Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Nov 2, 2010
  1. Santiago Pastorino
  2. Jeff Kreeftmeijer Santiago Pastorino

    Make sure capture's output gets html_escaped [#5545 state:resolved]

    jeffkreeftmeijer authored spastorino committed
    Also remove a duplicate test_link_to_unless assertion and add .html_safe
    to the remaining one.
    
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Commits on Aug 26, 2010
  1. Jaime Iniesta Xavier Noria

    Fix capture_helper.rb api documentation, unescaped script tag was bre…

    jaimeiniesta authored fxn committed
    …aking it on the content_for explanation
Commits on Jul 25, 2010
  1. Sebastian A. Espindola José Valim

    Fixed output_buffer encoding problem [#5179]

    sespindola authored josevalim committed
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
    Signed-off-by: José Valim <jose.valim@gmail.com>
Commits on Jun 28, 2010
  1. Jeremy Kemper
Commits on Jun 16, 2010
  1. Rizwan Reza
Commits on May 15, 2010
  1. Jeroen van Dijk
Commits on Mar 28, 2010
  1. Xavier Noria
Commits on Mar 17, 2010
  1. Yehuda Katz
Commits on Mar 16, 2010
  1. Jeremy Kemper
Commits on Mar 15, 2010
  1. Add deprecation notices for <% %>.

    Carlhuda authored
      * The approach is to compile <% %> into a method call that checks whether
        the value returned from a block is a String. If it is, it concats to the buffer and
        prints a deprecation warning.
      * <%= %> uses exactly the same logic to compile the template, which first checks
        to see whether it's compiling a block.
      * This should have no impact on other uses of block in templates. For instance, in
        <% [1,2,3].each do |i| %><%= i %><% end %>, the call to each returns an Array,
        not a String, so the result is not concatenated
      * In two cases (#capture and #cache), a String can be returned that should *never*
        be concatenated. We have temporarily created a String subclass called NonConcattingString
        which behaves (and is serialized) identically to String, but is not concatenated
        by the code that handles deprecated <% %> block helpers. Once we remove support
        for <% %> block helpers, we can remove NonConcattingString.
  2. Xavier Noria Jeremy Kemper

    with_output_buffer cannot assume there's an output_buffer

    fxn authored jeremy committed
    [#4182 state:committed]
    
    Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
Commits on Mar 10, 2010
  1. Yehuda Katz

    Deprecate block_called_from_erb? pending a solution for getting it in…

    Carlhuda authored wycats committed
    …to apps
Commits on Feb 1, 2010
  1. Santiago Pastorino

    Deleted all references to ActionView::SafeBuffer in favor of ActiveSu…

    spastorino authored Yehuda Katz committed
    …pport::SafeBuffer
    
    Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local>
Commits on Oct 7, 2009
  1. Michael Koziarski

    Switch to on-by-default XSS escaping for rails.

    NZKoz authored
      This consists of:
    
      * String#html_safe! a method to mark a string as 'safe'
      * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it
      * Calls to String#html_safe! throughout the rails helpers
      * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB)
      * New ERB implementation based on erubis which uses a SafeBuffer instead of a String
    
    Hat tip to Django for the inspiration.
Commits on Jun 21, 2009
  1. Darragh Curran Pratik

    Add content_for?(:name) helper to check if content_for(:name) is pres…

    darragh authored lifo committed
    …ent [#1311 state:resolved]
    
    Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
Commits on Jun 18, 2009
  1. Extract the layout proc into a method, and write documentation explai…

    Yehuda Katz + Carl Lerche authored
    …ning what the proc does in various cases.
  2. Drive the final stake through @content_for_*'s heart!

    Yehuda Katz + Carl Lerche authored
Commits on May 28, 2009
  1. Jeremy Kemper
Commits on Mar 13, 2009
  1. Jeremy Kemper

    Introduce flush_output_buffer to append the buffer to the response bo…

    jeremy authored
    …dy then start a new buffer. Useful for pushing custom parts to the response body without disrupting template rendering.
Commits on Jul 16, 2008
  1. Jeremy Kemper
Commits on Jul 11, 2008
  1. Michael Koziarski

    Whitespace

    NZKoz authored
Commits on Jun 20, 2008
  1. Jeremy Kemper

    Check whether blocks are called from erb using a special __in_erb_tem…

    jeremy authored
    …plate variable visible in block binding.
Commits on Jun 9, 2008
  1. Jeremy Kemper
  2. Jeremy Kemper

    Use output_buffer reader and writer methods exclusively instead of hi…

    jeremy authored
    …tting the instance variable so others can override the methods.
Commits on Jun 7, 2008
  1. Jeremy Kemper
Commits on Jun 3, 2008
  1. Jeremy Kemper
  2. Jeremy Kemper
Commits on Mar 28, 2008
  1. David Heinemeier Hansson

    Update doc (closes #11402)

    dhh authored
    git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9116 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Commits on Sep 28, 2007
  1. David Heinemeier Hansson

    Fixed spelling errors (closes #9706) [tarmo/rmm5t]

    dhh authored
    git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7666 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Commits on Sep 24, 2007
  1. David Heinemeier Hansson

    Stop rdoc from whining

    dhh authored
    git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7622 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Commits on Sep 21, 2007
  1. David Heinemeier Hansson

    Fixed CaptureHelper#content_for to work with the optional content par…

    dhh authored
    …ameter instead of just the block #9434 [sandofsky/wildchild]
    
    git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7522 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Commits on Jul 24, 2007
  1. David Heinemeier Hansson

    Its just ERb now

    dhh authored
    git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7211 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Commits on Jun 28, 2007
  1. Jeremy Kemper

    Improve capture helper documentation. Closes #8796.

    jeremy authored
    git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7148 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Commits on Jun 23, 2007
  1. David Heinemeier Hansson

    Massive documentation update for all helpers (closes #8223, #8177, #8175

    dhh authored
    , #8108, #7977, #7972, #7971, #7969) [jeremymcanally]
    
    git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7106 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Something went wrong with that request. Please try again.