Skip to content
Browse files

Update to Rails 2.3.17

  • Loading branch information...
1 parent fdbbdf4 commit d47d1fe2612c1c055d282e8777d8b38eb70c061a @jpallen jpallen committed Feb 11, 2013
View
2 config/environment.rb
@@ -5,7 +5,7 @@
# ENV['RAILS_ENV'] ||= 'production'
# Specifies gem version of Rails to use when vendor/rails is not present
-RAILS_GEM_VERSION = '2.3.16' unless defined? RAILS_GEM_VERSION
+RAILS_GEM_VERSION = '2.3.17' unless defined? RAILS_GEM_VERSION
# Bootstrap the Rails environment, frameworks, and default configuration
require File.join(File.dirname(__FILE__), 'boot')
View
2 vendor/rails/actionmailer/Rakefile
@@ -54,7 +54,7 @@ spec = Gem::Specification.new do |s|
s.rubyforge_project = "actionmailer"
s.homepage = "http://www.rubyonrails.org"
- s.add_dependency('actionpack', '= 2.3.16' + PKG_BUILD)
+ s.add_dependency('actionpack', '= 2.3.17' + PKG_BUILD)
s.requirements << 'none'
s.require_path = 'lib'
View
2 vendor/rails/actionmailer/lib/action_mailer/version.rb
@@ -2,7 +2,7 @@ module ActionMailer
module VERSION #:nodoc:
MAJOR = 2
MINOR = 3
- TINY = 16
+ TINY = 17
STRING = [MAJOR, MINOR, TINY].join('.')
end
View
2 vendor/rails/actionpack/Rakefile
@@ -78,7 +78,7 @@ spec = Gem::Specification.new do |s|
s.requirements << 'none'
- s.add_dependency('activesupport', '= 2.3.16' + PKG_BUILD)
+ s.add_dependency('activesupport', '= 2.3.17' + PKG_BUILD)
s.add_dependency('rack', '~> 1.1.0')
s.require_path = 'lib'
View
2 vendor/rails/actionpack/lib/action_pack/version.rb
@@ -2,7 +2,7 @@ module ActionPack #:nodoc:
module VERSION #:nodoc:
MAJOR = 2
MINOR = 3
- TINY = 16
+ TINY = 17
STRING = [MAJOR, MINOR, TINY].join('.')
end
View
2 vendor/rails/activerecord/Rakefile
@@ -192,7 +192,7 @@ spec = Gem::Specification.new do |s|
s.files = s.files + Dir.glob( "#{dir}/**/*" ).delete_if { |item| item.include?( "\.svn" ) }
end
- s.add_dependency('activesupport', '= 2.3.16' + PKG_BUILD)
+ s.add_dependency('activesupport', '= 2.3.17' + PKG_BUILD)
s.files.delete FIXTURES_ROOT + "/fixture_database.sqlite"
s.files.delete FIXTURES_ROOT + "/fixture_database_2.sqlite"
View
19 vendor/rails/activerecord/lib/active_record/attribute_methods.rb
@@ -80,7 +80,9 @@ def define_attribute_methods
end
unless instance_method_already_implemented?("#{name}=")
- if create_time_zone_conversion_attribute?(name, column)
+ if self.serialized_attributes[name]
+ define_write_method_for_serialized_attribute(name)
+ elsif create_time_zone_conversion_attribute?(name, column)
define_write_method_for_time_zone_conversion(name)
else
define_write_method(name.to_sym)
@@ -130,7 +132,7 @@ def cache_attribute?(attr_name)
# Suffixes a, ?, c become regexp /(a|\?|c)$/
def rebuild_attribute_method_regexp
suffixes = attribute_method_suffixes.map { |s| Regexp.escape(s) }
- @@attribute_method_regexp = /(#{suffixes.join('|')})$/.freeze
+ @@attribute_method_regexp = /(#{suffixes.join('|')})\z/.freeze
end
# Default to =, ?, _before_type_cast
@@ -184,6 +186,19 @@ def define_question_method(attr_name)
def define_write_method(attr_name)
evaluate_attribute_method attr_name, "def #{attr_name}=(new_value);write_attribute('#{attr_name}', new_value);end", "#{attr_name}="
end
+
+ # Defined for all serialized attributes. Disallows assigning already serialized YAML.
+ def define_write_method_for_serialized_attribute(attr_name)
+ method_body = <<-EOV
+ def #{attr_name}=(value)
+ if value.is_a?(String) and value =~ /^---/
+ raise ActiveRecordError, "You tried to assign already serialized content to #{attr_name}. This is disabled due to security issues."
+ end
+ write_attribute(:#{attr_name}, value)
+ end
+ EOV
+ evaluate_attribute_method attr_name, method_body, "#{attr_name}="
+ end
# Defined for all +datetime+ and +timestamp+ attributes when +time_zone_aware_attributes+ are enabled.
# This enhanced write method will automatically convert the time passed to it to the zone stored in Time.zone.
View
6 vendor/rails/activerecord/lib/active_record/base.rb
@@ -2998,11 +2998,11 @@ def convert_number_column_value(value)
def remove_attributes_protected_from_mass_assignment(attributes)
safe_attributes =
if self.class.accessible_attributes.nil? && self.class.protected_attributes.nil?
- attributes.reject { |key, value| attributes_protected_by_default.include?(key.gsub(/\(.+/, "")) }
+ attributes.reject { |key, value| attributes_protected_by_default.include?(key.gsub(/\(.+/m, "")) }
elsif self.class.protected_attributes.nil?
- attributes.reject { |key, value| !self.class.accessible_attributes.include?(key.gsub(/\(.+/, "")) || attributes_protected_by_default.include?(key.gsub(/\(.+/, "")) }
+ attributes.reject { |key, value| !self.class.accessible_attributes.include?(key.gsub(/\(.+/m, "")) || attributes_protected_by_default.include?(key.gsub(/\(.+/m, "")) }
elsif self.class.accessible_attributes.nil?
- attributes.reject { |key, value| self.class.protected_attributes.include?(key.gsub(/\(.+/,"")) || attributes_protected_by_default.include?(key.gsub(/\(.+/, "")) }
+ attributes.reject { |key, value| self.class.protected_attributes.include?(key.gsub(/\(.+/m,"")) || attributes_protected_by_default.include?(key.gsub(/\(.+/m, "")) }
else
raise "Declare either attr_protected or attr_accessible for #{self.class}, but not both."
end
View
2 vendor/rails/activerecord/lib/active_record/version.rb
@@ -2,7 +2,7 @@ module ActiveRecord
module VERSION #:nodoc:
MAJOR = 2
MINOR = 3
- TINY = 16
+ TINY = 17
STRING = [MAJOR, MINOR, TINY].join('.')
end
View
2 vendor/rails/activeresource/Rakefile
@@ -66,7 +66,7 @@ spec = Gem::Specification.new do |s|
s.files = s.files + Dir.glob( "#{dir}/**/*" ).delete_if { |item| item.include?( "\.svn" ) }
end
- s.add_dependency('activesupport', '= 2.3.16' + PKG_BUILD)
+ s.add_dependency('activesupport', '= 2.3.17' + PKG_BUILD)
s.require_path = 'lib'
View
2 vendor/rails/activeresource/lib/active_resource/version.rb
@@ -2,7 +2,7 @@ module ActiveResource
module VERSION #:nodoc:
MAJOR = 2
MINOR = 3
- TINY = 16
+ TINY = 17
STRING = [MAJOR, MINOR, TINY].join('.')
end
View
2 vendor/rails/activesupport/lib/active_support/core_ext/string/output_safety.rb
@@ -2,7 +2,7 @@
class ERB
module Util
- HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#x27;' }
+ HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#39;' }
JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }
# A utility method for escaping HTML tag characters.
View
2 vendor/rails/activesupport/lib/active_support/version.rb
@@ -2,7 +2,7 @@ module ActiveSupport
module VERSION #:nodoc:
MAJOR = 2
MINOR = 3
- TINY = 16
+ TINY = 17
STRING = [MAJOR, MINOR, TINY].join('.')
end
View
10 vendor/rails/railties/Rakefile
@@ -313,11 +313,11 @@ spec = Gem::Specification.new do |s|
EOF
s.add_dependency('rake', '>= 0.8.3')
- s.add_dependency('activesupport', '= 2.3.16' + PKG_BUILD)
- s.add_dependency('activerecord', '= 2.3.16' + PKG_BUILD)
- s.add_dependency('actionpack', '= 2.3.16' + PKG_BUILD)
- s.add_dependency('actionmailer', '= 2.3.16' + PKG_BUILD)
- s.add_dependency('activeresource', '= 2.3.16' + PKG_BUILD)
+ s.add_dependency('activesupport', '= 2.3.17' + PKG_BUILD)
+ s.add_dependency('activerecord', '= 2.3.17' + PKG_BUILD)
+ s.add_dependency('actionpack', '= 2.3.17' + PKG_BUILD)
+ s.add_dependency('actionmailer', '= 2.3.17' + PKG_BUILD)
+ s.add_dependency('activeresource', '= 2.3.17' + PKG_BUILD)
s.rdoc_options << '--exclude' << '.'
View
2 vendor/rails/railties/lib/rails/version.rb
@@ -2,7 +2,7 @@ module Rails
module VERSION #:nodoc:
MAJOR = 2
MINOR = 3
- TINY = 16
+ TINY = 17
STRING = [MAJOR, MINOR, TINY].join('.')
end
View
12 vendor/rails/railties/railties.gemspec
@@ -1,6 +1,6 @@
Gem::Specification.new do |s|
s.name = 'rails'
- s.version = '2.3.15'
+ s.version = '2.3.17'
s.summary = 'Web-application framework with template engine, control-flow layer, and ORM.'
s.description = "Rails is a framework for building web-application using CGI, FCGI, mod_ruby, or WEBrick\non top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates."
@@ -14,9 +14,9 @@ Gem::Specification.new do |s|
s.rdoc_options = ['--exclude', '.']
s.add_dependency 'rake', '>= 0.8.3'
- s.add_dependency 'activesupport', '= 2.3.15'
- s.add_dependency 'activerecord', '= 2.3.15'
- s.add_dependency 'actionpack', '= 2.3.15'
- s.add_dependency 'actionmailer', '= 2.3.15'
- s.add_dependency 'activeresource', '= 2.3.15'
+ s.add_dependency 'activesupport', '= 2.3.17'
+ s.add_dependency 'activerecord', '= 2.3.17'
+ s.add_dependency 'actionpack', '= 2.3.17'
+ s.add_dependency 'actionmailer', '= 2.3.17'
+ s.add_dependency 'activeresource', '= 2.3.17'
end

0 comments on commit d47d1fe

Please sign in to comment.
Something went wrong with that request. Please try again.