Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Jul 24, 2012
  1. @lucasmazza
Commits on May 15, 2012
  1. @frodsan
Commits on Apr 5, 2012
  1. @ai
Commits on Feb 21, 2012
  1. @amatsuda @tenderlove
Commits on Dec 29, 2011
  1. @grentis
Commits on Dec 25, 2011
  1. @lest
Commits on Sep 5, 2011
  1. @spastorino

    Merge pull request #2799 from tomstuart/3-1-stable

    spastorino authored
    Never return stored content from content_for when a block is given
Commits on May 23, 2011
  1. @smartinez87
Commits on May 10, 2011
  1. @josevalim
Commits on May 1, 2011
  1. @josevalim
Commits on Apr 16, 2011
  1. @josevalim
  2. @josevalim

    Yo dawg, I heard you like streaming. So I put a fiber, inside a block…

    josevalim authored
    …, inside a body, so you can stream.
Commits on Apr 15, 2011
  1. @josevalim
Commits on Apr 13, 2011
  1. @fxn
Commits on Apr 3, 2011
  1. @amatsuda


    amatsuda authored
    The author of ERB sais, his eRuby implementation was originally named "ERb/ERbLight" and then renamed to "ERB" when started bundled as a Ruby standard lib.
Commits on Nov 2, 2010
  1. @spastorino
  2. @jeffkreeftmeijer @spastorino

    Make sure capture's output gets html_escaped [#5545 state:resolved]

    jeffkreeftmeijer authored spastorino committed
    Also remove a duplicate test_link_to_unless assertion and add .html_safe to the
    remaining one.
    Signed-off-by: Santiago Pastorino <>
Commits on Aug 30, 2010
  1. @josevalim

    Remove NonConcattingString.

    josevalim authored
Commits on Aug 26, 2010
  1. @jaimeiniesta @fxn

    Fix capture_helper.rb api documentation, unescaped script tag was bre…

    jaimeiniesta authored fxn committed
    …aking it on the content_for explanation
Commits on Jul 25, 2010
  1. @sespindola @josevalim

    Fixed output_buffer encoding problem [#5179]

    sespindola authored josevalim committed
    Signed-off-by: Santiago Pastorino <>
    Signed-off-by: José Valim <>
Commits on Jun 28, 2010
  1. @jeremy
Commits on Jun 16, 2010
  1. @rizwanreza
Commits on May 15, 2010
  1. @jeroenvandijk
Commits on Mar 28, 2010
  1. @fxn
Commits on Mar 17, 2010
  1. @wycats
Commits on Mar 16, 2010
  1. @jeremy
Commits on Mar 15, 2010
  1. Add deprecation notices for <% %>.

    Carlhuda authored
      * The approach is to compile <% %> into a method call that checks whether
        the value returned from a block is a String. If it is, it concats to the buffer and
        prints a deprecation warning.
      * <%= %> uses exactly the same logic to compile the template, which first checks
        to see whether it's compiling a block.
      * This should have no impact on other uses of block in templates. For instance, in
        <% [1,2,3].each do |i| %><%= i %><% end %>, the call to each returns an Array,
        not a String, so the result is not concatenated
      * In two cases (#capture and #cache), a String can be returned that should *never*
        be concatenated. We have temporarily created a String subclass called NonConcattingString
        which behaves (and is serialized) identically to String, but is not concatenated
        by the code that handles deprecated <% %> block helpers. Once we remove support
        for <% %> block helpers, we can remove NonConcattingString.
  2. @fxn @jeremy

    with_output_buffer cannot assume there's an output_buffer

    fxn authored jeremy committed
    [#4182 state:committed]
    Signed-off-by: Jeremy Kemper <>
Commits on Mar 10, 2010
  1. @wycats

    Deprecate block_called_from_erb? pending a solution for getting it in…

    Carlhuda authored wycats committed
    …to apps
Commits on Feb 1, 2010
  1. @spastorino

    Deleted all references to ActionView::SafeBuffer in favor of ActiveSu…

    spastorino authored Yehuda Katz committed
    Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local>
Commits on Oct 7, 2009
  1. @NZKoz

    Switch to on-by-default XSS escaping for rails.

    NZKoz authored
      This consists of:
      * String#html_safe! a method to mark a string as 'safe'
      * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it
      * Calls to String#html_safe! throughout the rails helpers
      * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB)
      * New ERB implementation based on erubis which uses a SafeBuffer instead of a String
    Hat tip to Django for the inspiration.
Commits on Jun 21, 2009
  1. @darragh @lifo

    Add content_for?(:name) helper to check if content_for(:name) is pres…

    darragh authored lifo committed
    …ent [#1311 state:resolved]
    Signed-off-by: Pratik Naik <>
Commits on Jun 18, 2009
  1. Extract the layout proc into a method, and write documentation explai…

    Yehuda Katz + Carl Lerche authored
    …ning what the proc does in various cases.
  2. Drive the final stake through @content_for_*'s heart!

    Yehuda Katz + Carl Lerche authored
Commits on May 28, 2009
  1. @jeremy
Something went wrong with that request. Please try again.