erubi as an :escape option value,
-  which will change the plugin to use Erubi instead of Erubis as the
-  template processor.  Erubi is a simplified Erubis fork.

data/doc/release_notes/2.21.0.txt

@@ -1,17 +0,0 @@
-= New Features
-
-* The streaming plugin now supports a handle_stream_error method to
-  handle exceptions when using stream(:loop=>true).  This method
-  takes the exception and the stream object, and can be used to log
-  errors, output errors into the stream, close the stream, ignore
-  errors, or any other error handling.
-
-= Other Improvements
-
-* A couple of unused variable assignments have been removed, providing
-  a minor speedup.
-
-* The specs no longer produce deprecation warnings when using Minitest
-  5.10.
-
-* Some verbose warnings have been removed from the specs.