Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Oct 24, 2012
  1. @GRoguelon
Commits on Aug 2, 2012
  1. @rafaelfranca
  2. @spastorino @rafaelfranca

    html_escape should escape single quotes

    spastorino authored rafaelfranca committed
    https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
    Closes #7215
    
    Conflicts:
    	actionpack/test/template/erb_util_test.rb
    	actionpack/test/template/form_tag_helper_test.rb
    	actionpack/test/template/text_helper_test.rb
    	actionpack/test/template/url_helper_test.rb
    	activesupport/lib/active_support/core_ext/string/output_safety.rb
Commits on Jul 14, 2012
  1. @fxn

    adds a missing require [fixes #6896]

    fxn authored
    This file uses Time.zone, which is defined in
    active_support/core_ext/time/zones.rb.
Commits on Jun 25, 2012
  1. @carlosantoniodasilva

    Merge pull request #6857 from rsutphin/as_core_ext_time_missing_require

    carlosantoniodasilva authored
    Missing require breaks Time.=== when selectively loading ActiveSupport core_exts in 3.2.4+
Commits on May 20, 2012
  1. @drogus
Commits on May 15, 2012
  1. @frodsan
Commits on May 13, 2012
  1. @frodsan

    adding examples and docs

    frodsan authored
Commits on May 9, 2012
  1. @frodsan
Commits on May 8, 2012
  1. @frodsan

    removing docs duplication

    frodsan authored
  2. @vijaydev

    Merge pull request #6211 from frodsan/docs_attr_accessor_32stable

    vijaydev authored
    Adding docs to attribute accessor methods.
  3. @frodsan
Commits on May 4, 2012
  1. @mjtko
Commits on Apr 28, 2012
  1. @oscardelben @arunagw

    Remove circular require of time/zones

    oscardelben authored arunagw committed
Commits on Apr 15, 2012
  1. @drogus

    Add missing require in Active Support time zones (fixes #5854)

    drogus authored
    I also removed the other require as it's already present in
    `activesupport/core_ext/time/calculations`
Commits on Apr 10, 2012
  1. @tenderlove @arunagw

    probably should require the objects we monkey patch.

    tenderlove authored arunagw committed
  2. @tenderlove @arunagw

    bigdecimal can be duped on Ruby 2.0

    tenderlove authored arunagw committed
    Conflicts:
    
    	activesupport/test/core_ext/duplicable_test.rb
Commits on Mar 2, 2012
  1. @carlosantoniodasilva @drogus

    Stop SafeBuffer#clone_empty from issuing warnings

    carlosantoniodasilva authored drogus committed
    Logic in clone_empty method was dealing with old @dirty variable, which
    has changed by @html_safe in this commit:
    139963c
    
    This was issuing a "not initialized variable" warning - related to:
    #5237
    
    The logic applied by this method is already handled by the [] override,
    so there is no need to reset the variable here.
Commits on Mar 1, 2012
  1. @tenderlove

    Merge branch '3-2-2' into 3-2-stable

    tenderlove authored
    * 3-2-2:
      bumping to 3.2.2
      Ensure [] respects the status of the buffer.
      Merge pull request #4834 from sskirby/fix_usage_of_psql_in_db_test_prepare
      Merge pull request #5084 from johndouthat/patch-1
      updating RAILS_VERSION
      delete vulnerable AS::SafeBuffer#[]
      use AS::SafeBuffer#clone_empty for flushing the output_buffer
      add AS::SafeBuffer#clone_empty
      fix output safety issue with select options
  2. @josevalim @tenderlove

    Ensure [] respects the status of the buffer.

    josevalim authored tenderlove committed
Commits on Feb 27, 2012
  1. @tenderlove
Commits on Feb 25, 2012
  1. @RalphShnelvar

    Fixing Windows asset tag helper test failure

    RalphShnelvar authored
    In asset_tag_helper_test.rb there is an assert on the number of bytes in a
    concatenated file.  This test failed because Windows converts \n to \r\n as
    the default for "w".  This is different than in *nix systems where there is
    no conversion done.
    
    THe test that failed was test_caching_stylesheet_link_tag_when_caching_on
    
    Using bin mode fixes this behavior on windows and makes no change on the
    *nix systems.
Commits on Feb 21, 2012
  1. @amatsuda @tenderlove

    delete vulnerable AS::SafeBuffer#[]

    amatsuda authored tenderlove committed
  2. @amatsuda @tenderlove

    add AS::SafeBuffer#clone_empty

    amatsuda authored tenderlove committed
Commits on Feb 18, 2012
  1. @oestrich @vijaydev

    Update Time#change docs to reflect the options it uses

    oestrich authored vijaydev committed
    [ci skip]
Commits on Feb 5, 2012
  1. @kennyj
Commits on Jan 25, 2012
  1. @vijaydev

    Merge pull request #4673 from carlosantoniodasilva/validation-guides-…

    vijaydev authored
    …update-3-2
    
    Validation guides update 3 2
  2. @carlosantoniodasilva

    Change ActiveRecord::Errors to ActiveModel::Errors in guides

    carlosantoniodasilva authored
    Use ActiveModel::Errors in inflection example docs as well.
    
    Also fixes wrong information and link to locale file related to
    Errors#full_messages in I18n guide.
Commits on Jan 24, 2012
  1. @tenderlove

    Merge pull request #4514 from brainopia/update_timezone_offets

    tenderlove authored
    Update time zone offset information
Commits on Jan 15, 2012
  1. @semaperepelitsa

    Pass a symbol instead of a block. This is faster and more concise.

    semaperepelitsa authored
    At least Ruby 1.8.7 is required which is ok since 3.2.
    
    Benchmark:
    
    ```ruby
    require "benchmark"
    
    enum = 1..10_000
    N = 100
    Benchmark.bm do |x|
      x.report "inject block" do
        N.times do
          enum.inject { |sum, n| sum + n }
        end
      end
    
      x.report "inject symbol" do
        N.times do
          enum.inject(:+)
        end
      end
    end
    ```
    
    Result:
    
    ```
           user     system      total        real
    inject block   0.160000   0.000000   0.160000 (  0.179723)
    inject symbol  0.090000   0.000000   0.090000 (  0.095667)
    ```
Commits on Jan 12, 2012
  1. @vijaydev

    fixes in api docs

    vijaydev authored
Commits on Jan 3, 2012
  1. @tenderlove

    Merge pull request #4283 from lest/fix-singleton-checking

    tenderlove authored
    use correct variant of checking whether class is a singleton
Commits on Dec 30, 2011
  1. @fxn
  2. @lest @fxn

    refactor Range#include? to handle ranges with floats

    lest authored fxn committed
    Conflicts:
    
    	activesupport/lib/active_support/core_ext/range/include_range.rb
Commits on Dec 28, 2011
  1. @jonleighton

    Revert "Further simplify singleton_class checking in class_attribute"

    jonleighton authored
    This reverts commit 520918a.
    
    Reason: build failure
Something went wrong with that request. Please try again.