Permalink
Switch branches/tags
Nothing to show
Commits on May 18, 2012
  1. Merge pull request #20 from erebor/master

    Add the option to accept short domain names (not FQDN)
    vmg committed May 18, 2012
  2. Take out debug output

    erebor committed May 18, 2012
Commits on May 17, 2012
  1. Add some more output noise

    erebor committed May 17, 2012
  2. Fix indent

    erebor committed May 17, 2012
  3. Add short_domains option to allow autolinking of domains for the form…

    … 'http://foo' without requiring at least one '.' in the domain
    erebor committed May 17, 2012
Commits on Feb 13, 2012
  1. Bump to 1.5.1

    vmg committed Feb 13, 2012
  2. Fix a terrible terrible XSS bug

    Although Rinku was expecting all input data to be properly HTML-encoded,
     we didn't think of the corner case where a link could contain a
     valid `"` character (which isn't required to be explicitly encoded to
     be valid HTML), and open us up to XSS vulnerabilities.
    
     When writing out attributes, we need to properly escape the same
     character we used to open the attribute declaration: in this case, the
     double quotes.
    vmg committed Feb 13, 2012
Commits on Dec 8, 2011
  1. Merge pull request #17 from henare/rails_escaping

    Rinku should escape unencoded Rails input
    vmg committed Dec 8, 2011
Commits on Dec 4, 2011
  1. Bump to 1.5.0

    vmg committed Dec 4, 2011
  2. Update docs

    vmg committed Dec 4, 2011
Commits on Dec 3, 2011
  1. Backport changes from Sundown

    Fixes bug with URLs that end in a single period.
    vmg committed Dec 3, 2011
  2. Add Sundown submodule

    vmg committed Dec 3, 2011
  3. Remove the Upskirt submodule

    vmg committed Dec 3, 2011
Commits on Nov 10, 2011
  1. Minor fix for UTF-8 chars in gemspec

    vmg committed Nov 10, 2011
  2. 0.4.0: RInku performs no escaping now

    HTML escaping is left to the calling app. Inputs are expected to be
    previously escaped already.
    vmg committed Nov 10, 2011
Commits on Nov 8, 2011
  1. Merge pull request #11 from rtomayko/patch-1

    feedback from marketing
    vmg committed Nov 8, 2011
  2. Fix compilation for 1.9.3

    vmg committed Nov 8, 2011
  3. Update Gemfile for 1.3.0

    vmg committed Nov 8, 2011
  4. Add `skip_tags` argument

    vmg committed Nov 8, 2011
  5. feedback from marketing

    rtomayko committed Nov 8, 2011
Commits on Nov 7, 2011
  1. Merge pull request #9 from rtomayko/no-sanitize

    Don't sanitize in auto_link
    vmg committed Nov 7, 2011
  2. Merge pull request #10 from rtomayko/rails-method-replacement

    fix auto_link monkey-patch under Rails 2.x
    vmg committed Nov 7, 2011
  3. fix auto_link monkey-patch under Rails 2.x

    The module was being included in TextHelper behind the default Rails
    implementation and so was never called. This causes the method to be
    replaced.
    rtomayko committed Nov 7, 2011
  4. don't sanitize in auto_link

    Not sure why this is here. Core Rails's auto_link doesn't sanitize
    that I'm aware of. Definitely not under <= 2.3.
    rtomayko committed Nov 7, 2011
Commits on Sep 13, 2011
  1. Backport changes from Sundown

    vmg committed Sep 13, 2011
Commits on Jun 19, 2011
  1. Allow dashes in autolinks

    vmg committed Jun 19, 2011
Commits on Jun 17, 2011
Commits on Jun 12, 2011
  1. String#html_safe is Rails 3 only

    vmg committed Jun 12, 2011
  2. Merge pull request #3 from sr/patch-1

    fixup readme formatting
    vmg committed Jun 12, 2011