Skip to content
Commits on Feb 20, 2014
  1. @carlosantoniodasilva

    Merge pull request #14120 from gregmolnar/guides

    change 'assert !' to 'assert_not' in guides [ci skip]
    carlosantoniodasilva committed Feb 20, 2014
  2. @gregmolnar
Commits on Feb 19, 2014
  1. @arunagw
  2. @fxn

    Merge pull request #14102 from arthurnn/quietly_doc

    Add note to silence_stream and quietly. [skip ci]
    fxn committed Feb 19, 2014
  3. @arthurnn

    Methods silence_stream/quietly are not thread-safe [skip ci]

    State that on the doc.
    
    [fixes #11954]
    arthurnn committed Feb 19, 2014
  4. @arunagw

    Merge pull request #14107 from prakashmurthy/patch-1

    Close the meta tag with '/>' instead of '>'
    arunagw committed Feb 19, 2014
  5. @prakashmurthy

    [ci skip] Close the meta tag with '/>' instead of '>'

    This change fixes the 42 instances of `end tag for "meta" omitted, but
    OMITTAG NO was specified` error message that comes up when the full
    railsguides are validated.
    
    Full error list at
    https://gist.github.com/prakashmurthy/9086679.
    prakashmurthy committed Feb 19, 2014
Commits on Feb 18, 2014
  1. @guilleiguaran

    Fix render plain docs example in AM::Base

    The errors were introduced in e220a34
    guilleiguaran committed Feb 18, 2014
  2. @guilleiguaran

    Merge pull request #14099 from robertomiranda/render-text-2-plain

    Update Docs in favor to use render plain instead of text option
    guilleiguaran committed Feb 18, 2014
  3. @robertomiranda
  4. @arthurnn

    Merge pull request #14098 from Amit-Thawait/master

    Typo fix for unscope [ci skip]
    arthurnn committed Feb 18, 2014
  5. @Amit-Thawait

    Typo fix for unscope

    Amit-Thawait committed Feb 18, 2014
  6. @rafaelfranca

    Use the reference for the mime type to get the format

    Before we were calling to_sym in the mime type, even when it is unknown
    what can cause denial of service since symbols are not removed by the
    garbage collector.
    
    Fixes: CVE-2014-0082
    rafaelfranca committed Feb 18, 2014
  7. @rafaelfranca

    Merge branch '4-1-0-beta2'

    Conflicts:
    	actionview/CHANGELOG.md
    	activerecord/CHANGELOG.md
    rafaelfranca committed Feb 18, 2014
  8. @rafaelfranca
  9. @tenderlove @rafaelfranca

    Correctly escape PostgreSQL arrays.

    Thanks Godfrey Chan for reporting this!
    
    Fixes: CVE-2014-0080
    tenderlove committed with rafaelfranca Feb 12, 2014
  10. @rafaelfranca

    Escape format, negative_format and units options of number helpers

    Previously the values of these options were trusted leading to
    potential XSS vulnerabilities.
    
    Fixes: CVE-2014-0081
    rafaelfranca committed Feb 11, 2014
  11. @chancancode

    Merge pull request #14097 from chancancode/sync_4_1_release_notes

    Sync 4.1 release notes with changes since 7f648bc
    chancancode committed Feb 18, 2014
  12. @chancancode
  13. @rafaelfranca

    Merge pull request #14062 from sikachu/ps-render-format

    Introduce `:plain`, `:html`, and `:body` render options.
    rafaelfranca committed Feb 18, 2014
  14. @sikachu
  15. @sikachu

    Add `#no_content_type` attribute to `AD::Response`

    Setting this attribute to `true` will remove the content type header
    from the request. This is use in `render :body` feature.
    sikachu committed Feb 14, 2014
  16. @sikachu
  17. @sikachu

    Update guides for new rendering options

    * Introduces `:plain`, `:html`, `:body` render option.
    * Update guide to use `render :plain` instead of `render :text`.
    sikachu committed Feb 14, 2014
  18. @sikachu
  19. @sikachu

    Fix a fragile test on `action_view/render`

    This test were assuming that the list of render options will always be
    the same. Fixing that so this doesn't break when we add/remove render
    option in the future.
    sikachu committed Feb 14, 2014
  20. @sikachu

    Introduce `render :html` for render HTML string

    This is an option for to HTML content with a content type of
    `text/html`. This rendering option calls `ERB::Util.html_escape`
    internally to escape unsafe HTML string, so you will have to mark your
    string as html safe if you have any HTML tag in it.
    
    Please see #12374 for more detail.
    sikachu committed Feb 14, 2014
  21. @sikachu

    Introduce `render :plain` for render plain text

    This is as an option to render content with a content type of
    `text/plain`. This is the preferred option if you are planning to render
    a plain text content.
    
    Please see #12374 for more detail.
    sikachu committed Feb 7, 2014
  22. @sikachu
  23. @sikachu

    Introduce `render :body` for render raw content

    This is an option for sending a raw content back to browser. Note that
    this rendering option will unset the default content type and does not
    include "Content-Type" header back in the response.
    
    You should only use this option if you are expecting the "Content-Type"
    header to not be set. More information on "Content-Type" header can be
    found on RFC 2616, section 7.2.1.
    
    Please see #12374 for more detail.
    sikachu committed Jan 31, 2014
  24. @rafaelfranca

    Merge pull request #14095 from rails/rm-scopes

    Document `default_scope` changes
    rafaelfranca committed Feb 18, 2014
  25. @rafaelfranca
  26. @rafaelfranca
  27. @rafaelfranca

    Document the default scopes change on the release notes, CHANGELOG

    and upgrating guides
    
    [ci skip]
    rafaelfranca committed Feb 18, 2014
  28. @carlosantoniodasilva

    Merge pull request #14094 from kalabiyau/fix_parameters_naming

    Fix parameter naming in RemoteIp middleware constructor method [ci skip]
    carlosantoniodasilva committed Feb 18, 2014
Something went wrong with that request. Please try again.