haskell/yesod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,060 Commits 42 Branches 853 Tags 10 MiB
67f846d324
Commit Graph

916 Commits

Author SHA1 Message Date
Michael Snoyman
6ad81f6d15
Merge remote-tracking branch 'origin/master' into better-monads 2018-02-02 00:17:37 +02:00
Michael Snoyman
7f78e81cc1
Lower bounds and missing extra-deps 2018-02-02 00:15:24 +02:00
Michael Snoyman
fe233dd958
Merge pull request #1478 from jprider63/master 
Update `mkYesodWith` and refactor so that `mkYesod` uses the context parser
 2018-01-29 14:57:44 +02:00
James Parker
8796310eef More documentation for mkYesod and mkYesodWith 2018-01-24 23:55:57 -05:00
Michael Snoyman
fa8e1ac00f
Switch to SubHandlerFor 
This is much more consistent than suddenly using a ReaderT for subsites.
Thanks to @jprider63 for the inspiration for this, I think it cleans
things up a lot!
 2018-01-24 13:01:26 +02:00
James Parker
b71bfae261 Refactor so that mkYesod and mkYesodDispatch use the context parser 2018-01-22 00:45:44 -05:00
James Parker
18910b516b Change mkYesodWith to accept separate lists for contexts and type 
arguments
 2018-01-22 00:19:04 -05:00
Michael Snoyman
0f09393c34
Merge branch 'simple-content-type' of https://github.com/JaSpa/yesod into better-monads 2018-01-21 11:13:05 +02:00
Maximilian Tagher
6b22a0b9be Give more detail in the error message for too large request bodies. 
* Just to be helpful to developers, give the maximum body length and their body length
* Also point developers to the function to change that value

(I don't think this leaks any sensitive info, because you can always binary search with different request body sizes to find the maximum allowable)
 2018-01-18 18:30:34 -08:00
Janek Spaderna
492102537f [yesod] Bump version & add changelog entry 2018-01-18 12:11:43 +01:00
Janek Spaderna
7f6f1821e8 [yesod] Fix comment for contentTypeTypes & simpler implementation 
In the implementation of contentTypeTypes make use of simpleContentType.
 2018-01-18 12:00:46 +01:00
Michael Snoyman
6830a9840c
Merge branch 'better-monads' into no-transformers 2018-01-17 06:43:52 +02:00
Michael Snoyman
ad35ef9431
Deal with another sneaky exception 2018-01-16 16:10:23 +02:00
Michael Snoyman
f2926e60f0
Remove some deprecated methods from the Yesod class 2018-01-15 20:52:33 +02:00
Michael Snoyman
915d9e2fa6
Finish switching header key to a CI 
Fixes #1418
 2018-01-15 16:47:49 +02:00
Michael Snoyman
25acc5799b
Version bumps and changelog updates 2018-01-15 15:57:36 +02:00
Michael Snoyman
89be12c147
Strictify a bunch of fields 2018-01-15 15:18:09 +02:00
Michael Snoyman
60f65ed267
Cleanup warnings 2018-01-15 15:09:07 +02:00
Michael Snoyman
1f7a2a287b
Switch to gauge 2018-01-15 11:46:38 +02:00
Michael Snoyman
8c96b4e36c
Fix benchmark compile 2018-01-15 10:48:50 +02:00
Michael Snoyman
1a1cb8a45f
Drop mwc-random 2018-01-15 10:18:16 +02:00
Michael Snoyman
6a715c06c3
Merge remote-tracking branch 'origin/guess-approot-default' into better-monads 2018-01-12 00:18:37 +02:00
Michael Snoyman
3bb654857c
Ditch ResumableSource 2018-01-12 00:09:54 +02:00
Michael Snoyman
3e06942449
Simplify YesodSubDispatch 2018-01-11 23:13:32 +02:00
Michael Snoyman
fbccfe2306
Merge branch 'better-monads' into no-transformers 2018-01-11 22:49:02 +02:00
Michael Snoyman
103c098cf8
Catch up with Data.Conduit.Combinators 2018-01-10 12:16:31 -08:00
Michael Snoyman
a16e75249a
More moving over to unliftio 2017-12-31 09:20:02 +02:00
Michael Snoyman
eac95935e6
Switch over to WIP conduit 1.3 2017-12-30 22:47:56 +02:00
Michael Snoyman
8a30e487b0
Merge remote-tracking branch 'origin/master' into better-monads 2017-12-30 20:41:28 +02:00
Maximilian Tagher
5cdc0a39ac Document whitelisting certain routes to not need CSRF protection 
This question came up on the #yesod Slack channel and I think it's moderately common; I've seen it elsewhere.
 2017-12-29 23:44:08 -05:00
Michael Snoyman
aed10fc84a
WIP 2017-12-13 14:39:59 +02:00
Michael Snoyman
61c887f501
Start converting yesod-auth over 2017-12-13 13:44:59 +02:00
Michael Snoyman
47ee7384ea
Be gone with ye HandlerT! 2017-12-13 09:53:14 +02:00
Sibi Prabakaran
323d7f4322
Fix haddock doc for the Yesod.Core.Unsafe module 2017-12-13 02:33:37 +05:30
Michael Snoyman
1c2914eded
MonadUnliftIO instances 2017-12-12 12:46:49 +02:00
Michael Snoyman
5c8b1b542a
WidgetT uses IORef 2017-12-12 12:46:35 +02:00
Michael Snoyman
c5ac821115
Remove some conditionals for old versions 2017-12-12 12:08:06 +02:00
Maximilian Tagher
1275cce1af Give better error messages when CSRF validation fails 
* This is important because historically these errors have tripped people up
* Making security as easy as possible is important so that it doesn't just get turned off
* Giving clear directions about where to get the CSRF token (a cookie) and where to send it (a header/param) is especially helpful to frontend developers not necessarily familiar with the backend codebase
 2017-11-26 09:00:30 -05:00
Josh Berman
6d6afcf826 point changelog to PR not issue 2017-11-26 12:09:17 +02:00
Josh Berman
79ab662a80 Fix docs on languages set and getMessageRender to use it (#1325) 2017-11-26 11:52:37 +02:00
Ian Duncan
05b2193e9f
Code review fixes for #1444 2017-09-08 09:00:12 +09:00
Ian Duncan
fd872cff40
Add support to yesod-core for weak etags 2017-09-06 10:08:45 +09:00
Sibi Prabakaran
7cfefdf3fa
Merge remote-tracking branch 'origin/master' into header-yesod 
Conflicts resolved in:
	yesod-core/ChangeLog.md
	yesod-core/yesod-core.cabal
 2017-07-28 17:01:03 +05:30
Sibi Prabakaran
19ff5c2006
Fix warning in test code 2017-07-28 16:58:11 +05:30
Michael Snoyman
4b34fe9c72
Fix deprecation warning for LTS 8 2017-07-23 12:25:29 +03:00
Michael Snoyman
06ca675bb6
Version bump 2017-07-20 13:58:15 +03:00
Sibi Prabakaran
617591aa4e
Do case insensitive equality on header name 2017-07-14 13:44:21 +05:30
Sibi Prabakaran
89fc6c46e2
Fix ordering logic in replaceHeader function 2017-07-13 16:29:08 +05:30
Sibi Prabakaran
f3ed12ed81
Add additional test to make sure that header value is not lost 2017-07-13 12:43:16 +05:30
Sibi Prabakaran
18951b0de7
Update the replace logic to obey proper ordering 2017-07-13 12:42:30 +05:30
Sibi Prabakaran
8416bb6569
Add Haddock documentation for the added function 2017-07-13 11:27:03 +05:30
Sibi Prabakaran
a31c270893
Update Changelog and do verion bump of the package 2017-07-13 11:24:57 +05:30
Sibi Prabakaran
3cec499c85
ScopedTypeVariables is also needed 2017-07-13 11:17:03 +05:30
Sibi Prabakaran
4e0b084df2
Enable test in YesodCoreTest 2017-07-13 11:16:47 +05:30
Sibi Prabakaran
839b56b032
Implement replaceOrAddHeader function 2017-07-13 11:10:54 +05:30
Sibi Prabakaran
301f4bc630
Expose YesodCoreTest.Header module 2017-07-13 11:07:13 +05:30
Sibi Prabakaran
051339f3dc
Add test code for HTTP headers properties 2017-07-13 11:05:57 +05:30
Josh Berman
ec85ef735c Work with TH from GHC 8.2.1-rc2 2017-07-03 06:44:25 -04:00
James Parker
70f643b7e9 Merge branch 'master' of https://github.com/yesodweb/yesod into dev.jp 2017-06-01 11:24:54 -04:00
James Haver II
5ee51262de Update ChangeLog and Hackage comments 2017-05-12 01:04:13 +08:00
James Haver II
56b09eef93 Add WaiSubsiteWithAuth 2017-05-12 00:13:07 +08:00
Alan Zimmerman
01d5f02cee GHC 7.6 not supported 2017-04-12 19:31:40 +02:00
JP
db8bbcd8b5 Merge branch 'master' into dev.jp 2017-03-27 12:10:04 -04:00
James Parker
6b000ecfb4 Version bump and fix for old versions of TH. 2017-03-27 12:06:44 -04:00
James Parker
997714f4c2 Accept multiple argument types inside brackets 2017-03-27 02:42:47 -04:00
James Parker
adf89bcf84 Contexts can be parsed and included in instances. Standalone deriving is used when 
a context is provided. Type variables can be included in routes/TH.
 2017-03-27 00:10:32 -04:00
Michael Snoyman
de9f5bc4c9
Version bump for #1363 2017-03-26 18:14:40 +03:00
James Parker
6c7a40ea5b Adds curly brackets to route parser. 2017-03-22 18:30:08 -04:00
Michael Snoyman
55623b76f6 Improve ChangeLog 2017-03-01 08:53:13 +02:00
Sibi Prabakaran
6d7ba59e4b
Update changelog 2017-02-17 00:22:57 +05:30
Sibi Prabakaran
470858f81c
Better Haddock rendering. Since -> @since 2017-02-17 00:21:31 +05:30
Sibi Prabakaran
797278243e
Add and export getPostParams function 2017-02-17 00:18:17 +05:30
Michael Snoyman
cdc6c8ae04 Version bumps/changelog updates 2017-02-08 11:20:31 +02:00
Michael Snoyman
954f813569 Fix route parsing for CRLF line endings 2017-02-07 15:49:23 +02:00
Michael Snoyman
aefd074efa Cleanup GHC 8 redundant constraints 2017-02-05 13:35:12 +02:00
Michael Snoyman
3dc2d10b30 Compile with -Wall -Werror 2017-02-05 12:09:18 +02:00
Michael Snoyman
64ed0792bc Check mime-type for JSON bodies #1330 2017-02-02 08:10:19 +02:00
Isaac Elliott
2d98587cce Fixed misspelling of 'utilities' 2017-01-15 18:34:16 +10:00
Michael Snoyman
33f58e2bd1 Allow vector 0.12 2017-01-09 00:10:45 +02:00
Ollie Charles
57a9420d99 yesod-core: Build with template-haskell-2.12.0 2017-01-04 13:08:09 +00:00
Michael Snoyman
9a484f9163 defaultMessageWidget 2016-12-07 20:08:47 -05:00
Michael Snoyman
ae7dfd2408 Changelog for #1310 2016-12-07 08:52:55 -05:00
Aleksey Uimanov
80f0b3cd70 Add comments and bump minor version to 1.4.29 2016-12-07 14:04:51 +05:00
Aleksey Uimanov
47ef36012d export getGetMaxExpires 2016-12-05 19:33:04 +05:00
Aleksey Uimanov
2bd3a936c9 fix blaze-markup version bounds 2016-12-02 16:26:19 +05:00
Aleksey Uimanov
d1697a3fde export toWaiAppYre 2016-12-02 15:55:09 +05:00
Michael Snoyman
fbdaa2f675 Add since lines 2016-11-30 19:36:29 +02:00
Michael Snoyman
312adc40d5 Version bump for #1310 2016-11-30 13:40:46 +02:00
Michael Snoyman
51a5641435 Merge pull request #1310 from yesodweb/text_toWidget 
Add ToWidget instances for strict text, lazy text, and text builder
 2016-11-30 13:39:59 +02:00
Michael Snoyman
00cf852216 Version bump for #1308 2016-11-29 13:47:33 +02:00
Andrew Martin
1781699cab Add ToWidget instances for strict text, lazy text, and text builder 2016-11-27 15:27:54 -05:00
Casey Allred
9458e57a58 adjusted to use *{..} syntax 2016-11-26 12:07:49 -07:00
Casey Allred
cec6f42a99 added jsAttributes for the script tag generated by julius files 2016-11-25 21:36:51 -07:00
Michael Snoyman
bbca01ce71 languages reflects setLanguage 2016-11-04 11:10:26 +02:00
Michael Snoyman
856e60eb9b Version bump 2016-09-25 14:34:38 +03:00
Ross MacLeod
09c37eb916 Use #if MIN_VERSION_transformers(0,4,0) instead of __GLASGOW_HASKELL__ >= 710 2016-09-22 13:27:25 -04:00
Ross MacLeod
6de5d8f829 missed making the import of ExceptT conditional on GHC version as well 2016-09-22 13:23:10 -04:00
Ross MacLeod
58fb977276 Only emit MonadHandler and MonadWidget instance for ExceptT when GHC version >= 7.10, since that's the first version tied to transformers-0.4.0.0 which introduced ExceptT 2016-09-22 13:00:09 -04:00
Ross MacLeod
ee100d7be0 Add instance of MonadHandler and MonadWidget for ExceptT 2016-09-21 14:41:30 -04:00
Michael Snoyman
87afb38635 Version bump for #1268 2016-08-29 07:04:34 +03:00
Cthulhu
fbaf502858 cached and cachedBy will not overwrite global state changes 2016-08-28 19:02:11 +03:00
Michael Snoyman
e5b3cf6dc7 Version bump 2016-08-28 14:59:55 +03:00
Alexander Lippling
8822fa37a8 Added support for aeson's toEncoding function (>= 0.11) to sendStatusJSON 2016-08-28 01:06:23 +02:00
Bryan Richter
111b017f58 Explain what sslOnlyMiddleware really does (#1262) 
Doc updated per
<https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security>.

I was tipped off to the discrepancy when my site worked totally fine over
http, in spite of the claim, "This middleware makes a site functionally
inaccessible over vanilla http in all standard browsers."
 2016-08-24 08:24:32 -07:00
Maximilian Tagher
e6287362ad Default CSRF tokens to the root path "/" 
* The default path of cookies is the current path making the request
  * e.g. an AJAX request made from http://example.com/foo/bar would be /foo
  * This causes multiple CSRF tokens to build up as you navigate a site
  * This will cause errors if the CSRF tokens have different values, and an invalid token is sent.
* Closes #1247
 2016-08-16 07:25:41 -07:00
Maximilian Tagher
9fb876e383 Merge pull request #1258 from bitemyapp/master 
What I did to avoid the duplicate cookie problem
 2016-08-13 21:18:49 -04:00
Michael Snoyman
cc6cc2939e Fix ChangeLog and @since comments 2016-08-10 15:18:41 +03:00
Michael Snoyman
f6891b0373 Merge branch 'BL/samesite' of https://github.com/bobjflong/yesod into bobjflong-BL/samesite 2016-08-10 15:17:25 +03:00
Michael Snoyman
629d4c49a4 Version bump for #1257 2016-08-10 08:42:04 +03:00
Artem Chuprina
83299bf1be urlParamRenderOverride method for Yesod class 
this method replaces urlRenderOverride because the latter lacks support for query string
 2016-08-09 22:54:24 +03:00
Chris Allen
a3f4974750 Merge branch 'master' of git://github.com/yesodweb/yesod 2016-07-22 10:50:22 -05:00
Maximilian Tagher
0eb8ab3050 Document recommended usage of the CSRF middleware 
* Closes #1246
 2016-07-14 07:56:31 -07:00
Chris Allen
5e4cefc9ad path, not value 2016-07-08 14:25:47 -05:00
Chris Allen
4a0caeb05c deleting cookie before adding to avoid duplicates for a test 2016-07-08 13:38:39 -05:00
Mikkel Christiansen
50c4138a5c Take hlint suggestions. 2016-06-28 08:28:23 +02:00
Mikkel Christiansen
cc134b93de Remove compiler warnings for unused var and unused imports. 2016-06-27 19:47:55 +02:00
Michael Snoyman
1036550d00 Add missing Monoid import 2016-06-23 08:15:53 +03:00
Michael Snoyman
c24d0e7f80 Allow deepseq 1.3 2016-06-22 23:01:44 +03:00
Michael Snoyman
90ecc1ebe3 Significant cleanup of runHandler 
@nh2 This hopefully makes the logic much clearer to avoid exceptional
cases slipping through.

@gregwebs Maybe you'd like to review this?

For yesod-core 1.5: we should make as many datatypes strict-fielded as
possible in Yesod.Core.Types to make for less corner cases. Also, the
idea of an exception value itself being partial is _really_ terrifying.
 2016-06-22 20:28:42 +03:00
Michael Snoyman
33ea980dba Simplify away from returnDeepSessionMap 2016-06-22 18:45:46 +03:00
Michael Snoyman
a3d9a13abe Proper handling of impure exceptions within HandlerError values 2016-06-22 18:24:18 +03:00
Michael Snoyman
85e7fd7e33 Version bump for #1241 2016-06-20 17:30:28 +03:00
Alexander Lippling
18cd7834d6 Added support for aeson's toEncoding function (>= 0.11) 2016-06-20 13:19:11 +02:00
Sibi
2a01710f4b Remove outdated instruction for jsLoader (#1238) 2016-06-05 11:28:22 -07:00
Adam Bergmark
7f9f8b450e yesod-core needs bytestring >= 0.10 2016-06-04 18:55:35 +02:00
Alex Greif
b85ffbaf52 fix typos 2016-05-17 17:21:03 +02:00
Bob Long
294ef285a3 remove redundant paren 2016-05-03 16:24:12 +01:00
Bob Long
6746c1c94f fixup whitespace in docs 2016-05-03 16:23:57 +01:00
Bob Long
1834d255e6 replace pure with Just for backwards compat 2016-05-03 15:18:45 +01:00
Bob Long
9b0caaf2cf expand documentation on lax & strict 2016-05-03 15:17:46 +01:00
Bob Long
bc7ff2f552 Add version information 2016-05-01 17:23:10 +01:00
Bob Long
aed1e27cb7 Bump cookie version in cabal file 2016-05-01 17:21:33 +01:00
Bob Long
a797c2e5d4 Add laxSameSiteSessions and strictSameSiteSessions 2016-05-01 16:31:01 +01:00
Michael Snoyman
bf0ca2bc10 Version bump 2016-04-25 16:57:40 +03:00
Michael Snoyman
18993caf3a Merge pull request #1223 from erikd/master 
yesod-core: Fix for a *very* late change in ghc-8.0 TH api
 2016-04-24 08:23:28 +03:00
Erik de Castro Lopo
96af1e7f39 yesod-core: Fix for a *very* late change in ghc-8.0 TH api 2016-04-23 10:54:41 +10:00
Michael Snoyman
b00d372c76 Fix benchmark compilation of yesod-core 2016-04-21 20:17:05 +03:00
Erik de Castro Lopo
21d27626b2 yesod-core: Fix for ghc-7.8 2016-04-19 15:18:46 +10:00
Erik de Castro Lopo
226c381baa yesod-core: Make it work with ghc-8.0 
Use CPP hackery to make it compile with ghc-8.0 and ghc 7.10. If
ghc-7.10 works, I assume earlier supported versions of GHC also
work. All tests pass with both GHC versions.

Unfortunately, the TH changes force changes in the type signature
of Yesod.Routes.TH.RenderRoute.mkRouteCons from:

    mkRouteCons :: [ResourceTree Type] -> ([Con], [Dec])

to

    mkRouteCons :: [ResourceTree Type] -> Q ([Con], [Dec])

and I can't see a way around that.
 2016-04-19 14:52:03 +10:00
Michael Snoyman
210f846af5 Merge pull request #1145 from ajnsit/hierarchical-subsites-args 
Pass hierarchical route arguments to subsites
 2016-04-12 07:27:47 +03:00
Maximilian Tagher
5a5cfd6c7a Bump version for CSRF logging changes, and improve error message. 2016-03-28 23:36:31 -07:00
Maximilian Tagher
28fbaae268 Log a warning when a CSRF error occurs 
* Closes #1192
 2016-03-28 23:35:27 -07:00
Michael Snoyman
da4948592d Version bump 2016-03-29 09:14:02 +03:00
Murray
9dbcc95c3f remove single message deprecated directives 2016-03-18 09:17:57 +00:00
Murray
a15070709d allow more than one session message and add statuses 2016-03-16 18:14:40 +00:00
Michael Snoyman
406694cd29 Version bump for #1182 2016-03-13 08:26:24 +02:00
mrkkrp
3640d75c99 Allow lines of dashes in route files 
See #1180.
 2016-03-11 14:09:57 +06:00
Sajith Sasidharan
93da4f060e Minor doc patch - sendStatusJSON is since 1.4.18 
I'm sure this is trivially obvious. :-)

Commit 6a60dac introduced `sendStatusJSON` on Nov 25, 2015; yesod-core 1.4.18 was uploaded to hackage on Dec 17.
 2016-03-06 18:22:51 -05:00
Chris Allen
7123b02500 typo 2016-03-01 15:13:34 -06:00
Michael Snoyman
cf5a390cad Add _token parameter to redirectToPost #1151 2016-01-24 14:37:44 +02:00