mirror of https://github.com/rails/rails
Ruby code block indentation issue fix
[skip ci] indentation fix [skip ci] review changes added [skip ci] indentation fix
This commit is contained in:
parent
9044d35c2f
commit
61a9c1a92a
|
@ -80,6 +80,7 @@
|
|||
This is very useful in situations where you only want to add a required param that is part of the route's URL but for other route not append an extraneous query param.
|
||||
|
||||
Given the following router...
|
||||
|
||||
```ruby
|
||||
Rails.application.routes.draw do
|
||||
scope ":account_id" do
|
||||
|
@ -91,12 +92,13 @@
|
|||
```
|
||||
|
||||
And given the following `ApplicationController`
|
||||
|
||||
```ruby
|
||||
class ApplicationController < ActionController::Base
|
||||
def default_url_options
|
||||
{ path_params: { account_id: "foo" } }
|
||||
end
|
||||
class ApplicationController < ActionController::Base
|
||||
def default_url_options
|
||||
{ path_params: { account_id: "foo" } }
|
||||
end
|
||||
end
|
||||
```
|
||||
|
||||
The standard url_for helper and friends will now behave as follows:
|
||||
|
|
|
@ -8,15 +8,15 @@
|
|||
This method lets job authors define a block which will be run when a job is about to be discarded. For example:
|
||||
|
||||
```ruby
|
||||
class AfterDiscardJob < ActiveJob::Base
|
||||
after_discard do |job, exception|
|
||||
Rails.logger.info("#{job.class} raised an exception: #{exception}")
|
||||
end
|
||||
|
||||
def perform
|
||||
raise StandardError
|
||||
end
|
||||
class AfterDiscardJob < ActiveJob::Base
|
||||
after_discard do |job, exception|
|
||||
Rails.logger.info("#{job.class} raised an exception: #{exception}")
|
||||
end
|
||||
|
||||
def perform
|
||||
raise StandardError
|
||||
end
|
||||
end
|
||||
```
|
||||
|
||||
The above job will run the block passed to `after_discard` after the job is discarded. The exception will
|
||||
|
|
|
@ -29,14 +29,14 @@
|
|||
to consider both character count and byte size while keeping the character length validation in place.
|
||||
|
||||
```ruby
|
||||
user = User.new(password: "a" * 73) # 73 characters
|
||||
user.valid? # => false
|
||||
user.errors[:password] # => ["is too long"]
|
||||
user = User.new(password: "a" * 73) # 73 characters
|
||||
user.valid? # => false
|
||||
user.errors[:password] # => ["is too long"]
|
||||
|
||||
|
||||
user = User.new(password: "あ" * 25) # 25 characters, 75 bytes
|
||||
user.valid? # => false
|
||||
user.errors[:password] # => ["is too long"]
|
||||
user = User.new(password: "あ" * 25) # 25 characters, 75 bytes
|
||||
user.valid? # => false
|
||||
user.errors[:password] # => ["is too long"]
|
||||
```
|
||||
|
||||
*ChatGPT*, *Guillermo Iguaran*
|
||||
|
|
|
@ -788,15 +788,15 @@
|
|||
Before:
|
||||
|
||||
```ruby
|
||||
serialize :content, JSON
|
||||
serialize :backtrace, Array
|
||||
serialize :content, JSON
|
||||
serialize :backtrace, Array
|
||||
```
|
||||
|
||||
After:
|
||||
|
||||
```ruby
|
||||
serialize :content, coder: JSON
|
||||
serialize :backtrace, type: Array
|
||||
serialize :content, coder: JSON
|
||||
serialize :backtrace, type: Array
|
||||
```
|
||||
|
||||
*Jean Boussier*
|
||||
|
|
|
@ -144,21 +144,21 @@
|
|||
|
||||
In the following example, the code failed to upload all but the last file to the configured service.
|
||||
```ruby
|
||||
ActiveRecord::Base.transaction do
|
||||
user.attachments.attach({
|
||||
content_type: "text/plain",
|
||||
filename: "dummy.txt",
|
||||
io: ::StringIO.new("dummy"),
|
||||
})
|
||||
user.attachments.attach({
|
||||
content_type: "text/plain",
|
||||
filename: "dummy2.txt",
|
||||
io: ::StringIO.new("dummy2"),
|
||||
})
|
||||
end
|
||||
ActiveRecord::Base.transaction do
|
||||
user.attachments.attach({
|
||||
content_type: "text/plain",
|
||||
filename: "dummy.txt",
|
||||
io: ::StringIO.new("dummy"),
|
||||
})
|
||||
user.attachments.attach({
|
||||
content_type: "text/plain",
|
||||
filename: "dummy2.txt",
|
||||
io: ::StringIO.new("dummy2"),
|
||||
})
|
||||
end
|
||||
|
||||
assert_equal 2, user.attachments.count
|
||||
assert user.attachments.first.service.exist?(user.attachments.first.key) # Fails
|
||||
assert_equal 2, user.attachments.count
|
||||
assert user.attachments.first.service.exist?(user.attachments.first.key) # Fails
|
||||
```
|
||||
|
||||
This was addressed by keeping track of the subchanges pending upload, and uploading them
|
||||
|
|
|
@ -96,6 +96,7 @@ Please refer to the [Changelog][action-view] for detailed changes.
|
|||
#=> <input type="hidden" name="_method" value="post" autocomplete="off" />
|
||||
# After
|
||||
#=> <input type="hidden" name="_method" value="patch" autocomplete="off" />
|
||||
```
|
||||
|
||||
Action Mailer
|
||||
-------------
|
||||
|
|
|
@ -588,7 +588,7 @@ Please refer to the [Changelog][active-model] for detailed changes.
|
|||
|
||||
* Add support for beginless ranges to `inclusivity/exclusivity` validators.
|
||||
|
||||
```ruby
|
||||
```ruby
|
||||
validates_inclusion_of :birth_date, in: -> { (..Date.today) }
|
||||
```
|
||||
|
||||
|
|
|
@ -102,7 +102,7 @@ View Timings from Instrumentation in Your Browser
|
|||
Rails implements the [Server Timing](https://www.w3.org/TR/server-timing/) standard to make timing information available in the web browser. To enable, edit your environment configuration (usually `development.rb` as this is most-used in development) to include the following:
|
||||
|
||||
```ruby
|
||||
config.server_timing = true
|
||||
config.server_timing = true
|
||||
```
|
||||
|
||||
Once configured (including restarting your server), you can go to the Developer Tools pane of your browser, then select Network and reload your page. You can then select any request to your Rails server, and will see server timings in the timings tab. For an example of doing this, see the [Firefox Documentation](https://firefox-source-docs.mozilla.org/devtools-user/network_monitor/request_details/index.html#server-timing).
|
||||
|
|
|
@ -527,7 +527,7 @@ INFO: _A common pitfall in Ruby's regular expressions is to match the string's b
|
|||
Ruby uses a slightly different approach than many other languages to match the end and the beginning of a string. That is why even many Ruby and Rails books get this wrong. So how is this a security threat? Say you wanted to loosely validate a URL field and you used a simple regular expression like this:
|
||||
|
||||
```ruby
|
||||
/^https?:\/\/[^\n]+$/i
|
||||
/^https?:\/\/[^\n]+$/i
|
||||
```
|
||||
|
||||
This may work fine in some languages. However, _in Ruby `^` and `$` match the **line** beginning and line end_. And thus a URL like this passes the filter without problems:
|
||||
|
@ -541,7 +541,7 @@ http://hi.com
|
|||
This URL passes the filter because the regular expression matches - the second line, the rest does not matter. Now imagine we had a view that showed the URL like this:
|
||||
|
||||
```ruby
|
||||
link_to "Homepage", @user.homepage
|
||||
link_to "Homepage", @user.homepage
|
||||
```
|
||||
|
||||
The link looks innocent to visitors, but when it's clicked, it will execute the JavaScript function "exploit_code" or any other JavaScript the attacker provides.
|
||||
|
@ -549,14 +549,14 @@ The link looks innocent to visitors, but when it's clicked, it will execute the
|
|||
To fix the regular expression, `\A` and `\z` should be used instead of `^` and `$`, like so:
|
||||
|
||||
```ruby
|
||||
/\Ahttps?:\/\/[^\n]+\z/i
|
||||
/\Ahttps?:\/\/[^\n]+\z/i
|
||||
```
|
||||
|
||||
Since this is a frequent mistake, the format validator (validates_format_of) now raises an exception if the provided regular expression starts with ^ or ends with $. If you do need to use ^ and $ instead of \A and \z (which is rare), you can set the :multiline option to true, like so:
|
||||
|
||||
```ruby
|
||||
# content should include a line "Meanwhile" anywhere in the string
|
||||
validates :content, format: { with: /^Meanwhile$/, multiline: true }
|
||||
# content should include a line "Meanwhile" anywhere in the string
|
||||
validates :content, format: { with: /^Meanwhile$/, multiline: true }
|
||||
```
|
||||
|
||||
Note that this only protects you against the most common mistake when using the format validator - you always need to keep in mind that ^ and $ match the **line** beginning and line end in Ruby, and not the beginning and end of a string.
|
||||
|
@ -1143,7 +1143,7 @@ browser automatically upgrades to HTTPS for current and future connections.
|
|||
The header is added to the response when enabling the `force_ssl` option:
|
||||
|
||||
```ruby
|
||||
config.force_ssl = true
|
||||
config.force_ssl = true
|
||||
```
|
||||
|
||||
[`Strict-Transport-Security`]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
|
||||
|
|
|
@ -2292,10 +2292,10 @@ Rails 4.0 no longer supports loading plugins from `vendor/plugins`. You must rep
|
|||
* Rails 4.0 requires that scopes use a callable object such as a Proc or lambda:
|
||||
|
||||
```ruby
|
||||
scope :active, where(active: true)
|
||||
scope :active, where(active: true)
|
||||
|
||||
# becomes
|
||||
scope :active, -> { where active: true }
|
||||
# becomes
|
||||
scope :active, -> { where active: true }
|
||||
```
|
||||
|
||||
* Rails 4.0 has deprecated `ActiveRecord::Fixtures` in favor of `ActiveRecord::FixtureSet`.
|
||||
|
@ -2356,9 +2356,9 @@ Rails 4.0 extracted Active Resource to its own gem. If you still need the featur
|
|||
* Rails 4.0 introduces `ActiveSupport::KeyGenerator` and uses this as a base from which to generate and verify signed cookies (among other things). Existing signed cookies generated with Rails 3.x will be transparently upgraded if you leave your existing `secret_token` in place and add the new `secret_key_base`.
|
||||
|
||||
```ruby
|
||||
# config/initializers/secret_token.rb
|
||||
Myapp::Application.config.secret_token = 'existing secret token'
|
||||
Myapp::Application.config.secret_key_base = 'new secret key base'
|
||||
# config/initializers/secret_token.rb
|
||||
Myapp::Application.config.secret_token = 'existing secret token'
|
||||
Myapp::Application.config.secret_key_base = 'new secret key base'
|
||||
```
|
||||
|
||||
Please note that you should wait to set `secret_key_base` until you have 100% of your userbase on Rails 4.x and are reasonably sure you will not need to rollback to Rails 3.x. This is because cookies signed based on the new `secret_key_base` in Rails 4.x are not backwards compatible with Rails 3.x. You are free to leave your existing `secret_token` in place, not set the new `secret_key_base`, and ignore the deprecation warnings until you are reasonably sure that your upgrade is otherwise complete.
|
||||
|
@ -2422,14 +2422,14 @@ Rails 4.0 extracted Active Resource to its own gem. If you still need the featur
|
|||
* Rails 4.0 requires that routes using `match` must specify the request method. For example:
|
||||
|
||||
```ruby
|
||||
# Rails 3.x
|
||||
match '/' => 'root#index'
|
||||
# Rails 3.x
|
||||
match '/' => 'root#index'
|
||||
|
||||
# becomes
|
||||
match '/' => 'root#index', via: :get
|
||||
# becomes
|
||||
match '/' => 'root#index', via: :get
|
||||
|
||||
# or
|
||||
get '/' => 'root#index'
|
||||
# or
|
||||
get '/' => 'root#index'
|
||||
```
|
||||
|
||||
* Rails 4.0 has removed `ActionDispatch::BestStandardsSupport` middleware, `<!DOCTYPE html>` already triggers standards mode per https://msdn.microsoft.com/en-us/library/jj676915(v=vs.85).aspx and ChromeFrame header has been moved to `config.action_dispatch.default_headers`.
|
||||
|
@ -2446,10 +2446,10 @@ Rails 4.0 extracted Active Resource to its own gem. If you still need the featur
|
|||
* Rails 4.0 allows configuration of HTTP headers by setting `config.action_dispatch.default_headers`. The defaults are as follows:
|
||||
|
||||
```ruby
|
||||
config.action_dispatch.default_headers = {
|
||||
'X-Frame-Options' => 'SAMEORIGIN',
|
||||
'X-XSS-Protection' => '1; mode=block'
|
||||
}
|
||||
config.action_dispatch.default_headers = {
|
||||
'X-Frame-Options' => 'SAMEORIGIN',
|
||||
'X-XSS-Protection' => '1; mode=block'
|
||||
}
|
||||
```
|
||||
|
||||
Please note that if your application is dependent on loading certain pages in a `<frame>` or `<iframe>`, then you may need to explicitly set `X-Frame-Options` to `ALLOW-FROM ...` or `ALLOWALL`.
|
||||
|
|
Loading…
Reference in New Issue