Rails 3.2.3 RC1 发布

发布于 2012年03月29日
收藏 0

Rails 3.2.3 RC1 发布了,该版本修改了 config.active_record.whitelist_attributes 的默认值为 true,该版本会影响到新生成的应用程序,那些使用升级的用户不存在向后兼容性问题,更详细的信息请看 ruby on rails security guide

与 3.2.2 版本比较,该版本改进记录:

Action Mailer

  • Upgrade mail version to 2.4.3 ML

Action Pack

  • Do not include the authenticity token in forms where remote: true as ajax forms use the meta-tag value DHH
  • Turn off verbose mode of rack-cache, we still have X-Rack-Cache to check that info. Closes #5245. Santiago Pastorino
  • Fix #5238, rendered_format is not set when template is not rendered. Piotr Sarnacki
  • Upgrade rack-cache to 1.2. José Valim
  • ActionController::SessionManagement is deprecated. Santiago Pastorino
  • Since the router holds references to many parts of the system like engines, controllers and the application itself, inspecting the route set can actually be really slow, therefore we default alias inspect to to_s. José Valim
  • Add a new line after the textarea opening tag. Closes #393 rafaelfranca
  • Always pass a respond block from to responder. We should let the responder to decide what to do with the given overridden response block, and not short circuit it. sikachu
  • Fixes layout rendering regression from 3.2.2. José Valim

Active Model

  • No changes

Active Record

  • Added find_or_create_by_{attribute}! dynamic method. Andrew White
  • Whitelist all attribute assignment by default. Change the default for newly generated applications to whitelist all attribute assignment. Also update the generated model classes so users are reminded of the importance of attr_accessible. NZKoz
  • Update ActiveRecord::AttributeMethods#attribute_present? to return false for empty strings. Jacobkg
  • Fix associations when using per class databases. larskanis
  • Revert setting NOT NULL constraints in add_timestamps fxn
  • Fix mysql to use proper text types. Fixes #3931. kennyj
  • Fix #5069 - Protect foreign key from mass assignment through association builder. byroot
转载请注明:文章转载自 开源中国社区 [http://www.oschina.net]
本文标题:Rails 3.2.3 RC1 发布