Skip to content
Commits on Aug 10, 2012
  1. @brainopia
  2. @brainopia

    Revert "Revert "Merge pull request #6084 from brainopia/support_for_m…

    brainopia committed
    …agic_domain_on_all_stores""
    
    This reverts commit a48ea68.
Commits on Aug 9, 2012
  1. @spastorino
  2. @spastorino

    Bump to 3.2.8

    spastorino committed
  3. @spastorino
  4. @spastorino

    Do not mark strip_tags result as html_safe

    spastorino committed
    Thanks to Marek Labos & Nethemba
    
    CVE-2012-3465
  5. @spastorino

    escape select_tag :prompt values

    spastorino committed
    CVE-2012-3463
Commits on Aug 8, 2012
  1. @rafaelfranca

    Fix CHANGELOG [ci skip]

    rafaelfranca committed
Commits on Aug 7, 2012
  1. @rafaelfranca

    Remove references to old behavior with headers at

    rafaelfranca committed
    ActionDispatch::Integration::ResquestHelpers.
    
    The behavior has removed at 4a6f4b9 to
    increase the compatibility with Rack::Test
    
    Closes #7136
    
    [ci skip]
  2. @josh
Commits on Aug 6, 2012
  1. @sikachu
  2. @sikachu

    Do not include application.js if it doesn't exists

    sikachu committed
    Rails were including 'application.js' to the pack when using
    `javascript_include_tag :all` even there's no application.js in the
    public directory.
Commits on Aug 5, 2012
  1. @rafaelfranca

    Revert "Merge pull request #6084 from brainopia/support_for_magic_dom…

    rafaelfranca committed
    …ain_on_all_stores"
    
    This reverts commit 393c652.
    
    This commit was supposed to fix a bug but it add more failures.
Commits on Aug 3, 2012
  1. @spastorino

    Bump to 3.2.8.rc2

    spastorino committed
  2. @josevalim @rafaelfranca

    Merge pull request #6084 from brainopia/support_for_magic_domain_on_a…

    josevalim committed with rafaelfranca
    …ll_stores
    
    Support cookie jar options for all cookie stores
Commits on Aug 2, 2012
  1. @spastorino

    html_escape should escape single quotes

    spastorino committed
    https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
    Closes #7215
    
    Conflicts:
    	actionpack/test/template/erb_util_test.rb
    	actionpack/test/template/form_tag_helper_test.rb
    	actionpack/test/template/text_helper_test.rb
    	actionpack/test/template/url_helper_test.rb
    	activesupport/lib/active_support/core_ext/string/output_safety.rb
  2. @spastorino @rafaelfranca

    html_escape should escape single quotes

    spastorino committed with rafaelfranca
    https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
    Closes #7215
    
    Conflicts:
    	actionpack/test/template/erb_util_test.rb
    	actionpack/test/template/form_tag_helper_test.rb
    	actionpack/test/template/text_helper_test.rb
    	actionpack/test/template/url_helper_test.rb
    	activesupport/lib/active_support/core_ext/string/output_safety.rb
Commits on Aug 1, 2012
  1. @spastorino

    Bump to 3.2.8.rc1

    spastorino committed
  2. @rafaelfranca
  3. @rafaelfranca

    Revert "Deprecate `:mouseover` options for `image_tag` helper."

    rafaelfranca committed
    This reverts commit 1aff772.
    
    Conflicts:
    	actionpack/CHANGELOG.md
  4. @rafaelfranca

    Fix CHANGELOGS

    rafaelfranca committed
  5. @rafaelfranca

    Revert "Deprecate `:confirm` in favor of `:data => { :confirm => 'Tex…

    rafaelfranca committed
    …t' }` option"
    
    Revert "Deprecate `:disable_with` in favor of `'data-disable-with'` option for `button_to` and `submit_tag` helpers."
    
    This reverts commit fc092a9.
    This reverts commit e9051e2.
    This reverts commit d47d6e7.
    This reverts commit 21141e7.
  6. @spastorino

    Add missing CHANGELOG entries

    spastorino committed
    [ci skip]
Commits on Jul 27, 2012
  1. @fxn

    adds a missing require from Active Support

    fxn committed
    This file uses mattr_accessor.
Commits on Jul 26, 2012
  1. @tenderlove

    updating release date

    tenderlove committed
  2. @tenderlove

    bumping to 3.2.7

    tenderlove committed
  3. @tenderlove

    updating the changelog

    tenderlove committed
  4. @tenderlove
Commits on Jul 23, 2012
  1. @tenderlove

    updating the version

    tenderlove committed
  2. @tenderlove

    updating changelogs

    tenderlove committed
  3. @pixeltrix

    Bump Journey requirements to 1.0.4

    pixeltrix committed
    There are some Action Pack tests for regressions from 3.1 that require
    a later version of Journey to pass so bump to the current version.
Commits on Jul 17, 2012
  1. @pixeltrix

    Add support for optional root segments containing slashes

    pixeltrix committed
    Optional segments with a root scope need to have the leading slash
    outside of the parentheses, otherwise the generated url will be empty.
    However if the route has non-optional elements then the leading slash
    needs to remain inside the parentheses otherwise the generated url
    will have two leading slashes, e.g:
    
    Blog::Application.routes.draw do
      get '/(:category)', :to => 'posts#index', :as => :root
      get '/(:category)/author/:name', :to => 'posts#author', :as => :author
    end
    
    $ rake routes
      root GET /(:category)(.:format)              posts#index
    author GET (/:category)/author/:name(.:format) posts#author
    
    This change adds support for optional segments that contain a slash,
    allowing support for urls like /page/2 for the root path, e.g:
    
    Blog::Application.routes.draw do
      get '/(page/:page)', :to => 'posts#index', :as => :root
    end
    
    $ rake routes
    root GET /(page/:page)(.:format) posts#index
    
    Fixes #7073
    (cherry picked from commit d8745de)
Commits on Jul 10, 2012
  1. Fixed bug creating invalid HTML in select options

    Rusty Geldmacher committed
    When a select tag is created for a field with errors, and that select
    tag has :prompt or :include_blank options, then the inserted first
    option will errantly have a <div class="field_with_errors"> wrapping
    it.
    
    See #7017
Commits on Jul 5, 2012
  1. @route

    Show in log correct wrapped keys

    route committed
Commits on Jul 3, 2012
  1. @mjtko @carlosantoniodasilva

    Fix NumberHelper options wrapping to prevent verbatim blocks being re…

    mjtko committed with carlosantoniodasilva
    …ndered instead of line continuations. While I'm at it, wrap long comment lines consistently.
    
    Conflicts:
    	actionpack/lib/action_view/helpers/number_helper.rb
    
    There was just one conflict related to the addition of the :format
    option to number_to_percentage.
Something went wrong with that request. Please try again.