escape options for the stylesheet_link_tag method #3124

merged 1 commit into from Sep 25, 2011


None yet

2 participants

avakhov commented Sep 25, 2011


I noticed a difference between 2 very similar method implementations:

The commits 871b87a, 8db51ee created this difference. But at 2007 html safe buffers didn't exist at all. Stylesheet link implementation with manual escaping of path traveled from one file to another. Now it's dangerous, because it's possible to pass unsafe options as in the test in my commit.

@josevalim josevalim merged commit 933ba0c into rails:master Sep 25, 2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment