Rails 6.1.7.10 (October 23, 2024)
- No changes.
Rails 6.1.7.9 (October 15, 2024)
- No changes.
Rails 6.1.7.8 (June 04, 2024)
- No changes.
Rails 6.1.7.7 (February 21, 2024)
- No changes.
Rails 6.1.7.6 (August 22, 2023)
- No changes.
Rails 6.1.7.5 (August 22, 2023)
- No changes.
Rails 6.1.7.4 (June 26, 2023)
- No changes.
Rails 6.1.7.3 (March 13, 2023)
Ignore certain data-* attributes in rails-ujs when element is contenteditable
[CVE-2023-23913]
Rails 6.1.7.2 (January 24, 2023)
- No changes.
Rails 6.1.7.1 (January 17, 2023)
- No changes.
Rails 6.1.7 (September 09, 2022)
- No changes.
Rails 6.1.6.1 (July 12, 2022)
- No changes.
Rails 6.1.6 (May 09, 2022)
- No changes.
Rails 6.1.5.1 (April 26, 2022)
Fix and add protections for XSS in
::ActionView::Helpersand::ERB::Util.Escape dangerous characters in names of tags and names of attributes in the tag helpers, following the XML specification. Rename the option
:escape_attributesto:escape, to simplify by applying the option to the whole tag.Álvaro Martín Fraguas
Rails 6.1.5 (March 09, 2022)
preload_link_tagproperly insertsasattributes for files withimageMIME types, such as JPG or SVG.Nate Berkopec
Add
autocomplete="off"to all generated hidden fields.Fixes #42610.
Ryan Baumann
Fix
current_page?when URL has trailing slash.This fixes the
current_page?helper when the given URL has a trailing slash, and is an absolute URL or also has query params.Fixes #33956.
Jonathan Hefner
Rails 6.1.4.7 (March 08, 2022)
- No changes.
Rails 6.1.4.6 (February 11, 2022)
- No changes.
Rails 6.1.4.5 (February 11, 2022)
- No changes.
Rails 6.1.4.4 (December 15, 2021)
- No changes.
Rails 6.1.4.3 (December 14, 2021)
- No changes.
Rails 6.1.4.2 (December 14, 2021)
- No changes.
Rails 6.1.4.1 (August 19, 2021)
- No changes.
Rails 6.1.4 (June 24, 2021)
The
translatehelper now passesdefaultvalues that aren't translation keys throughI18n.translatefor interpolation.Jonathan Hefner
Don't attach UJS form submission handlers to Turbo forms.
David Heinemeier Hansson
Allow both
current_page?(url_hash)andcurrent_page?(**url_hash)on Ruby 2.7.Ryuta Kamizono
Rails 6.1.3.2 (May 05, 2021)
- No changes.
Rails 6.1.3.1 (March 26, 2021)
- No changes.
Rails 6.1.3 (February 17, 2021)
- No changes.
Rails 6.1.2.1 (February 10, 2021)
- No changes.
Rails 6.1.2 (February 09, 2021)
- No changes.
Rails 6.1.1 (January 07, 2021)
Fix lazy translation in partial with block.
Marek Kasztelnik
Avoid extra
SELECT COUNTqueries when rendering Active Record collections.aar0nr
Link preloading keep integrity hashes in the header.
Étienne Barrié
Add
config.action_view.preload_links_headerto allow disabling of theLinkheader being added by default when usingstylesheet_link_tagandjavascript_include_tag.Andrew White
The
translatehelper now resolvesdefaultvalues when anilkey is specified, instead of always returningnil.Jonathan Hefner
Rails 6.1.0 (December 09, 2020)
SanitizeHelper.sanitized_allowed_attributes and SanitizeHelper.sanitized_allowed_tags call safe_list_sanitizer's class method
Fixes #39586
Taufiq Muhammadi
Change form_with to generate non-remote forms by default.
form_withwould generate a remote form by default. This would confuse users because they were forced to handle remote requests.All new 6.1 applications will generate non-remote forms by default. When upgrading a 6.0 application you can enable remote forms by default by setting
config.action_view.form_with_generates_remote_formstotrue.Petrik de Heus
Yield translated strings to calls of
ActionView::FormBuilder#buttonwhen a block is given.Sean Doyle
Alias ActionView::Helpers::Tags::Label::LabelBuilder#translation to
#to_sso thatform.labelcalls can yield that value to their blocks.Sean Doyle
Rename the new
TagHelper#class_namesmethod toTagHelper#token_list, and make the original available as an alias.token_list("foo", "foo bar") # => "foo bar"Sean Doyle
ARIA Array and
Hashattributes are treated as space separatedDOMTokenListvalues. This is useful when declaring lists of label text identifiers inaria-labelledbyoraria-describedby.tag.input type: 'checkbox', name: 'published', aria: { invalid: @post.errors[:published].any?, labelledby: ['published_context', 'published_label'], describedby: { published_errors: @post.errors[:published].any? } } #=> <input type="checkbox" name="published" aria-invalid="true" aria-labelledby="published_context published_label" aria-describedby="published_errors" >Sean Doyle
Remove deprecated
escape_whitelistfrom::ActionView::Template::Handlers::ERB.Rafael Mendonça França
Remove deprecated
find_all_anywherefrom::ActionView::Resolver.Rafael Mendonça França
Remove deprecated
formatsfrom::ActionView::Template::HTML.Rafael Mendonça França
Remove deprecated
formatsfrom::ActionView::Template::RawFile.Rafael Mendonça França
Remove deprecated
formatsfrom::ActionView::Template::Text.Rafael Mendonça França
Remove deprecated
find_filefrom::ActionView::PathSet.Rafael Mendonça França
Remove deprecated
rendered_formatfrom::ActionView::LookupContext.Rafael Mendonça França
Remove deprecated
find_filefrom::ActionView::ViewPaths.Rafael Mendonça França
Require that
::ActionView::Basesubclasses implement#compiled_method_container.Rafael Mendonça França
Remove deprecated support to pass an object that is not a
::ActionView::LookupContextas the first argument inActionView::Base#initialize.Rafael Mendonça França
Remove deprecated
formatargumentActionView::Base#initialize.Rafael Mendonça França
Remove deprecated
ActionView::Template#refresh.Rafael Mendonça França
Remove deprecated
ActionView::Template#original_encoding.Rafael Mendonça França
Remove deprecated
ActionView::Template#variants.Rafael Mendonça França
Remove deprecated
ActionView::Template#formats.Rafael Mendonça França
Remove deprecated
ActionView::Template#virtual_path=.Rafael Mendonça França
Remove deprecated
ActionView::Template#updated_at.Rafael Mendonça França
Remove deprecated
updated_atargument required onActionView::Template#initialize.Rafael Mendonça França
Make
localsargument required onActionView::Template#initialize.Rafael Mendonça França
Remove deprecated
ActionView::Template.finalize_compiled_template_methods.Rafael Mendonça França
Remove deprecated
config.action_view.finalize_compiled_template_methodsRafael Mendonça França
Remove deprecated support to calling
ActionView::ViewPaths#with_fallbackwith a block.Rafael Mendonça França
Remove deprecated support to passing absolute paths to
render template:.Rafael Mendonça França
Remove deprecated support to passing relative paths to
render file:.Rafael Mendonça França
Remove support to template handlers that don't accept two arguments.
Rafael Mendonça França
Remove deprecated pattern argument in
ActionView::Template::PathResolver.Rafael Mendonça França
Remove deprecated support to call private methods from object in some view helpers.
Rafael Mendonça França
ActionView::Helpers::TranslationHelper#translate accepts a block, yielding the translated text and the fully resolved translation key:
<%= translate(".relative_key") do |translation, resolved_key| %> <span title="<%= resolved_key %>"><%= translation %></span> <% end %>Sean Doyle
Ensure cache fragment digests include all relevant template dependencies when fragments are contained in a block passed to the render helper. Remove the virtual_path keyword arguments found in CacheHelper as they no longer possess any function following 1581cab.
Fixes #38984.
Aaron Lipman
Deprecate
config.action_view.raise_on_missing_translationsin favor ofconfig.i18n.raise_on_missing_translations.New generalized configuration option now determines whether an error should be raised for missing translations in controllers and views.
fatkodima
Instrument layout rendering in
TemplateRenderer#render_with_layoutasrender_layout.action_view, and include (when necessary) the layout's virtual path in notification payloads for collection and partial renders.Zach Kemp
ActionView::Base.annotate_rendered_view_with_filenames annotates HTML output with template file names.
Joel Hawksley, Aaron Patterson
ActionView::Helpers::TranslationHelper#translate returns nil when passed
default: nilwithout a translation matchingI18n#translate.Stefan Wrobel
OptimizedFileSystemResolverprefers template details in order of locale, formats, variants, handlers.Iago Pimenta
Added
class_nameshelper to create a CSS class value with conditional classes.Joel Hawksley, Aaron Patterson
Add support for conditional values to TagBuilder.
Joel Hawksley
ActionView::Helpers::FormOptionsHelper#select should mark option for
nilas selected.@post = Post.new @post.category = nil # Before select("post", "category", none: nil, programming: 1, economics: 2) # => # <select name="post[category]" id="post_category"> # <option value="">none</option> # <option value="1">programming</option> # <option value="2">economics</option> # </select> # After select("post", "category", none: nil, programming: 1, economics: 2) # => # <select name="post[category]" id="post_category"> # <option selected="selected" value="">none</option> # <option value="1">programming</option> # <option value="2">economics</option> # </select>bogdanvlviv
Log lines for partial renders and started template renders are now emitted at the
DEBUGlevel instead ofINFO.Completed template renders are still logged at the
INFOlevel.DHH
ActionView::Helpers::SanitizeHelper: support rails-html-sanitizer 1.1.0.
Juanito Fatas
Added
phone_tohelper method to create a link from mobile numbers.Pietro Moro
annotated_source_code returns an empty array so TemplateErrors without a template in the backtrace are surfaced properly by DebugExceptions.
Guilherme Mansur, Kasper Timm Hansen
Add autoload for SyntaxErrorInTemplate so syntax errors are correctly raised by DebugExceptions.
Guilherme Mansur, Gannon McGibbon
RenderingHelpersupports rendering objects thatrespond_to?:render_in.Joel Hawksley, Natasha Umer, Aaron Patterson, Shawn Allen, Emily Plummer, Diana Mounter, John Hawthorn, Nathan Herald, Zaid Zawaideh, Zach Ahn
Fix
select_tagso that it doesn't changeoptionswheninclude_blankis present.Younes SERRAJ
Please check [6-0-stable]) for previous changes.