Changeset 4708
- Timestamp:
- 08/07/06 09:25:21 (2 years ago)
- Files:
-
- branches/stable/actionmailer/CHANGELOG (modified) (1 diff)
- branches/stable/actionmailer/lib/action_mailer/base.rb (modified) (1 diff)
- branches/stable/actionpack/CHANGELOG (modified) (1 diff)
- branches/stable/actionpack/lib/action_controller/base.rb (modified) (12 diffs)
- branches/stable/actionpack/lib/action_controller/caching.rb (modified) (1 diff)
- branches/stable/actionpack/lib/action_controller/cgi_process.rb (modified) (1 diff)
- branches/stable/actionpack/lib/action_controller/integration.rb (modified) (6 diffs)
- branches/stable/actionpack/lib/action_controller/layout.rb (modified) (3 diffs)
- branches/stable/actionpack/lib/action_controller/pagination.rb (modified) (2 diffs)
- branches/stable/actionpack/lib/action_controller/request.rb (modified) (3 diffs)
- branches/stable/actionpack/lib/action_controller/streaming.rb (modified) (7 diffs)
- branches/stable/actionpack/lib/action_controller/templates/scaffolds/layout.rhtml (modified) (1 diff)
- branches/stable/actionpack/lib/action_controller/verification.rb (modified) (1 diff)
- branches/stable/actionpack/lib/action_view/base.rb (modified) (1 diff)
- branches/stable/actionpack/lib/action_view/helpers/capture_helper.rb (modified) (5 diffs)
- branches/stable/actionpack/lib/action_view/helpers/java_script_macros_helper.rb (modified) (2 diffs)
- branches/stable/actionpack/lib/action_view/helpers/prototype_helper.rb (modified) (2 diffs)
- branches/stable/actionpack/lib/action_view/helpers/text_helper.rb (modified) (5 diffs)
- branches/stable/actionpack/Rakefile (modified) (1 diff)
- branches/stable/actionpack/test/controller/filter_params_test.rb (added)
- branches/stable/actionpack/test/controller/send_file_test.rb (modified) (2 diffs)
- branches/stable/actionpack/test/template/compiled_templates_test.rb (added)
- branches/stable/actionpack/test/template/compiled_templates_tests.rb (deleted)
- branches/stable/activerecord/CHANGELOG (modified) (1 diff)
- branches/stable/activerecord/lib/active_record/base.rb (modified) (1 diff)
- branches/stable/activerecord/lib/active_record/migration.rb (modified) (1 diff)
- branches/stable/activerecord/lib/active_record/validations.rb (modified) (1 diff)
- branches/stable/activesupport/test/core_ext/kernel_test.rb (modified) (1 diff)
- branches/stable/railties/CHANGELOG (modified) (1 diff)
- branches/stable/railties/environments/environment.rb (modified) (1 diff)
- branches/stable/railties/lib/rails_generator/generators/components/scaffold/templates/layout.rhtml (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
branches/stable/actionmailer/CHANGELOG
r4694 r4708 1 *SVN* 2 3 * Correct spurious documentation example code which results in a SyntaxError. [Marcel Molina Jr.] 4 1 5 * Mailer template root applies to a class and its subclasses rather than acting globally. #5555 [somekool@gmail.com] 6 2 7 3 8 *1.2.3* (June 29th, 2006) branches/stable/actionmailer/lib/action_mailer/base.rb
r4694 r4708 15 15 # recipients recipient.email_address_with_name 16 16 # subject "New account information" 17 # body { "account" => recipient }17 # body "account" => recipient 18 18 # from "system@example.com" 19 19 # end branches/stable/actionpack/CHANGELOG
r4701 r4708 1 *SVN* 2 3 * Documentation fix: integration test scripts don't require integration_test. #4914 [Frederick Ros <sl33p3r@free.fr>] 4 5 * ActionController::Base Summary documentation rewrite. #4900 [kevin.clark@gmail.com] 6 7 * Fix text_helper.rb documentation rendering. #4725 [Frederick Ros] 8 9 * Fixes bad rendering of JavaScriptMacrosHelper rdoc. #4910 [Frederick Ros] 10 11 * Enhance documentation for setting headers in integration tests. Skip auto HTTP prepending when its already there. #4079 [Rick Olson] 12 13 * Documentation for AbstractRequest. #4895 [kevin.clark@gmail.com] 14 15 * Remove all remaining references to @params in the documentation. [Marcel Molina Jr.] 16 17 * Add documentation for redirect_to :back's RedirectBackError exception. [Marcel Molina Jr.] 18 19 * Update layout and content_for documentation to use yield rather than magic @content_for instance variables. [Marcel Molina Jr.] 20 21 * Cache CgiRequest#request_parameters so that multiple calls don't re-parse multipart data. [Rick] 22 23 * Fixed that remote_form_for can leave out the object parameter and default to the instance variable of the object_name, just like form_for [DHH] 24 25 * Added ActionController.filter_parameter_logging that makes it easy to remove passwords, credit card numbers, and other sensitive information from being logged when a request is handled. #1897 [jeremye@bsa.ca.gov] 26 27 * Fixed that real files and symlinks should be treated the same when compiling templates. #5438 [zachary@panandscan.com] 28 29 * Add :status option to send_data and send_file. Defaults to '200 OK'. #5243 [Manfred Stienstra <m.stienstra@fngtps.com>] 30 31 * Update documentation for erb trim syntax. #5651 [matt@mattmargolis.net] 32 33 * Short documentation to mention use of Mime::Type.register. #5710 [choonkeat@gmail.com] 34 35 1 36 *1.12.3* (June 28th, 2006) 2 =======3 4 * Update documentation for erb trim syntax. #5651 [matt@mattmargolis.net]5 6 * Short documentation to mention use of Mime::Type.register. #5710 [choonkeat@gmail.com]7 8 * Pass :id => nil or :class => nil to error_messages_for to supress that html attribute. #3586 [olivier_ansaldi@yahoo.com, sebastien@goetzilla.info]9 37 10 38 * Fix broken traverse_to_controller. We now: branches/stable/actionpack/lib/action_controller/base.rb
r4157 r4708 50 50 end 51 51 52 # Action Controllers are made up of one or more actions that performs its purpose and then either renders a template or 53 # redirects to another action. An action is defined as a public method on the controller, which will automatically be 54 # made accessible to the web-server through a mod_rewrite mapping. A sample controller could look like this: 52 # Action Controllers are the core of a web request in Rails. They are made up of one or more actions that are executed 53 # on request and then either render a template or redirect to another action. An action is defined as a public method 54 # on the controller, which will automatically be made accessible to the web-server through Rails Routes. 55 # 56 # A sample controller could look like this: 55 57 # 56 58 # class GuestBookController < ActionController::Base 57 59 # def index 58 # @entries = Entry.find _all60 # @entries = Entry.find(:all) 59 61 # end 60 62 # … … 65 67 # end 66 68 # 67 # GuestBookController.template_root = "templates/" 68 # GuestBookController.process_cgi 69 # 70 # All actions assume that you want to render a template matching the name of the action at the end of the performance 71 # unless you tell it otherwise. The index action complies with this assumption, so after populating the @entries instance 72 # variable, the GuestBookController will render "templates/guestbook/index.rhtml". 73 # 74 # Unlike index, the sign action isn't interested in rendering a template. So after performing its main purpose (creating a 75 # new entry in the guest book), it sheds the rendering assumption and initiates a redirect instead. This redirect works by 76 # returning an external "302 Moved" HTTP response that takes the user to the index action. 69 # Actions, by default, render a template in the <tt>app/views</tt> directory corresponding to the name of the controller and action 70 # after executing code in the action. For example, the +index+ action of the +GuestBookController+ would render the 71 # template <tt>app/views/guestbook/index.rhtml</tt> by default after populating the <tt>@entries</tt> instance variable. 72 # 73 # Unlike index, the sign action will not render a template. After performing its main purpose (creating a 74 # new entry in the guest book), it initiates a redirect instead. This redirect works by returning an external 75 # "302 Moved" HTTP response that takes the user to the index action. 77 76 # 78 77 # The index and sign represent the two basic action archetypes used in Action Controllers. Get-and-show and do-and-redirect. 79 78 # Most actions are variations of these themes. 80 #81 # Also note that it's the final call to <tt>process_cgi</tt> that actually initiates the action performance. It will extract82 # request and response objects from the CGI83 #84 # When Action Pack is used inside of Rails, the template_root is automatically configured and you don't need to call process_cgi85 # yourself.86 79 # 87 80 # == Requests … … 95 88 # are made by accessing the environment hash, like this: 96 89 # 97 # def hello_ip98 # location = request.env[" REMOTE_IP"]99 # render :text => " Hello stranger from#{location}"90 # def server_ip 91 # location = request.env["SERVER_ADDR"] 92 # render :text => "This server hosted at #{location}" 100 93 # end 101 94 # 102 95 # == Parameters 103 96 # 104 # All request parameters, whether they come from a GET or POST request, or from the URL, are available through the params hash.105 # So an action that was performed through /weblog/list?category=All&limit=5 will include { "category" => "All", "limit" => 5 }106 # in params.97 # All request parameters, whether they come from a GET or POST request, or from the URL, are available through the params method 98 # which returns a hash. For example, an action that was performed through <tt>/weblog/list?category=All&limit=5</tt> will include 99 # <tt>{ "category" => "All", "limit" => 5 }</tt> in params. 107 100 # 108 101 # It's also possible to construct multi-dimensional parameter hashes by specifying keys using brackets, such as: … … 117 110 # == Sessions 118 111 # 119 # Sessions allows you to store objects in memorybetween requests. This is useful for objects that are not yet ready to be persisted,112 # Sessions allows you to store objects in between requests. This is useful for objects that are not yet ready to be persisted, 120 113 # such as a Signup object constructed in a multi-paged process, or objects that don't change much and are needed all the time, such 121 114 # as a User object for a system that requires login. The session should not be used, however, as a cache for objects where it's likely 122 115 # they could be changed unknowingly. It's usually too much work to keep it all synchronized -- something databases already excel at. 123 116 # 124 # You can place objects in the session by using the <tt>session</tt> hash accessor:117 # You can place objects in the session by using the <tt>session</tt> method, which accesses a hash: 125 118 # 126 119 # session[:person] = Person.authenticate(user_name, password) … … 129 122 # 130 123 # Hello #{session[:person]} 131 #132 # Any object can be placed in the session (as long as it can be Marshalled). But remember that 1000 active sessions each storing a133 # 50kb object could lead to a 50MB memory overhead. In other words, think carefully about size and caching before resorting to the use134 # of the session.135 124 # 136 125 # For removing objects from the session, you can either assign a single key to nil, like <tt>session[:person] = nil</tt>, or you can 137 126 # remove the entire session with reset_session. 138 127 # 128 # By default, sessions are stored on the file system in <tt>RAILS_ROOT/tmp/sessions</tt>. Any object can be placed in the session 129 # (as long as it can be Marshalled). But remember that 1000 active sessions each storing a 50kb object could lead to a 50MB store on the filesystem. 130 # In other words, think carefully about size and caching before resorting to the use of the session on the filesystem. 131 # 132 # An alternative to storing sessions on disk is to use ActiveRecordStore to store sessions in your database, which can solve problems 133 # caused by storing sessions in the file system and may speed up your application. To use ActiveRecordStore, uncomment the line: 134 # 135 # config.action_controller.session_store = :active_record_store 136 # 137 # in your <tt>environment.rb</tt> and run <tt>rake db:sessions:create</tt>. 138 # 139 139 # == Responses 140 140 # 141 141 # Each action results in a response, which holds the headers and document to be sent to the user's browser. The actual response 142 # object is generated automatically through the use of renders and redirects , so it's normally nothing you'll need to be concerned about.142 # object is generated automatically through the use of renders and redirects and requires no user intervention. 143 143 # 144 144 # == Renders … … 162 162 # @results = Search.find(params[:query]) 163 163 # case @results 164 # when 0 then render :action => "no_results"165 # when 1 then render :action => "show"166 # when 2..10 then render :action => "show_many"164 # when 0 then render :action => "no_results" 165 # when 1 then render :action => "show" 166 # when 2..10 then render :action => "show_many" 167 167 # end 168 168 # end … … 172 172 # == Redirects 173 173 # 174 # Redirecting is what actions that update the model do when they're done. The <tt>save_post</tt> method shouldn't be responsible for also 175 # showing the post once it's saved -- that's the job for <tt>show_post</tt>. So once <tt>save_post</tt> has completed its business, it'll 176 # redirect to <tt>show_post</tt>. All redirects are external, which means that when the user refreshes his browser, it's not going to save 177 # the post again, but rather just show it one more time. 178 # 179 # This sounds fairly simple, but the redirection is complicated by the quest for a phenomenon known as "pretty urls". Instead of accepting 180 # the dreadful being that is "weblog_controller?action=show&post_id=5", Action Controller goes out of its way to represent the former as 181 # "/weblog/show/5". And this is even the simple case. As an example of a more advanced pretty url consider 182 # "/library/books/ISBN/0743536703/show", which can be mapped to books_controller?action=show&type=ISBN&id=0743536703. 183 # 184 # Redirects work by rewriting the URL of the current action. So if the show action was called by "/library/books/ISBN/0743536703/show", 185 # we can redirect to an edit action simply by doing <tt>redirect_to(:action => "edit")</tt>, which could throw the user to 186 # "/library/books/ISBN/0743536703/edit". Naturally, you'll need to setup the routes configuration file to point to the proper controller 187 # and action in the first place, but once you have, it can be rewritten with ease. 188 # 189 # Let's consider a bunch of examples on how to go from "/clients/37signals/basecamp/project/dash" to somewhere else: 190 # 191 # redirect_to(:action => "edit") => 192 # /clients/37signals/basecamp/project/dash 193 # 194 # redirect_to(:client_name => "nextangle", :project_name => "rails") => 195 # /clients/nextangle/rails/project/dash 196 # 197 # Those redirects happen under the configuration of: 198 # 199 # map.connect 'clients/:client_name/:project_name/:controller/:action' 174 # Redirects are used to move from one action to another. For example, after a <tt>create</tt> action, which stores a blog entry to a database, 175 # we might like to show the user the new entry. Because we're following good DRY principles (Don't Repeat Yourself), we're going to reuse (and redirect to) 176 # a <tt>show</tt> action that we'll assume has already been created. The code might look like this: 177 # 178 # def create 179 # @entry = Entry.new(params[:entry]) 180 # if @entry.save 181 # # The entry was saved correctly, redirect to show 182 # redirect_to :action => 'show', :id => @entry.id 183 # else 184 # # things didn't go so well, do something else 185 # end 186 # end 187 # 188 # In this case, after saving our new entry to the database, the user is redirected to the <tt>show</tt> method which is then executed. 200 189 # 201 190 # == Calling multiple redirects or renders … … 215 204 # end 216 205 # 217 # == Environments218 #219 # Action Controller works out of the box with CGI, FastCGI, and mod_ruby. CGI and mod_ruby controllers are triggered just the same using:220 #221 # WeblogController.process_cgi222 #223 # FastCGI controllers are triggered using:224 #225 # FCGI.each_cgi{ |cgi| WeblogController.process_cgi(cgi) }226 206 class Base 227 207 DEFAULT_RENDER_STATUS_CODE = "200 OK" … … 264 244 # Modern REST web services often need to submit complex data to the web application. 265 245 # The param_parsers hash lets you register handlers wich will process the http body and add parameters to the 266 # @paramshash. These handlers are invoked for post and put requests.246 # <tt>params</tt> hash. These handlers are invoked for post and put requests. 267 247 # 268 248 # By default application/xml is enabled. A XmlSimple class with the same param name as the root will be instanciated 269 # in the @params. This allows XML requests to mask themselves as regular form submissions, so you can have one249 # in the <tt>params</tt>. This allows XML requests to mask themselves as regular form submissions, so you can have one 270 250 # action serve both regular forms and web service requests. 271 251 # … … 367 347 write_inheritable_attribute(:hidden_actions, hidden_actions | names.collect { |n| n.to_s }) 368 348 end 349 350 # Replace sensitive paramater data from the request log. 351 # Filters paramaters that have any of the arguments as a substring. 352 # Looks in all subhashes of the param hash for keys to filter. 353 # If a block is given, each key and value of the paramater hash and all 354 # subhashes is passed to it, the value or key 355 # can be replaced using String#replace or similar method. 356 # 357 # Examples: 358 # filter_parameter_logging 359 # => Does nothing, just slows the logging process down 360 # 361 # filter_parameter_logging :password 362 # => replaces the value to all keys matching /password/i with "[FILTERED]" 363 # 364 # filter_parameter_logging :foo, "bar" 365 # => replaces the value to all keys matching /foo|bar/i with "[FILTERED]" 366 # 367 # filter_parameter_logging { |k,v| v.reverse! if k =~ /secret/i } 368 # => reverses the value to all keys matching /secret/i 369 # 370 # filter_parameter_logging(:foo, "bar") { |k,v| v.reverse! if k =~ /secret/i } 371 # => reverses the value to all keys matching /secret/i, and 372 # replaces the value to all keys matching /foo|bar/i with "[FILTERED]" 373 def filter_parameter_logging(*filter_words, &block) 374 parameter_filter = Regexp.new(filter_words.collect{ |s| s.to_s }.join('|'), true) if filter_words.length > 0 375 376 define_method(:filter_parameters) do |unfiltered_parameters| 377 filtered_parameters = {} 378 379 unfiltered_parameters.each do |key, value| 380 if key =~ parameter_filter 381 filtered_parameters[key] = '[FILTERED]' 382 elsif value.is_a?(Hash) 383 filtered_parameters[key] = filter_parameters(value) 384 elsif block_given? 385 key, value = key.dup, value.dup 386 yield key, value 387 filtered_parameters[key] = value 388 else 389 filtered_parameters[key] = value 390 end 391 end 392 393 filtered_parameters 394 end 395 end 369 396 end 370 397 … … 804 831 # 805 832 # The redirection happens as a "302 Moved" header. 833 # 834 # When using <tt>redirect_to :back</tt>, if there is no referrer, 835 # RedirectBackError will be raised. You may specify some fallback 836 # behavior for this case by rescueing RedirectBackError. 806 837 def redirect_to(options = {}, *parameters_for_method_reference) #:doc: 807 838 case options … … 902 933 logger.info "\n\nProcessing #{controller_class_name}\##{action_name} (for #{request_origin}) [#{request.method.to_s.upcase}]" 903 934 logger.info " Session ID: #{@session.session_id}" if @session and @session.respond_to?(:session_id) 904 logger.info " Parameters: #{ @params.inspect}"935 logger.info " Parameters: #{respond_to?(:filter_parameters) ? filter_parameters(@params).inspect : @params.inspect}" 905 936 end 906 937 end branches/stable/actionpack/lib/action_controller/caching.rb
r4125 r4708 39 39 # class WeblogController < ActionController::Base 40 40 # def update 41 # List.update( @params["list"]["id"], @params["list"])42 # expire_page :action => "show", :id => @params["list"]["id"]43 # redirect_to :action => "show", :id => @params["list"]["id"]41 # List.update(params[:list][:id], params[:list]) 42 # expire_page :action => "show", :id => params[:list][:id] 43 # redirect_to :action => "show", :id => params[:list][:id] 44 44 # end 45 45 # end branches/stable/actionpack/lib/action_controller/cgi_process.rb
r3989 r4708 65 65 66 66 def request_parameters 67 if ActionController::Base.param_parsers.has_key?(content_type) 68 CGIMethods.parse_formatted_request_parameters(content_type, @env['RAW_POST_DATA']) 69 else 70 CGIMethods.parse_request_parameters(@cgi.params) 71 end 67 @request_parameters ||= 68 if ActionController::Base.param_parsers.has_key?(content_type) 69 CGIMethods.parse_formatted_request_parameters(content_type, @env['RAW_POST_DATA']) 70 else 71 CGIMethods.parse_request_parameters(@cgi.params) 72 end 72 73 end 73 74 branches/stable/actionpack/lib/action_controller/integration.rb
r4161 r4708 141 141 # Performs a GET request with the given parameters. The parameters may 142 142 # be +nil+, a Hash, or a string that is appropriately encoded 143 # (application/x-www-form-urlencoded or multipart/form-data). 143 # (application/x-www-form-urlencoded or multipart/form-data). The headers 144 # should be a hash. The keys will automatically be upcased, with the 145 # prefix 'HTTP_' added if needed. 144 146 def get(path, parameters=nil, headers=nil) 145 147 process :get, path, parameters, headers … … 148 150 # Performs a POST request with the given parameters. The parameters may 149 151 # be +nil+, a Hash, or a string that is appropriately encoded 150 # (application/x-www-form-urlencoded or multipart/form-data). 152 # (application/x-www-form-urlencoded or multipart/form-data). The headers 153 # should be a hash. The keys will automatically be upcased, with the 154 # prefix 'HTTP_' added if needed. 151 155 def post(path, parameters=nil, headers=nil) 152 156 process :post, path, parameters, headers … … 156 160 # the request environment created by the Prototype library. The parameters 157 161 # may be +nil+, a Hash, or a string that is appropriately encoded 158 # (application/x-www-form-urlencoded or multipart/form-data). 162 # (application/x-www-form-urlencoded or multipart/form-data). The headers 163 # should be a hash. The keys will automatically be upcased, with the 164 # prefix 'HTTP_' added if needed. 159 165 def xml_http_request(path, parameters=nil, headers=nil) 160 166 headers = (headers || {}).merge("X-Requested-With" => "XMLHttpRequest") … … 219 225 (headers || {}).each do |key, value| 220 226 key = key.to_s.upcase.gsub(/-/, "_") 221 key = "HTTP_#{key}" unless env.has_key?(key) 227 key = "HTTP_#{key}" unless env.has_key?(key) || env =~ /^X|HTTP/ 222 228 env[key] = value 223 229 end … … 342 348 # 343 349 # require "#{File.dirname(__FILE__)}/test_helper" 344 # require "integration_test"345 350 # 346 351 # class ExampleTest < ActionController::IntegrationTest … … 367 372 # 368 373 # require "#{File.dirname(__FILE__)}/test_helper" 369 # require "integration_test"370 374 # 371 375 # class AdvancedTest < ActionController::IntegrationTest branches/stable/actionpack/lib/action_controller/layout.rb
r3989 r4708 28 28 # 29 29 # <!-- The header part of this layout --> 30 # <%= @content_for_layout%>30 # <%= yield %> 31 31 # <!-- The footer part of this layout --> 32 32 # … … 48 48 # 49 49 # <h1><%= @page_title %></h1> 50 # <%= @content_for_layout%>50 # <%= yield %> 51 51 # 52 52 # ...and content pages that fulfill these references _at_ rendering time: … … 160 160 # As you can see, you pass the template as the first parameter, the status code as the second ("200" is OK), and the layout 161 161 # as the third. 162 # 163 # NOTE: The old notation for rendering the view from a layout was to expose the magic <tt>@content_for_layout</tt> instance 164 # variable. The preferred notation now is to use <tt>yield</tt>, as documented above. 162 165 module ClassMethods 163 # If a layout is specified, all actions rendered through render and render_action will have their result assigned 164 # to <tt>@content_for_layout</tt>, which can then be used by the layout to insert their contents with 165 # <tt><%= @content_for_layout %></tt>. This layout can itself depend on instance variables assigned during action 166 # If a layout is specified, all rendered actions will have their result rendered 167 # when the layout<tt>yield</tt>'s. This layout can itself depend on instance variables assigned during action 166 168 # performance and have access to them as any normal template would. 167 169 def layout(template_name, conditions = {}) branches/stable/actionpack/lib/action_controller/pagination.rb
r3620 r4708 32 32 # current page (at most 20, sorted by last name and first name), and a 33 33 # <tt>@person_pages</tt> Paginator instance. The current page is determined 34 # by the <tt> @params['page']</tt> variable.34 # by the <tt>params[:page]</tt> variable. 35 35 # 36 36 # ==== Pagination for a single action … … 48 48 # 49 49 # def list 50 # @person_pages = Paginator.new self, Person.count, 10, @params['page']50 # @person_pages = Paginator.new self, Person.count, 10, params[:page] 51 51 # @people = Person.find :all, :order => 'last_name, first_name', 52 52 # :limit => @person_pages.items_per_page, branches/stable/actionpack/lib/action_controller/request.rb
r3989 r4708 1 1 module ActionController 2 # These methods are available in both the production and test Request objects. 2 # Subclassing AbstractRequest makes these methods available to the request objects used in production and testing, 3 # CgiRequest and TestRequest 3 4 class AbstractRequest 4 5 cattr_accessor :relative_url_root … … 66 67 end 67 68 69 # Returns the accepted MIME type for the request 68 70 def accepts 69 71 @accepts ||= … … 203 205 end 204 206 205 def path_parameters=(parameters) 207 def path_parameters=(parameters) #:nodoc: 206 208 @path_parameters = parameters 207 209 @symbolized_path_parameters = @parameters = nil 208 210 end 209 211 210 def symbolized_path_parameters 212 # The same as <tt>path_parameters</tt> with explicitly symbolized keys 213 def symbolized_path_parameters 211 214 @symbolized_path_parameters ||= path_parameters.symbolize_keys 212 215 end 213 216 217 # Returns a hash with the parameters used to form the path of the request 218 # 219 # Example: 220 # 221 # {:action => 'my_action', :controller => 'my_controller'} 214 222 def path_parameters 215 223 @path_parameters ||= {} branches/stable/actionpack/lib/action_controller/streaming.rb
r2325 r4708 15 15 # 16 16 # Be careful to sanitize the path parameter if it coming from a web 17 # page. send_file( @params['path']) allows a malicious user to17 # page. send_file(params[:path]) allows a malicious user to 18 18 # download any file on your server. 19 19 # … …