Skip to content
Commits on Feb 1, 2010
  1. For performance reasons, you can no longer call html_safe! on Strings…

    Yehuda Katz committed Jan 31, 2010
    …. Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will
      * Additionally, instead of doing concat("</form>".html_safe), you can do
        safe_concat("</form>"), which will skip both the flag set, and the flag
      * For the first pass, I converted virtually all #html_safe!s to #html_safe,
        and the tests pass. A further optimization would be to try to use
        #safe_concat as much as possible, reducing the performance impact if
        we know up front that a String is safe.
Commits on Jan 31, 2010
  1. @josh
Commits on Jan 30, 2010
  1. @josh

    Revert "Add rails.js driver to default source list"

    josh committed Jan 30, 2010
    This reverts commit 8a46e11.
Commits on Jan 29, 2010
  1. @josh
Commits on Jan 22, 2010
  1. @josh
Commits on Oct 14, 2009
  1. @wycats

    Start adding configuration to ActionView instead of using constants.

    wycats committed Oct 14, 2009
      By using config rather than hardcoded constants, we can evolve the
      configuration system over time (we'd just need to update the config
      method with more robust capabilities and all consumers would get
      the capabilities with no code changes)
Commits on Oct 7, 2009
  1. @NZKoz

    Switch to on-by-default XSS escaping for rails.

    NZKoz committed Oct 8, 2009
      This consists of:
      * String#html_safe! a method to mark a string as 'safe'
      * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it
      * Calls to String#html_safe! throughout the rails helpers
      * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB)
      * New ERB implementation based on erubis which uses a SafeBuffer instead of a String
    Hat tip to Django for the inspiration.
Commits on Sep 13, 2009
  1. @josh
Commits on Sep 3, 2009
  1. @spohlenz @josh

    Don't raise exceptions for missing javascript_include_tag or styleshe…

    spohlenz committed with josh Sep 3, 2009
    …et_link_tag sources unless the :cache or :concat options are given. [#2738 state:resolved]
    Signed-off-by: Joshua Peek <>
Commits on Aug 5, 2009
  1. @matthewrudy @lifo

    Make sure javascript_include_tag/stylesheet_link_tag does not append …

    matthewrudy committed with lifo Aug 5, 2009
    …".js" or ".css" onto external urls [#1664 state:resolved]
    Signed-off-by: Pratik Naik <>
Commits on Jul 30, 2009
  1. @marclove @wycats

    Fix tag helpers so that all HTML element boolean attributes render ac…

    marclove committed with wycats Jul 30, 2009
    …cording to the specs. Added all boolean attributes listed in the XHTML 1.0 specs ( and HTML 5 specs ( HTML 5 boolean attribute rendering was broken in commit 1e2d722 / [#2864 state:resolved].
    Signed-off-by: Yehuda Katz <>
Commits on Jul 7, 2009
  1. @miloops

    Adds a audio_tag helper for the HTML5 audio tag. Fixed video_path doc…

    miloops committed with Yehuda Katz Jul 3, 2009
    …s. HTML attributes values should be true or false not attribute's name. [#2864 state:resolved]
    Signed-off-by: Yehuda Katz <wycats@yehuda-katzs-macbookpro41.local>
Commits on Jul 2, 2009
  1. Removed unnecessary calls to image_path and hash lookups [#2827 state…

    Yehuda Katz + Carl Lerche committed Jul 2, 2009
  2. @tiegz

    Adds a video_tag helper for the HTML5 video tag (similar to how the i…

    tiegz committed with Yehuda Katz + Carl Lerche Jun 26, 2009
    …mage_tag works) (tests included); removes a duplicate test line for image_tag; adds boolean attributes for video tag to tag()'s boolean attributes
    Signed-off-by: Yehuda Katz + Carl Lerche <>
Commits on Jun 26, 2009
  1. @NZKoz

    Handle missing javascript/stylesheets assets by raising an exception

    Christos Zisopoulos committed with NZKoz May 29, 2009
    An exception will be raised if a local javascript/stylesheet file included
    by the stylesheet_link_tag or javascript_include_tag can not be found.
    When caching is enabled, we use atomic_write to ensure that the cache file
    is not created with zero length.
    Signed-off-by: Michael Koziarski <>
    [#2738 state:committed]
Commits on Jun 15, 2009
  1. @josh

    Add :concat option to asset tag helpers to force concatenation.

    josh committed Jun 15, 2009
    This is useful for working around IE's stylesheet limit.
      stylesheet_link_tag :all, :concat => true
Commits on Jun 11, 2009
  1. @akaspick @NZKoz

    allow absolute paths for the asset caches

    akaspick committed with NZKoz Jun 4, 2009
    Signed-off-by: Michael Koziarski <>
Commits on Feb 5, 2009
  1. @pixeltrix @josh

    Eliminate unnecessary File.exist? when correct file extension given [#…

    pixeltrix committed with josh Feb 5, 2009
    …1879 state:resolved]
    Signed-off-by: Joshua Peek <>
Commits on Jan 18, 2009
  1. @lifo

    Merge docrails

    lifo committed Jan 18, 2009
Commits on Jan 4, 2009
  1. @josh

    Cache AssetTag timestamps

    josh committed Jan 4, 2009
Commits on Jan 2, 2009
  1. @josh
Commits on Jan 1, 2009
  1. @dhh

    Fixed the AssetTagHelper cache to use the computed asset host as part…

    dhh committed Jan 1, 2009
    … of the cache key instead of just assuming the its a string [#1299 state:committed]
Commits on Dec 1, 2008
  1. @tekin @NZKoz

    Ensure ActionMailer doesn't blow up when a two argument proc is set f…

    tekin committed with NZKoz Nov 25, 2008
    …or the asset host
    Signed-off-by: Michael Koziarski <>
    [#1394 state:committed]
Commits on Nov 29, 2008
  1. @svenfuchs @josh

    Make sure #compute_public_path caching allows to return different res…

    svenfuchs committed with josh Nov 29, 2008
    …ults for different given sources [#1471 state:resolved]
    Signed-off-by: Joshua Peek <>
Commits on Nov 27, 2008
  1. @dhh
Commits on Nov 19, 2008
  1. @aaronbatalion @jeremy

    need to make sure the asset type is cached with it in Cache.. name is…

    aaronbatalion committed with jeremy Nov 19, 2008
    … sufficient, not self
    Signed-off-by: Jeremy Kemper <>
  2. @aaronbatalion @josh

    Fixed asset host to not cache objects [#1419 state:resolved]

    aaronbatalion committed with josh Nov 19, 2008
    Signed-off-by: Joshua Peek <>
Commits on Oct 26, 2008
  1. @dhh

    Fixed bug with asset timestamping when using relative_url_root (Joe G…

    dhh committed Oct 26, 2008
    …oldwasser) [#1265 status:committed]
Commits on Oct 6, 2008
  1. @lifo

    Fix image_tag behavior on windows. [#1085 state:resolved]

    madlep committed with lifo Oct 6, 2008
    Signed-off-by: Pratik Naik <>
Commits on Sep 22, 2008
  1. @martinrehfeld @josh

    Fixed AssetTag cache with with relative_url_root [#1022 state:resolved]

    martinrehfeld committed with josh Sep 22, 2008
    Signed-off-by: Joshua Peek <>
  2. @josh
Commits on Sep 11, 2008
  1. @josh
Commits on Sep 2, 2008
  1. @clemens @jeremy

    Removed unnecessary Symbol#to_proc from Asset Tag Helper.

    clemens committed with jeremy Sep 2, 2008
    Signed-off-by: Jeremy Kemper <>
Commits on Aug 14, 2008
  1. @jeremy
Commits on Aug 13, 2008
  1. @jeremy

    Set asset-cached file ctime and mtime to the max mtime of the combine…

    jeremy committed Aug 12, 2008
    …d files. Allows for consistent ETag generation without having a shared filesystem.
Something went wrong with that request. Please try again.