…friendly nil errors for Array and Active Record methods.
This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) Note, this does *not* give you on-by-default XSS escaping in 2.3 applications. To get that you'll need to install a plugin: http://github.com/nzkoz/rails_xss
…of the original [#1133 state:resolved] Signed-off-by: Joshua Peek <email@example.com>
…hashes [#672 state:resolved] [David Burger, Dana Jones] Signed-off-by: Pratik Naik <firstname.lastname@example.org>
…pond to :size [#2489 state:committed] Signed-off-by: Jeremy Kemper <email@example.com>
… 'foo' instead of ''
…to_xml People using ActiveResource & REST to integrate with other systems need to be able to control the default dasherize behavior of Hash.to_xml. Currently there is no test for a default value, but existing code asssumes it's true. This patch adds tests for the default value and adds mattr_accessor to ActiveSupport for :dasherize_xml and :camelize_xml. These module attributes set the defaults for :dasherize and :camelize in rename_keys inside Hash#to_xml. The tests have been changed to separate out the testing of the parameter options for :camelize and :dasherize so that we only test one thing at a time. We also test default values for :camelize_xml and :dasherize_xml. The module attribute dasherize_xml is set to true in this patch to maintain existing code. But at some point in the future it should be set to false because Hash#to_xml probably should not set underscores to dashes by default. Changed documentation on ActiveResource#to_xml to correctly describe the behaviour of Hash#to_xml. The previous documentation said that the default for :dasherize was false, in fact it was and still is true, but we now have a way to change the default. I've also added documentation for the :camelize option. Signed-off-by: Michael Koziarski <firstname.lastname@example.org>
…backwards compatibility with Hash.from_xml Also add an all-caps test to prevent future regressions
…lved] When using Hash#to_xml, any TimeWithZone objects now use xmlschema (iso8601), rather than a simple TimeWithZone#to_s. Signed-off-by: Pratik Naik <email@example.com>
…nce [#1847 state:committed] Signed-off-by: David Heinemeier Hansson <firstname.lastname@example.org>
… behavior instead of specific patchlevel
…ication root [#1962 state:resolved] Signed-off-by: Joshua Peek <email@example.com>
…opes are not re-wrapped [#1935 state:committed] Signed-off-by: Jeremy Kemper <firstname.lastname@example.org>
…on-standard %z directive [#1899 state:resolved]