Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Tag: v2.2.3
Commits on Sep 13, 2009
  1. @jeremy
  2. @jeremy
  3. @jeremy
  4. @jeremy
Commits on Sep 12, 2009
  1. @NZKoz
Commits on Sep 11, 2009
  1. @bohford @jeremy

    Remove redundant checks for valid character regexp in ActiveSupport::…

    bohford authored jeremy committed
    …Multibyte#clean and #verify.
    [#3181 state:committed]
    Signed-off-by: Jeremy Kemper <>
Commits on Sep 8, 2009
  1. @NZKoz

    1.9 compatible secure_compare

    NZKoz authored
  2. @NZKoz

    Revert "Ruby 1.9: fix MessageVerifier#secure_compare"

    NZKoz authored
    This reverts commit 91f65b7.
    MessageVerifier was never in 2.2
  3. @jeremy
  4. @jeremy

    Fix AS test breakage

    jeremy authored
Commits on Sep 4, 2009
  1. @technoweenie
Commits on Aug 31, 2009
  1. @NZKoz

    Clean tag attributes before passing through the escape_once logic.

    NZKoz authored
    Addresses CVE-2009-3009
  2. @NZKoz

    Add verify and clean methods to ActiveSupport::Multibyte.

    NZKoz authored
    When accepting character input from outside of your application you can't
    blindly trust that all strings are properly encoded. With these methods
    you can check incoming strings and clean them up if necessary.
    Signed-off-by: Michael Koziarski <>
Commits on Aug 23, 2009
  1. @NZKoz

    Fix timing attack vulnerability in the Cookie Store

    NZKoz authored
    Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC
Commits on Apr 20, 2009
  1. @lifo

    Ensure JoinAssociation uses aliased table name when multiple associat…

    lifo authored
    …ions have hash conditions on the same table
Commits on Apr 1, 2009
  1. @fcheung @lifo

    Don't use the transaction instance method so that people with has_one…

    fcheung authored lifo committed
    …/belongs_to :transaction aren't fubared
    [#1551 state:committed]
    Signed-off-by: Jeremy Kemper <>
Commits on Mar 11, 2009
  1. @jeremy
Commits on Feb 25, 2009
  1. @samgranieri @jeremy

    Ruby 1.9 compat: silence a warning about regexp languages

    samgranieri authored jeremy committed
    [#2050 state:committed]
    Signed-off-by: Jeremy Kemper <>
  2. @technoweenie
  3. @oboxodo @technoweenie

    Fixed bug that makes named_scopes _forgot_ current scope

    oboxodo authored technoweenie committed
    Signed-off-by: rick <>
    [#1960 #1677 state:resolved]
Commits on Feb 22, 2009
  1. @pixeltrix @NZKoz

    Remove hardcoded number_of_capturesin ControllerSegment to allow rege…

    pixeltrix authored NZKoz committed
    …xp requirements with capturing parentheses
  2. @pixeltrix @NZKoz

    Fix requirements regexp for path segments

    pixeltrix authored NZKoz committed
    Signed-off-by: Michael Koziarski <>
Commits on Feb 21, 2009
  1. @jeremy

    Update changelog for URI.unescape fix

    jeremy authored
    [#2033 state:committed]
  2. @jeremy

    Broaden URI.unescape fix to all affected 1.9.x by checking for broken…

    jeremy authored
    … behavior instead of specific patchlevel
  3. @moro @jeremy

    fix test data, should specify encoding to use multibyte chars on Ruby…

    moro authored jeremy committed
    … 1.9
    Signed-off-by: Jeremy Kemper <>
  4. @jeremy
  5. @moro @jeremy

    Ruby 1.9.1p0's URI.decode() bug fix

    moro authored jeremy committed
    backport to fix Ruby 1.9.1p0 bug on [ruby-dev:38005].
    Signed-off-by: Jeremy Kemper <>
Commits on Feb 20, 2009
  1. @brunetton @josh

    Make atomic_write() puts the check_file in the cache dir, not in appl…

    brunetton authored josh committed
    root [#1962 state:resolved]
    Signed-off-by: Joshua Peek <>
Commits on Feb 17, 2009
  1. @amatsuda @jeremy

    Ruby 1.9 compat: fix JSON decoding to work properly with multibyte va…

    amatsuda authored jeremy committed
    [#1969 state:committed]
    Signed-off-by: Jeremy Kemper <>
Commits on Feb 12, 2009
  1. @josh

    Allow memcache-client versions > 1.5.x to override bundled version

    Joshua Sierles authored josh committed
    Signed-off-by: Joshua Peek <>
Commits on Feb 10, 2009
  1. @jeremy
Commits on Feb 6, 2009
  1. @dhh
  2. @NZKoz

    Handle every error that can come out of the Iconv branch by rescuing …

    NZKoz authored
    …and returning nil
    [#1195 state:committed]
Commits on Feb 5, 2009
  1. @dguettler @josh

    check for template with specified extension but without template hand…

    dguettler authored josh committed
    …ler extension [#1798 state:resolved]
    Signed-off-by: Joshua Peek <>
Commits on Jan 29, 2009
  1. @NZKoz
Something went wrong with that request. Please try again.