Subject: CVS commit: pkgsrc/www/ruby-actionpack42
From: Min Sik Kim
Date: 2017-04-20 23:59:11
Message id:

Log Message:
Import ruby-actionpack-4.2.8 as www/ruby-actionpack42

Notable changes since 3.2:

- Change the stylesheet of exception pages for development
  mode. Additionally display also the line of code and fragment that
  raised the exception in all exceptions pages.
- protect_from_forgery also prevents cross-origin <script>
  tags. Update your tests to use xhr :get, :foo, format: :js instead
  of get :foo, format: :js.
- #url_for takes a hash with options inside an array.
- Added session#fetch method fetch behaves similarly to Hash#fetch,
  #with the exception that the returned value is always saved into the
- Separated Action View completely from Action Pack.
- Log which keys were affected by deep munge.
- New config option config.action_dispatch.perform_deep_munge to opt
  out of params "deep munging" that was used to address security
  vulnerability CVE-2013-0155.
- New config option config.action_dispatch.cookies_serializer for
  specifying a serializer for the signed and encrypted cookie jars.
- Added render :plain, render :html and render :body.
- The *_filter family of methods have been removed from the
  documentation. Their usage is discouraged in favor of the *_action
  family of methods:
- render nothing: true or rendering a nil body no longer add a single
  space padding to the response body.
- Rails now automatically includes the template's digest in ETags.
- Segments that are passed into URL helpers are now automatically
- Introduced the always_permitted_parameters option to configure which
  parameters are permitted globally. The default value of this
  configuration is ['controller', 'action'].
- Added the HTTP method MKCALENDAR from RFC 4791.
- *_fragment.action_controller notifications now include the
   controller and action name in the payload.
- Improved the Routing Error page with fuzzy matching for route
- Added an option to disable logging of CSRF failures.
- When the Rails server is set to serve static assets, gzip assets
  will now be served if the client supports it and a pre-generated
  gzip file (.gz) is on disk. By default the asset pipeline generates
  .gz files for all compressible assets. Serving gzip files minimizes
  data transfer and speeds up asset requests. Always use a CDN if you
  are serving assets from your Rails server in production.
- When calling the process helpers in an integration test the path
  needs to have a leading slash. Previously you could omit it but that
  was a byproduct of the implementation and not an intentional