Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

delete vulnerable AS::SafeBuffer#[]

  • Loading branch information...
commit dfa33fa3da2e8495f5647c553704297cdc857917 1 parent 42fabd2
@amatsuda amatsuda authored tenderlove committed
View
6 activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -98,12 +98,6 @@ def initialize
end
end
- def[](*args)
- new_safe_buffer = super
- new_safe_buffer.instance_eval { @dirty = false }
- new_safe_buffer
- end
-
def safe_concat(value)
raise SafeConcatError if dirty?
original_concat(value)
View
6 activesupport/test/safe_buffer_test.rb
@@ -111,12 +111,6 @@ def test_titleize
assert_kind_of NilClass, @buffer.slice("chipchop")
end
- test "Should initialize @dirty to false for new instance when sliced" do
- dirty = @buffer[0,0].send(:dirty?)
- assert_not_nil dirty
- assert !dirty
- end
-
test "clone_empty returns an empty buffer" do
assert_equal '', ActiveSupport::SafeBuffer.new('foo').clone_empty
end
Please sign in to comment.
Something went wrong with that request. Please try again.