![[BACK]](/icons/back.gif){kind=icon}
Up to [NetBSD + pkgsrc-wip] / pkgsrc / www / ruby-actionpack
Request diff between arbitrary revisions - Display revisions graphically
Keyword substitution: kv
Default branch: MAIN
Update ruby-actionpack package to 2.3.14: 2.3.14: Security Fix: 1. The code in Ruby on Rails 2.3 which sets the response content type performs insufficient sanitization of the values provided. This means that applications which let the user provide an arbitrary Content-Type header for the response are vulnerable to response splitting attacks. 2. The strip_tags helper in Ruby on Rails is designed to remove all HTML tags from a string. By using specially crafted values an attacker can confuse the parser and cause HTML tags to be injected into the response. This can be exploited to inject arbitrary javascript into the rendered page. Future releases of Ruby on Rails are likely to replace the current HTML tokenizer with one provided by libxml to reduce the likelihood of errors such as these in the future. In the meantime users can install the loofah gem[1] which should enhance both the performance and reliability of the HTML sanitization helpers.
Update Ruby on Rails supporting packages to 2.3.12. Exact changes are unknown but some bug fixes.
Pullup ticket 3353 - requested by taca
security update
Revisions pulled up:
- pkgsrc/databases/ruby-activerecord/Makefile 1.21
- pkgsrc/databases/ruby-activerecord/distinfo 1.21
- pkgsrc/devel/ruby-activesupport/Makefile 1.24
- pkgsrc/devel/ruby-activesupport/distinfo 1.21
- pkgsrc/mail/ruby-actionmailer/Makefile 1.19
- pkgsrc/mail/ruby-actionmailer/distinfo 1.20
- pkgsrc/www/ruby-actionpack/Makefile 1.22
- pkgsrc/www/ruby-actionpack/distinfo 1.22
- pkgsrc/www/ruby-actionpack/PLIST 1.21
- pkgsrc/www/ruby-activeresource/Makefile 1.11
- pkgsrc/www/ruby-activeresource/distinfo 1.11
- pkgsrc/www/ruby-rails/Makefile 1.2
- pkgsrc/www/ruby-rails/distinfo 1.2
Files deleted:
pkgsrc/www/ruby-rails/patches/patch-ad
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:37:58 UTC 2011
Modified Files:
pkgsrc/devel/ruby-activesupport: Makefile distinfo
Log Message:
Update ruby-activesupport package to 2.3.11.
It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/ruby-activesupport/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activesupport/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:39:41 UTC 2011
Modified Files:
pkgsrc/databases/ruby-activerecord: Makefile distinfo
Log Message:
Update ruby-activerecord package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/ruby-activerecord/Makefile \
pkgsrc/databases/ruby-activerecord/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:40:52 UTC 2011
Modified Files:
pkgsrc/www/ruby-actionpack: Makefile PLIST distinfo
Log Message:
Update ruby-actionpack package to 2.3.11.
* More strict dependency reflect gemspec's description.
*2.3.11 (February 9, 2011)*
* Two security fixes. CVE-2011-0446, CVE-2011-0447
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/ruby-actionpack/Makefile \
pkgsrc/www/ruby-actionpack/distinfo
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-actionpack/PLIST
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:42:26 UTC 2011
Modified Files:
pkgsrc/mail/ruby-actionmailer: Makefile distinfo
Log Message:
Update ruby-actionmailer package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/mail/ruby-actionmailer/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/mail/ruby-actionmailer/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:43:09 UTC 2011
Modified Files:
pkgsrc/www/ruby-activeresource: Makefile distinfo
Log Message:
Update ruby-activeresource/ package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/ruby-activeresource/Makefile \
pkgsrc/www/ruby-activeresource/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Wed Feb 9 12:44:07 UTC 2011
Modified Files:
pkgsrc/www/ruby-rails: Makefile distinfo
Removed Files:
pkgsrc/www/ruby-rails/patches: patch-ad
Log Message:
Update ruby-rails package to 2.3.11.
* More strict dependency reflect gemspec's description.
* It is update of version only for Ruby on Rails 2.3.11 update.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/ruby-rails/Makefile \
pkgsrc/www/ruby-rails/distinfo
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/www/ruby-rails/patches/patch-ad
Update ruby-actionpack package to 2.3.11. * More strict dependency reflect gemspec's description. *2.3.11 (February 9, 2011)* * Two security fixes. CVE-2011-0446, CVE-2011-0447
Update www/ruby-actionpack package to 2.3.10. No change except version, it is part of Rails 2.3.10. Change depending pattern to prevent ruby-activesupport 3.0.0 and later.
Update www/ruby-actionpack to 2.3.9.
* Use lang/ruby/gem.mk instead of misc/rubygems/rubygem.mk.
* Add LICENSE.
* Update dependency according to gemspec.
*2.3.9 (September 4, 2010)*
* Version bump.
*2.3.8 (May 24, 2010)*
* HTML safety: fix compatibility *without* the optional rails_xss plugin.
*2.3.7 (May 24, 2010)*
* HTML safety: fix compatibility with the optional rails_xss plugin. [Nathan Weizenbaum, Santiago Pastorino]
*2.3.6 (May 23, 2010)*
* JSON: set Base.include_root_in_json = true to include a root value in the JSON: {"post": {"title": ...}}. Mirrors the Active Record option. #2584 [Matthew Moore, Joe Martinez, Elad Meidar, Santiago Pastorino]
* Ruby 1.9: ERB template encoding using a magic comment at the top of the file. [Jeremy Kemper]
<%# encoding: utf-8 %>
* Fixed that default locale templates should be used if the current locale template is missing [DHH]
* Fixed that PrototypeHelper#update_page should return html_safe [DHH]
* Fixed that much of DateHelper wouldn't return html_safe? strings [DHH]
* Fixed that fragment caching should return a cache hit as html_safe (or it would all just get escaped) [DHH]
* Introduce String#html_safe for rails_xss plugin and forward-compatibility with Rails 3. [Michael Koziarski, Santiago Pastorino, Jos«± Ignacio Costa]
* Added :alert, :notice, and :flash as options to ActionController::Base#redirect_to that'll automatically set the proper flash before the redirection [DHH]. Examples:
flash[:notice] = 'Post was created'
redirect_to(@post)
...becomes:
redirect_to(@post, :notice => 'Post was created')
* Added ActionController::Base#notice/= and ActionController::Base#alert/= as a convenience accessors in both the controller and the view for flash[:notice]/= and flash[:alert]/= [DHH]
* Added cookies.permanent, cookies.signed, and cookies.permanent.signed accessor for common cookie actions [DHH]. Examples:
cookies.permanent[:prefers_open_id] = true
# => Set-Cookie: prefers_open_id=true; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT
cookies.signed[:discount] = 45
# => Set-Cookie: discount=BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7; path=/
cookies.signed[:discount]
# => 45 (if the cookie was changed, you'll get a InvalidSignature exception)
cookies.permanent.signed[:remember_me] = current_user.id
# => Set-Cookie: discount=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT
...to use the signed cookies, you need to set a secret to ActionController::Base.cookie_verifier_secret (automatically done in config/initializers/cookie_verification_secret.rb for new Rails applications).
Pullup ticket #2941 - requested by minskim
databases/ruby-activerecord: security update
devel/ruby-activesupport: security update
mail/ruby-actionmailer: security update
www/rails: security update
www/ruby-actionpack: security update
www/ruby-activeresource security update
Revisions pulled up:
- databases/ruby-activerecord/Makefile 1.17
- databases/ruby-activerecord/distinfo 1.17
- devel/ruby-activesupport/Makefile 1.20
- devel/ruby-activesupport/PLIST 1.16
- devel/ruby-activesupport/distinfo 1.17
- mail/ruby-actionmailer/Makefile 1.16
- mail/ruby-actionmailer/distinfo 1.17
- www/rails/Makefile 1.17
- www/rails/distinfo 1.13
- www/ruby-actionpack/Makefile 1.18
- www/ruby-actionpack/PLIST 1.18
- www/ruby-actionpack/distinfo 1.19
- www/ruby-activeresource/Makefile 1.7
- www/ruby-activeresource/distinfo 1.7
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Dec 1 23:24:24 UTC 2009
Modified Files:
pkgsrc/databases/ruby-activerecord: Makefile distinfo
pkgsrc/devel/ruby-activesupport: Makefile PLIST distinfo
pkgsrc/mail/ruby-actionmailer: Makefile distinfo
pkgsrc/www/rails: Makefile distinfo
pkgsrc/www/ruby-actionpack: Makefile PLIST distinfo
pkgsrc/www/ruby-activeresource: Makefile distinfo
Log Message:
Update rails packages to 2.3.5. This fixes a cross-site scripting
vulnerability in ruby-actionpack.
Major changes:
- Improved compatibility with Ruby 1.9
- RailsXss plugin availability
- Fixes for the Nokogiri backend for XmlMini
Update rails packages to 2.3.5. This fixes a cross-site scripting vulnerability in ruby-actionpack. Major changes: - Improved compatibility with Ruby 1.9 - RailsXss plugin availability - Fixes for the Nokogiri backend for XmlMini
Update rails packages to 2.3.4. Changes since 2.3.2: * I18n support for plugins.
Pullup ticket #2814 - requested by minskim ruby-actionpack: security patch Revisions pulled up: - www/ruby-actionpack/Makefile 1.16 - www/ruby-actionpack/distinfo 1.17 - www/ruby-actionpack/patches/patch-aa 1.3 --- Module Name: pkgsrc Committed By: minskim Date: Thu Jul 16 11:00:25 UTC 2009 Modified Files: pkgsrc/www/ruby-actionpack: Makefile distinfo Added Files: pkgsrc/www/ruby-actionpack/patches: patch-aa Log Message: Security fix for: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422 From rails git commit 056ddbdcfb07f0b5c7e6ed8a35f6c3b55b4ab489.
Security fix for: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422 From rails git commit 056ddbdcfb07f0b5c7e6ed8a35f6c3b55b4ab489.
Update rails packages to 2.3.1. Changes since 2.1.1: * Allow metal to live in plugins #2045 [Matthew Rudy] * Added metal [Josh Peek] * Remove script/performance/request in favour of the performance integration tests. [Pratik Naik] * Add a rake task to apply a template to an existing application : rake rails:template LOCATION=~/template.rb [Pratik Naik] * Add "-m/--template" option to Rails generator to apply a template to the generated application. [Jeremy McAnally] * Extracted the process scripts (inspector, reaper, spawner) into the plugin irs_process_scripts [David Heinemeier Hansson] * Changed Rails.root to return a Pathname object * Added view path support for engines [David Heinemeier Hansson] * Added that config/routes.rb files in engine plugins are automatically loaded (and reloaded when they change in dev mode) [David Heinemeier Hansson] * Added app/[models|controllers|helpers] to the load path for plugins that has an app directory (go engines ;)) [David Heinemeier Hansson] * Add config.preload_frameworks to load all frameworks at startup. Default to false so Rails autoloads itself as it's used. Turn this on for Passenger and JRuby. Also turned on by config.threadsafe! [Jeremy Kemper] * Add a rake task to generate dispatchers : rake rails:generate_dispatchers [Pratik Naik] * "rails <app>" will not generate public/dispatch.cgi/fcgi/rb files by default now. Please use "--with-dispatchers" option if you need them. [Yaroslav Markin, Pratik Naik] * Added rake rails:update:application_controller to renamed application.rb to application_controller.rb -- included in rake rails:update so upgrading to 2.3 will automatically trigger it #1439 [kastner] * Added Rails.backtrace_cleaner as an accessor for the Rails::BacktraceCleaner instance used by the framework to cut down on backtrace noise and config/initializers/backtrace_silencers.rb to add your own (or turn them all off) [David Heinemeier Hansson] * Switch from Test::Unit::TestCase to ActiveSupport::TestCase. [Jeremy Kemper] * Added config.i18n settings gatherer to config/environment, auto-loading of all locales in config/locales/*.rb,yml, and config/locales/en.yml as a sample locale [David Heinemeier Hansson] * BACKWARDS INCOMPATIBLE: Renamed application.rb to application_controller.rb and removed all the special casing that was in place to support the former. You must do this rename in your own application when you upgrade to this version [David Heinemeier Hansson] * Fixed plugin generator so that generated unit tests would subclass ActiveSupport::TestCase, also introduced a helper script to reduce the needed require statements #1137 [Mathias Meyer] * Update Prototype to 1.6.0.3 [sam] * Fixed that sqlite would report "db/development.sqlite3 already exists" whether true or not on db:create #614 [Antonio Cangiano] * Added config.threadsafe! to toggle allow concurrency settings and disable the dependency loader [Josh Peek] * Turn cache_classes on by default [Josh Peek] * Added configurable eager load paths. Defaults to app/models, app/controllers, and app/helpers [Josh Peek] * Introduce simple internationalization support. [Ruby i18n team] * Make script/plugin install <plugin> -r <revision> option work with git based plugins. #257. [Tim Pope Jakub Kuźma]. Example: * Added Rails.initialized? flag [Josh Peek] * Make rake test:uncommitted work with Git. [Tim Pope] * Added Thin support to script/server. #488 [Bob Klosinski] * Fix script/about in production mode. #370 [Cheah Chu Yeow, Xavier Noria, David Krmpotic] * Add the gem load paths before the framework is loaded, so certain gems like RedCloth and BlueCloth can be frozen. * Fix discrepancies with loading rails/init.rb from gems. * Plugins check for the gem init path (rails/init.rb) before the standard plugin init path (init.rb) [Jacek Becela] * Changed all generated tests to use the test/do declaration style [David Heinemeier Hansson] * Wrapped Rails.env in StringInquirer so you can do Rails.env.development? [David Heinemeier Hansson] * Fixed that RailsInfoController wasn't considering all requests local in development mode (Edgard Castro) [#310 state:resolved]
Update ruby-actionpack to 2.1.1. Changes: * All 2xx requests are considered successful [Josh Peek] * Deprecate the limited follow_redirect in functional tests. If you wish to follow redirects, use integration tests. [Michael Koziarski] * Fixed that AssetTagHelper#compute_public_path shouldn't cache the asset_host along with the source or per-request proc's won't run [DHH] * Deprecate define_javascript_functions, javascript_include_tag and friends are much better [Michael Koziarski] * Fix polymorphic_url with singleton resources. #461 [Tammer Saleh] * Deprecate ActionView::Base.erb_variable. Use the concat helper method instead of appending to it directly. [Jeremy Kemper] * Fixed Request#remote_ip to only raise hell if the HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR doesn't match (not just if they're both present) [Mark Imbriaco, Bradford Folkens]
Update ruby-actionpack to 2.1.0. Too many changes since 2.0.2. See CHANGELOG for the complete list.
Install as a gem using the pkgsrc rubygem.mk framework instead of directly into site_ruby.
Update ruby-actionpack to 2.0.2. There have been too many changes. Please see CHANGELOG for the complete list: http://dev.rubyonrails.org/browser/tags/rel_2-0-2/actionpack/CHANGELOG
Pullup ticket 2244 - requested by minskim
security update for ruby-actionpack
- pkgsrc/databases/ruby-activerecord/Makefile 1.10
- pkgsrc/databases/ruby-activerecord/distinfo 1.10
- pkgsrc/devel/ruby-activesupport/Makefile 1.12
- pkgsrc/devel/ruby-activesupport/distinfo 1.10
- pkgsrc/mail/ruby-actionmailer/Makefile 1.9
- pkgsrc/mail/ruby-actionmailer/distinfo 1.10
- pkgsrc/www/rails/Makefile 1.6
- pkgsrc/www/rails/PLIST 1.3
- pkgsrc/www/rails/distinfo 1.5
- pkgsrc/www/rails/patches/patch-ab 1.4
- pkgsrc/www/ruby-actionpack/Makefile 1.9, 1.10
- pkgsrc/www/ruby-actionpack/PLIST 1.10
- pkgsrc/www/ruby-actionpack/distinfo 1.10, 1.11
- pkgsrc/www/ruby-actionwebservice/Makefile 1.8
- pkgsrc/www/ruby-actionwebservice/distinfo 1.9
Module Name: pkgsrc
Committed By: minskim
Date: Tue Oct 16 02:56:02 UTC 2007
Modified Files:
pkgsrc/devel/ruby-activesupport: Makefile distinfo
Log Message:
Update ruby-activesupport to 1.4.4.
Changes:
* Backport: allow array and hash query parameters. Array route
parameters are converted/to/a/path as before.
* Demote Hash#to_xml to use XmlSimple#xml_in_string so it can't read
files or stdin.
* Document Object#blank?.
* Update Dependencies to ignore constants inherited from ancestors.
* Improved multibyte performance by relying less on exception raising
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Oct 16 03:17:32 UTC 2007
Modified Files:
pkgsrc/www/ruby-actionpack: Makefile PLIST distinfo
Log Message:
Update ruby-actionpack to 1.13.5.
Changes:
* Backport: allow array and hash query parameters. Array route
parameters are converted/to/a/path as before. #6765, #7047, #7462 [bgipsy,
Jeremy McAnally, Dan Kubb, brendan, Diego Algorta Casamayou]
* Fix in place editor's setter action with non-string fields. #7418
[Andreas]
* Only accept session ids from cookies, prevents session fixation
attacks.
* Change the resource seperator from ; to / change the generated
routes to use the new-style named routes. e.g. new_group_user_path(@group)
instead of group_new_user_path(@group). [pixeltrix]
* Integration tests: introduce methods for other HTTP methods. #6353
[caboose]
* Improve performance of action caching. Closes #8231 [skaes]
* Fix errors with around_filters which do not yield, restore 1.1
behaviour with after filters. Closes #8891 [skaes]
* Allow you to delete cookies with options. Closes #3685
* Deprecate pagination. Install the classic_pagination plugin for
forward compatibility, or move to the superior will_paginate plugin. #8157
* Fix filtered parameter logging with nil parameter values. #8422
[choonkeat]
* Integration tests: alias xhr to xml_http_request and add a
request_method argument instead of always using POST. #7124
* Document caches_action. #5419 [Jarkko Laine]
* observe_form always sends the serialized form. #5271
* Update UrlWriter to accept :anchor parameter. Closes #6771.
[octopod]
* Replace the current block/continuation filter chain handling by an
implementation based on a simple loop. Closes #8226 [Stefan Kaes]
* Return the string representation from an Xml Builder when
rendering a partial. #5044 [tpope]
* Cleaned up, corrected, and mildly expanded ActionPack
documentation. Closes #7190 [jeremymcanally]
* Small collection of ActionController documentation cleanups.
Closes #7319
* Performance: patch cgi/session/pstore to require digest/md5 once
rather than per #initialize. #7583 [Stefan Kaes]
* Deprecation: verification with :redirect_to => :named_route
shouldn't be deprecated. #7525 [Justin French]
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Oct 16 03:05:39 UTC 2007
Modified Files:
pkgsrc/databases/ruby-activerecord: Makefile distinfo
Log Message:
Update ruby-activerecord to 1.15.5.
Changes:
* Depend on Action Pack 1.4.4
* Fix #count on a has_many :through association so that it
recognizes the :uniq option. Closes #8801 [lifofifo]
* Don't clobber includes passed to has_many.count [danger]
* Make sure has_many uses :include when counting [danger]
* Save associated records only if the association is already
loaded. #8713
* Changing the :default Date format doesn't break date quoting. #6312
* Allow nil serialized attributes with a set class constraint. #7293
* belongs_to assignment creates a new proxy rather than modifying
its target in-place. #8412 [mmangino@elevatedrails.com]
* Fix column type detection while loading fixtures. Closes #7987
[roderickvd]
* Document deep eager includes. #6267 [Josh Susser, Dan Manges]
* Oracle: extract column length for CHAR also. #7866 [ymendel]
* Small additions and fixes for ActiveRecord documentation. Closes
#7342
* SQLite: binary escaping works with $KCODE='u'. #7862 [tsuka]
* Improved cloning performance by relying less on exception raising
#8159
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Oct 16 03:26:23 UTC 2007
Modified Files:
pkgsrc/mail/ruby-actionmailer: Makefile distinfo
Log Message:
Update ruby-actionmailer to 1.3.5.
Changes:
* Depend on Action Pack 1.13.5
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Oct 16 03:31:02 UTC 2007
Modified Files:
pkgsrc/www/ruby-actionwebservice: Makefile distinfo
Log Message:
Update ruby-actionwebservice to 1.2.5.
Changes:
* Depend on Action Pack 1.13.5
* Depend on Active Record 1.15.5
---
Module Name: pkgsrc
Committed By: minskim
Date: Tue Oct 16 04:03:43 UTC 2007
Modified Files:
pkgsrc/www/rails: Makefile PLIST distinfo
pkgsrc/www/rails/patches: patch-ab
Log Message:
Update rails to 1.2.5.
Changes:
* Correct RAILS_GEM_VERSION regexp. Use =version gem requirement
instead of ~>version so you don't get surprised by a beta gem in
production. This change means upgrading to 1.2.5 will require a boot.rb
upgrade.
* Move custom inflections example so available before route
generation.
* Add a new rake task to aid debugging of named routes.
* use Gem.find_name instead of search when freezing gems. Prevent
false positives for other gems with rails in the name. Closes #8729
[wselman]
* Fix syntax error in dispatcher than wrecked failsafe responses.
* Add Active Resource to rails:freeze:edge and drop Action Web
Service.
* Give generate scaffold a more descriptive database message.
Closes #7316
* Canonicalize RAILS_ROOT by using File.expand_path on Windows,
which doesn't have to worry about symlinks, and Pathname#realpath
elsewhere, which respects symlinks in relative paths but is incompatible
with Windows. #6755 [Jeremy Kemper, trevor]
---
Module Name: pkgsrc
Committed By: minskim
Date: Mon Dec 10 05:47:03 UTC 2007
Modified Files:
pkgsrc/www/ruby-actionpack: Makefile distinfo
Log Message:
Update ruby-actionpack to 1.13.6.
Changes:
* Correct Broken Fix for session_fixation attacks
* Ensure that cookies handle array values correctly. Closes #9937
[queso]
Update ruby-actionpack to 1.13.6. Changes: * Correct Broken Fix for session_fixation attacks * Ensure that cookies handle array values correctly. Closes #9937 [queso]
Update ruby-actionpack to 1.13.5. Changes: * Backport: allow array and hash query parameters. Array route parameters are converted/to/a/path as before. #6765, #7047, #7462 [bgipsy, Jeremy McAnally, Dan Kubb, brendan, Diego Algorta Casamayou] * Fix in place editor's setter action with non-string fields. #7418 [Andreas] * Only accept session ids from cookies, prevents session fixation attacks. * Change the resource seperator from ; to / change the generated routes to use the new-style named routes. e.g. new_group_user_path(@group) instead of group_new_user_path(@group). [pixeltrix] * Integration tests: introduce methods for other HTTP methods. #6353 [caboose] * Improve performance of action caching. Closes #8231 [skaes] * Fix errors with around_filters which do not yield, restore 1.1 behaviour with after filters. Closes #8891 [skaes] * Allow you to delete cookies with options. Closes #3685 * Deprecate pagination. Install the classic_pagination plugin for forward compatibility, or move to the superior will_paginate plugin. #8157 * Fix filtered parameter logging with nil parameter values. #8422 [choonkeat] * Integration tests: alias xhr to xml_http_request and add a request_method argument instead of always using POST. #7124 * Document caches_action. #5419 [Jarkko Laine] * observe_form always sends the serialized form. #5271 * Update UrlWriter to accept :anchor parameter. Closes #6771. [octopod] * Replace the current block/continuation filter chain handling by an implementation based on a simple loop. Closes #8226 [Stefan Kaes] * Return the string representation from an Xml Builder when rendering a partial. #5044 [tpope] * Cleaned up, corrected, and mildly expanded ActionPack documentation. Closes #7190 [jeremymcanally] * Small collection of ActionController documentation cleanups. Closes #7319 * Performance: patch cgi/session/pstore to require digest/md5 once rather than per #initialize. #7583 [Stefan Kaes] * Deprecation: verification with :redirect_to => :named_route shouldn't be deprecated. #7525 [Justin French]
Update ruby-actionpack to 1.13.3. Changes: * Apply [5709] to stable. * session_enabled? works with session :off. * Performance: patch cgi/session to require digest/md5 once rather than per #cre ate_new_id.
Update ruby-actionpack to 1.13.2. Changes: * Add much-needed html-scanner tests. Fixed CDATA parsing bug. [Rick] * improve error message for Routing for named routes. [Rob Sanheim] * Added enhanced docs to routing assertions. [Rob Sanheim] * fix form_for example in ActionController::Resources documentation. [gnarg] * Add singleton resources from trunk [Rick Olson] * TestSession supports indifferent access so session['foo'] == session[:foo] in your tests. #7372 [julik, jean.helou] * select :multiple => true suffixes the attribute name with [] unless already suffixed. #6977 [nik.kakelin, ben, julik] * Improve routes documentation. #7095 [zackchandler] * Resource member routes require :id, eliminating the ambiguous overlap with collection routes. #7229 [dkubb] * Fixed NumberHelper#number_with_delimiter to use "." always for splitting the original number, not the delimiter parameter #7389 [ceefour] * Autolinking recognizes trailing and embedded . , : ; #7354 [Jarkko Laine] * Make TextHelper::auto_link recognize URLs with colons in path correctly, fixes #7268. [imajes] * Improved auto_link to match more valid urls correctly [Tobias Luetke]
Update ruby-actionpack to 1.13.1, required by rails-1.2.1.
Too many changes since 1.12.5. See ${RUBY_DOCDIR}/actionpack/CHANGELOG.
Update ruby-actionpack to 1.12.5. This version includes a security fix
for path string handling. See ${RUBY_DOCDIR}/actionpack/CHANGELOG for
the complete list.
Stop handling DIST_SUBDIR default for Ruby based packages. Second, update distinfo and/or stop using USE_RUBY_DIST_SUBDIR in Makefiles.
Fix patch (the original file has no newline at the end, breaking the BSD patch).
Update www/ruby18-actionpack package to 1.10.1.
Changes from 1.9.1 are many, please see ${RUBY_DOCDIR}/actionpack/CHANGELOG.
pkgsrc change is installing example files, too.
Update ruby-actionpack package to 1.9.1 Changes from 1.7.0 are too huge, please see web page: http://ap.rubyonrails.com/files/CHANGELOG.html.
Import ruby-actionpack. Action Pack splits the response to a web request into a controller part (performing the logic) and a view part (rendering a template). This two-step approach is known as an action, which will normally create, read, update, or delete (CRUD for short) some sort of model part (often backed by a database) before choosing either to render a template or redirecting to another action. Action Pack implements these actions as public methods on Action Controllers and uses Action Views to implement the template rendering. Action Controllers are then responsible for handling all the actions relating to a certain part of an application. This grouping usually consists of actions for lists and for CRUDs revolving around a single (or a few) model objects. So ContactController would be responsible for listing contacts, creating, deleting, and updating contacts. A WeblogController could be responsible for both posts and comments. Action View templates are written using embedded Ruby in tags mingled in with the HTML. To avoid cluttering the templates with code, a bunch of helper classes provide common behavior for forms, dates, and strings. And it's easy to add specific helpers to keep the separation as the application evolves.
Initial revision