github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-04-26 03:00:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
10,373 Commits 34 Branches 105 Tags
2-3-github
Commit Graph

41 Commits

Author SHA1 Message Date
Corey Donohoe
42524c2bf1 backport patches for CVE-2013-0333 
https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo
 2013-01-28 13:23:53 -08:00
Bas Van Klinkenberg
b99914cc3e Fixed a bug in JSON decoding with Yaml backend, where a combination of dates, escaped or unicode encoded data and arrays would make the parser fail with a ParseError exception. 
[#2831]

Signed-off-by: Yehuda Katz <wycats@gmail.com>
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-03-14 21:50:22 -07:00
Jeremy Kemper
d5b4f4debf Automatically prefer Yajl or JSON backend over Yaml, if available 2010-02-05 12:31:18 -08:00
Brian Lopez
83b4c161fc Add yajl-ruby as a JSON parsing backend 
[#2666 state:committed]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-02-05 12:31:12 -08:00
Dwayne Litzenberger
a900205676 Fix ActiveSupport::JSON encoding of control characters [\x00-\x1f] 
According to RFC 4627, only the following Unicode code points are
allowed unescaped in JSON:

  unescaped = %x20-21 / %x23-5B / %x5D-10FFFF

However, ActiveSupport::JSON did not escape the range %x00-1f.  This caused
parse errors when trying to decode the resulting output.

[#3345 state:committed]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2009-12-23 11:46:25 -08:00
Jeremy Kemper
abd7bd311a Clean up spurious JSON decoding test failure 2009-09-13 05:43:10 -07:00
Daniel Sheppard
9341655fa3 Fix that JSON parser fails to read escaped backslashes. 
[#973 state:committed]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2009-08-09 22:32:13 -07:00
Jeremy Kemper
5217c16b09 JSON.escape returns UTF-8 strings 
[#2849 state:resolved]
 2009-07-01 16:27:13 -07:00
Jeremy Kemper
a69ee11968 JSON: split encoding and coercion 2009-06-08 01:37:28 -07:00
Jeremy Kemper
4a78dae2ab Revert rails_to_json -> to_json so we don't break compatibility 
[#2753 state:resolved]
 2009-06-08 00:11:12 -07:00
rick
2b5e4f38f5 load the JSON Backend lazily. 2009-05-17 19:16:11 -07:00
rick
d052e9fb58 Add pluggable JSON backends with support for the JSON gem. 
Example: ActiveSupport::JSON.backend = "JSONGem"

All internal Rails JSON encoding is now handled by
ActiveSupport::JSON.encode().  Use of #to_json is not recommended, as it
may clash with other libraries that overwrite it.  However, you can
recover Rails specific functionality
if you really want to use #to_json.

    gem 'json'
    ActiveSupport::JSON.backend = "JSONGem"

    class ActiveRecord::Base
      alias to_json rails_to_json
    end
 2009-05-17 18:40:38 -07:00
Ubiratan Pires Alberton
7b382cb9e5 Reverted affe50105f and added more JSON decoding tests. 
Works on Ruby 1.8 and 1.9

[#1100 state:resolved]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2009-03-11 14:36:14 -07:00
Tim Pope
9b9b2937ce Properly decode \u escape sequences in JSON [#1100 state:resolved] [Tim Pope, Philip Hallstrom] 
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
 2009-03-10 17:05:17 +00:00
Jeremy Kemper
1c36172c13 Ruby 1.9 compat: rename deprecated assert_raises to assert_raise. 
[#1617 state:resolved]
 2009-03-08 13:11:58 -07:00
Akira Matsuda
7c0e008973 Ruby 1.9 compat: fix JSON decoding to work properly with multibyte values 
[#1969 state:committed]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2009-02-17 11:58:53 -08:00
Michael Koziarski
0bed5bdb21 Properly quote json keys. 
According to the RFC and the json.org site all json keys must be strings, and those strings must be quoted with double quotes.
[#1755 state:committed]
 2009-01-16 17:40:04 +13:00
Pratik Naik
17da45b789 Fix JSON decoder date-converter regexp [#1662 state:resolved] [Jonathan del Strother] 2009-01-07 17:51:11 +00:00
Jeremy Kemper
f927a60d0f Require mocha >= 0.9.0 for AS tests 2008-11-22 19:19:12 -08:00
Dan Barry
0d4dbb3dfa test nested hash with float 
[#652 state:committed]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2008-10-12 14:24:05 -07:00
Manfred Stienstra
0211722088 Move with_kcode helper to abstract_unit. Add tests for multibyte string extensions. 2008-09-21 17:22:55 +02:00
gbuesing
be85868987 Time#to_json: don't convert to utc before encoding. References #175 2008-05-18 10:48:11 -05:00
Rick Olson
605196c448 Add config.active_support.escape_html_entities_in_json to allow disabling of html entity escaping. [rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9238 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2008-04-08 03:45:26 +00:00
Rick Olson
1eb57a6870 Add config.active_support.use_standard_json_time_format setting so that Times and Dates export to ISO 8601 dates. [rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9203 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2008-04-01 20:25:26 +00:00
Jeremy Kemper
7fe2ad7279 Ruby 1.9 compat: declare utf-8 file encoding 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8789 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2008-02-02 22:52:32 +00:00
Jeremy Kemper
f6d8526659 require abstract_unit directly since test is in load path 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8563 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2008-01-05 13:31:04 +00:00
Jeremy Kemper
aa4ad404c6 Ruby 1.9 compat: shadowed vars, kcode 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8402 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-12-15 02:28:20 +00:00
Michael Koziarski
92f02adf40 Don't escape forward slashes with String#to_json, our unicode encoding of < and > prevent the XSS problems. [tpope] Closes #10273 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8255 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-12-02 08:45:35 +00:00
Rick Olson
c708346688 Change JSON to encode %w(< > &) as 4 digit hex codes to be in compliance with the JSON spec. Closes #9975 [josh, chuyeow, tpope] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8050 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-10-29 00:18:43 +00:00
Rick Olson
34c125d774 Fix JSON encoding/decoding bugs dealing with /'s. Closes #9990 [Rick, theamazingrando] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8026 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-10-26 03:22:02 +00:00
Jeremy Kemper
7c3581cba2 Document Enumerable and Hash #to_json. Add test for hash with integer key. Closes #9970. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8010 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-10-24 16:21:46 +00:00
Jeremy Kemper
58a5eef53e Disambiguate Time, Date, and DateTime#to_json formatting. Closes #9750. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7746 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-10-05 09:43:24 +00:00
Jeremy Kemper
b1968708e1 Hash#to_json takes :only or :except options to specific or omit certain hash keys. Enumerable#to_json passes through its options to each element. Closes #9751. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7736 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-10-04 03:28:42 +00:00
David Heinemeier Hansson
7275d2749c Fixed JSON encoding to use quoted keys according to the JSON standard (closes #8762) [choonkat/chuyeow] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7697 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-30 20:57:50 +00:00
Rick Olson
2a60093fa3 Decode json strings as Dates/Times if they're using a YAML-compatible format. Closes #9614 [Rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7613 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-24 17:41:55 +00:00
Jeremy Kemper
71e33d9650 Fix JSON decoder with nested quotes and commas. Closes #9579. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7506 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-17 21:37:48 +00:00
Jeremy Kemper
3aadfcef88 Improve various test coverage. Closes #8676 [kamal] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7117 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-06-25 18:22:31 +00:00
Rick Olson
0345c97587 escape <'s and >'s in JSON strings. #8371 [Rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6893 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-05-29 09:10:36 +00:00
Jeremy Kemper
7b99b40352 Fix JSON date/time conversion tests. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6822 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-05-23 08:43:48 +00:00
Jeremy Kemper
fd15359104 Date, Time, and DateTime#to_json. Closes #8399. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6773 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-05-18 21:20:35 +00:00
Sam Stephenson
3202fbabe6 Refactor ActiveSupport::JSON to be less obtuse. Add support for JSON decoding by way of Syck with ActiveSupport::JSON.decode(json_string). Prevent hash keys that are JavaScript reserved words from being unquoted during encoding. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6443 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-03-18 07:05:58 +00:00