Skip to content
Commits on Feb 21, 2012
  1. @amatsuda @tenderlove
Commits on Sep 5, 2011
  1. @spastorino

    Merge pull request #2799 from tomstuart/3-1-stable

    spastorino committed
    Never return stored content from content_for when a block is given
Commits on May 23, 2011
  1. @smartinez87
Commits on May 10, 2011
  1. @josevalim
Commits on May 1, 2011
  1. @josevalim
Commits on Apr 16, 2011
  1. @josevalim
  2. @josevalim

    Yo dawg, I heard you like streaming. So I put a fiber, inside a block…

    josevalim committed
    …, inside a body, so you can stream.
Commits on Apr 15, 2011
  1. @josevalim
Commits on Apr 13, 2011
  1. @fxn
Commits on Apr 3, 2011
  1. @amatsuda


    amatsuda committed
    The author of ERB sais, his eRuby implementation was originally named "ERb/ERbLight" and then renamed to "ERB" when started bundled as a Ruby standard lib.
Commits on Nov 2, 2010
  1. @spastorino
  2. @jeffkreeftmeijer @spastorino

    Make sure capture's output gets html_escaped [#5545 state:resolved]

    jeffkreeftmeijer committed with spastorino
    Also remove a duplicate test_link_to_unless assertion and add .html_safe to the
    remaining one.
    Signed-off-by: Santiago Pastorino <>
Commits on Aug 30, 2010
  1. @josevalim

    Remove NonConcattingString.

    josevalim committed
Commits on Aug 26, 2010
  1. @jaimeiniesta @fxn

    Fix capture_helper.rb api documentation, unescaped script tag was bre…

    jaimeiniesta committed with fxn
    …aking it on the content_for explanation
Commits on Jul 25, 2010
  1. @sespindola @josevalim

    Fixed output_buffer encoding problem [#5179]

    sespindola committed with josevalim
    Signed-off-by: Santiago Pastorino <>
    Signed-off-by: José Valim <>
Commits on Jun 28, 2010
  1. @jeremy
Commits on Jun 16, 2010
  1. @rizwanreza
Commits on May 15, 2010
  1. @jeroenvandijk
Commits on Mar 28, 2010
  1. @fxn
Commits on Mar 17, 2010
  1. @wycats

    Eliminate warnings for AM on 1.8

    wycats committed
Commits on Mar 16, 2010
  1. @jeremy
Commits on Mar 15, 2010
  1. Add deprecation notices for <% %>.

    Carlhuda committed
      * The approach is to compile <% %> into a method call that checks whether
        the value returned from a block is a String. If it is, it concats to the buffer and
        prints a deprecation warning.
      * <%= %> uses exactly the same logic to compile the template, which first checks
        to see whether it's compiling a block.
      * This should have no impact on other uses of block in templates. For instance, in
        <% [1,2,3].each do |i| %><%= i %><% end %>, the call to each returns an Array,
        not a String, so the result is not concatenated
      * In two cases (#capture and #cache), a String can be returned that should *never*
        be concatenated. We have temporarily created a String subclass called NonConcattingString
        which behaves (and is serialized) identically to String, but is not concatenated
        by the code that handles deprecated <% %> block helpers. Once we remove support
        for <% %> block helpers, we can remove NonConcattingString.
  2. @fxn @jeremy

    with_output_buffer cannot assume there's an output_buffer

    fxn committed with jeremy
    [#4182 state:committed]
    Signed-off-by: Jeremy Kemper <>
Commits on Mar 10, 2010
  1. @wycats
Commits on Feb 1, 2010
  1. @spastorino

    Deleted all references to ActionView::SafeBuffer in favor of ActiveSu…

    spastorino committed with Yehuda Katz
    Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local>
Commits on Oct 7, 2009
  1. @NZKoz

    Switch to on-by-default XSS escaping for rails.

    NZKoz committed
      This consists of:
      * String#html_safe! a method to mark a string as 'safe'
      * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it
      * Calls to String#html_safe! throughout the rails helpers
      * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB)
      * New ERB implementation based on erubis which uses a SafeBuffer instead of a String
    Hat tip to Django for the inspiration.
Commits on Jun 21, 2009
  1. @darragh @lifo

    Add content_for?(:name) helper to check if content_for(:name) is pres…

    darragh committed with lifo
    …ent [#1311 state:resolved]
    Signed-off-by: Pratik Naik <>
Commits on Jun 18, 2009
  1. Extract the layout proc into a method, and write documentation explai…

    Yehuda Katz + Carl Lerche committed
    …ning what the proc does in various cases.
  2. Drive the final stake through @content_for_*'s heart!

    Yehuda Katz + Carl Lerche committed
Commits on May 28, 2009
  1. @jeremy
Commits on Mar 13, 2009
  1. @jeremy

    Introduce flush_output_buffer to append the buffer to the response bo…

    jeremy committed
    …dy then start a new buffer. Useful for pushing custom parts to the response body without disrupting template rendering.
Commits on Jul 16, 2008
  1. @jeremy
Commits on Jul 11, 2008
  1. @NZKoz


    NZKoz committed
Commits on Jun 20, 2008
  1. @jeremy

    Check whether blocks are called from erb using a special __in_erb_tem…

    jeremy committed
    …plate variable visible in block binding.
Commits on Jun 9, 2008
  1. @jeremy
Something went wrong with that request. Please try again.