Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: rails/rails
...
head fork: rails/rails
Checking mergeability… Don't worry, you can still create the pull request.
  • 7 commits
  • 18 files changed
  • 0 commit comments
  • 2 contributors
Commits on Jun 14, 2012
@fxn fxn removes item in the Active Record CHANGELOG
That change to update_attribute was considered
to be too subtle and was reverted in 30ea923
just before Rails 3 shipped. Later we introduced
update_column (Rails 3.1).
666a48a
@tenderlove tenderlove adding a test for #6459 28e744d
Commits on Jul 23, 2012
@tenderlove tenderlove updating changelog a4b8a7e
Commits on Jul 26, 2012
@tenderlove tenderlove * Do not convert digest auth strings to symbols. CVE-2012-3424 eb69ad2
@tenderlove tenderlove updating changelog with CVE 140a70a
@tenderlove tenderlove updating rails release date 6cf68d7
@tenderlove tenderlove bumping to 3.1.7 d314a48
View
2  RAILS_VERSION
@@ -1 +1 @@
-3.1.6
+3.1.7
View
4 actionmailer/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.1.7 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.1.6 (Jun 12, 2012)
* No changes.
View
2  actionmailer/lib/action_mailer/version.rb
@@ -2,7 +2,7 @@ module ActionMailer
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
4 actionpack/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.1.7 (Jul 26, 2012)
+
+* Do not convert digest auth strings to symbols. CVE-2012-3424
+
## Rails 3.1.6 (Jun 12, 2012)
* nil is removed from array parameter values
View
4 actionpack/lib/action_controller/metal/http_authentication.rb
@@ -227,9 +227,9 @@ def decode_credentials_header(request)
end
def decode_credentials(header)
- Hash[header.to_s.gsub(/^Digest\s+/,'').split(',').map do |pair|
+ HashWithIndifferentAccess[header.to_s.gsub(/^Digest\s+/,'').split(',').map do |pair|
key, value = pair.split('=', 2)
- [key.strip.to_sym, value.to_s.gsub(/^"|"$/,'').gsub(/'/, '')]
+ [key.strip, value.to_s.gsub(/^"|"$/,'').delete('\'')]
end]
end
View
2  actionpack/lib/action_pack/version.rb
@@ -2,7 +2,7 @@ module ActionPack
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
10 actionpack/test/controller/routing_test.rb
@@ -207,6 +207,16 @@ def test_draw_with_block_arity_one_raises
end
end
+ def test_specific_controller_action_failure
+ @rs.draw do
+ mount lambda {} => "/foo"
+ end
+
+ assert_raises(ActionController::RoutingError) do
+ url_for(@rs, :controller => "omg", :action => "lol")
+ end
+ end
+
def test_default_setup
@rs.draw { match '/:controller(/:action(/:id))' }
assert_equal({:controller => "content", :action => 'index'}, rs.recognize_path("/content"))
View
4 activemodel/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.1.7 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.1.6 (Jun 12, 2012)
* No changes.
View
2  activemodel/lib/active_model/version.rb
@@ -2,7 +2,7 @@ module ActiveModel
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
6 activerecord/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.1.7 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.1.6 (Jun 12, 2012)
* protect against the nesting of hashes changing the
@@ -633,8 +637,6 @@
## Rails 3.0.0 (August 29, 2010) ##
-* Changed update_attribute to not run callbacks and update the record directly in the database *Neeraj Singh*
-
* Add scoping and unscoped as the syntax to replace the old with_scope and with_exclusive_scope *José Valim*
* New rake task, db:migrate:status, displays status of migrations #4947 *Kevin Skoglund*
View
2  activerecord/lib/active_record/version.rb
@@ -2,7 +2,7 @@ module ActiveRecord
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
4 activeresource/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.1.7 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.1.6 (Jun 12, 2012)
* No changes.
View
2  activeresource/lib/active_resource/version.rb
@@ -2,7 +2,7 @@ module ActiveResource
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
4 activesupport/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.1.7 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.1.6 (Jun 12, 2012)
* No changes.
View
2  activesupport/lib/active_support/version.rb
@@ -2,7 +2,7 @@ module ActiveSupport
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
4 railties/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Rails 3.1.7 (Jul 26, 2012)
+
+* No changes.
+
## Rails 3.1.6 (Jun 12, 2012)
* No changes.
View
2  railties/lib/rails/version.rb
@@ -2,7 +2,7 @@ module Rails
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
2  version.rb
@@ -2,7 +2,7 @@ module Rails
module VERSION #:nodoc:
MAJOR = 3
MINOR = 1
- TINY = 6
+ TINY = 7
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')

No commit comments for this range

Something went wrong with that request. Please try again.