Skip to content
Browse files

Point to rubygems instead of Rails GitHub. [ci skip]

The rails repository is not the official plugin anymore
  • Loading branch information...
1 parent deb0e17 commit 151e5b6b08270fedb22f31bd448a8c5df62b36f0 @rafaelfranca rafaelfranca committed Aug 15, 2014
Showing with 1 addition and 1 deletion.
  1. +1 −1 guides/source/security.md
View
2 guides/source/security.md
@@ -841,7 +841,7 @@ It is recommended to _use RedCloth in combination with a whitelist input filter_
NOTE: _The same security precautions have to be taken for Ajax actions as for "normal" ones. There is at least one exception, however: The output has to be escaped in the controller already, if the action doesn't render a view._
-If you use the [in_place_editor plugin](https://github.com/rails/in_place_editing), or actions that return a string, rather than rendering a view, _you have to escape the return value in the action_. Otherwise, if the return value contains a XSS string, the malicious code will be executed upon return to the browser. Escape any input value using the h() method.
+If you use the [in_place_editor plugin](https://rubygems.org/gems/in_place_editing), or actions that return a string, rather than rendering a view, _you have to escape the return value in the action_. Otherwise, if the return value contains a XSS string, the malicious code will be executed upon return to the browser. Escape any input value using the h() method.
### Command Line Injection

0 comments on commit 151e5b6

Please sign in to comment.
Something went wrong with that request. Please try again.