Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: rails/rails
...
head fork: rails/rails
Checking mergeability… Don't worry, you can still create the pull request.
Commits on May 23, 2010
@jeremy jeremy Bump 2-3-stable to 2.3.7 55e88ee
@nex3 nex3 Mark all raw HTML being concatted as HTML-safe.
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
48fbe7b
@nex3 nex3 Don't always mark the argument to #concat as HTML-safe.
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
e53791f
@nex3 nex3 Don't incompatibly monkeypatch ERB.
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
e3f14d1
@jeremy jeremy Fix test rendering unmarked but safe HTML ca5f5d9
@jeremy jeremy Use a non-XSS-protected output buffer for view tests ab2d7c8
@jeremy jeremy Revert "Don't always mark the argument to #concat as HTML-safe."
This reverts commit e53791f.
86f0287
@spastorino spastorino Make use of safe_concat on TextHelper concat
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
b10bf83
Commits on May 24, 2010
@jeremy jeremy rails_xss handles deprecated String html safety, when installed 3ff921a
@jeremy jeremy Move tests for deprecated String#html_safe! to plugin 60e82a3
@jeremy jeremy 2.3.7 release: fix rails_xss compatibility 326188c
@jeremy jeremy Bump 2-3-stable to 2.3.8 f97da34
@jeremy jeremy Fix that captured content (e.g. with form_for or div_for) would be HT…
…ML-escaped even without the rails_xss plugin installed. Rails 2.3.7, we barely knew ya...
c66013e
@wycats wycats Give the ERB String the encoding of the original template 50b7c0c
@wycats wycats Needs to work on 1.8 too 8e6a044
@spastorino spastorino Revert "translation method of TranslationHelper module returns always…
… SafeBuffer [#4194 status:resolved]"

This reverts commit 2310aef.

Signed-off-by: José Valim <jose.valim@gmail.com>
d3da1a2
@spastorino spastorino translation method of TranslationHelper module returns a SafeBuffer A…
…rray backport

[#4675 state:committed]

Signed-off-by: José Valim <jose.valim@gmail.com>
6b0616d
@jeremy jeremy Work around strange Ruby 1.9 autoload issue by using absolute load pa…
…ths for tests
9d3bd87
@jeremy jeremy Add global gem task e5af56a
@jeremy jeremy 2.3.7.pre1: fixes HTML escaping when *not* using rails_xss 4fef5af
@spastorino spastorino translate helper method using an array is deprecated
Signed-off-by: José Valim <jose.valim@gmail.com>
4986d5e
@josevalim josevalim Ensure translations work with symbols. 50f3754
@jeremy jeremy Work around strange Ruby 1.9 autoload issue by using absolute load pa…
…ths for tests (ditto for other components' tests)
e8ba526
@spastorino spastorino Error messages for asserts
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
a9032c8
@jeremy jeremy Work around strange Ruby 1.9 autoload issue by using absolute load pa…
…ths for tests (for Active Model too)
aa44914
Commits on May 25, 2010
@jeremy jeremy HTML safety: fix textarea with nil content 6a9e188
@jeremy jeremy i18n: t() handles single keys returning an Array, also f7e27bd
@spastorino spastorino SQLite: forward compatibility with future driver releases
[#4633]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
240f4e9
Something went wrong with that request. Please try again.