github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-01-14 17:18:04 -05:00
Code Issues Packages Projects Releases Wiki Activity
10,257 Commits 34 Branches 105 Tags
github28
Commit Graph

741 Commits

Author SHA1 Message Date
Charlie Somerville
aa4dfa6937 delete link_to_function and button_to_function 2013-10-24 12:46:41 -04:00
Charlie Somerville
ca7a53cbe9 fix tests 2013-10-24 12:46:30 -04:00
Charlie Somerville
6db8e71ad8 delete tests that hit PrototypeHelper 2013-10-24 12:25:38 -04:00
Charlie Somerville
a4274b33f7 rip out scriptaculous 2013-10-24 12:23:20 -04:00
Charlie Somerville
9645f8be89 delete prototype.js helpers 2013-10-24 12:21:25 -04:00
Charlie Somerville
06d4ca0254 establish a baseline by skipping all tests failing before 2.0.0 2013-08-06 17:41:45 -07:00
Xavier Noria
2eede7e5ac s/escape_once/html_escape/, since html safety is the contract that now says whether something has to be escaped 
Conflicts:
	actionpack/CHANGELOG
	actionpack/lib/action_view/helpers/form_tag_helper.rb
	actionpack/lib/action_view/helpers/url_helper.rb
	actionpack/test/template/url_helper_test.rb
 2013-02-16 20:44:20 -08:00
rizwanreza
3df96518be Allow content_tag options to take an array [#1741 state:resolved] [rizwanreza, Nick Quaranto] 
Example:
  content_tag('p', "limelight", :class => ["song", "play"])
  # => <p class="song play">limelight</p>

Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
 2013-02-16 20:22:41 -08:00
Michael Koziarski
abe97736b8 Be sure to javascript_escape the email address to prevent apostrophes inadvertently causing javascript errors. 
This fixes CVE-2011-0446
 2011-02-09 09:20:16 +13:00
Michael Koziarski
dbbf2fd19c Revert "Makes form_helper use overriden model accessors backport" 
This change introduced breakages and test failures.

This reverts commit 8141f0894e.
 2010-09-27 12:20:54 +13:00
Santiago Pastorino
43e2bbe28e Making time_zone_options_for_select return a html_safe string master backport 2010-08-15 10:07:38 -03:00
Santiago Pastorino
8141f0894e Makes form_helper use overriden model accessors backport 
[#3374]
 2010-08-01 19:49:45 -03:00
Michael Koziarski
cbf36cf57c Revert "make text_field and hidden_field omit the value attribute if the developer explicitly passes in :value => nil [#4839 state:reopened]" 
This reverts commit 52c922fad1
 2010-06-23 16:54:05 +12:00
Michael Koziarski
52c922fad1 make text_field and hidden_field omit the value attribute if the developer explicitly passes in :value => nil [#4839 state:resolved] 
Signed-off-by: Michael Koziarski <michael@koziarski.com>

Conflicts:

	actionpack/lib/action_view/helpers/form_helper.rb
 2010-06-23 16:25:19 +12:00
Michael Koziarski
5796a92433 Merge commit 'mislav/auto_link_2-3-stable' into 2-3-stable 2010-05-29 14:05:21 +12:00
Jeremy Kemper
f7e27bd078 i18n: t() handles single keys returning an Array, also 2010-05-24 20:41:28 -07:00
Jeremy Kemper
6a9e188c0c HTML safety: fix textarea with nil content 2010-05-24 20:13:07 -07:00
José Valim
50f3754525 Ensure translations work with symbols. 2010-05-24 23:38:49 +02:00
Santiago Pastorino
4986d5ed04 translate helper method using an array is deprecated 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-24 23:38:48 +02:00
Santiago Pastorino
6b0616d1b8 translation method of TranslationHelper module returns a SafeBuffer Array backport 
[#4675 state:committed]

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-24 20:56:44 +02:00
Santiago Pastorino
d3da1a2c66 Revert "translation method of TranslationHelper module returns always SafeBuffer [#4194 status:resolved]" 
This reverts commit 2310aef29b.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-24 20:56:44 +02:00
Lance Ivy
9e08e196fa Ensure auto_link does not ignore multiple trailing punctuations 
[#2504 state:resolved]
 2010-05-24 11:47:36 +02:00
Mislav Marohnić
17b4fd25e4 avoid auto_linking already linked emails; more robust detection of linked URLs 
References #1523  [#1862 state:resolved]  [#3591 state:resolved]

Add test that shows how link text can contain HTML if needed:
the trick is using block form in combination with `raw`.
Let link text be automatically HTML-escaped

[#2017 state:resolved]
 2010-05-24 11:18:20 +02:00
Mislav Marohnić
bd9ca9aed0 auto_link: support arbitrary URI schemes like "ftp:" and "file:" 
recognizes all URI scheme allowed characters, such as colon and period.

[#3494 state:resolved]
 2010-05-24 11:18:20 +02:00
Santiago Pastorino
adcfb4e8bd simple_format should return html_safe but not escape text, that's for rails_xss plugin [#3767 state:committed] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-05-07 11:56:53 -07:00
Jeremy Kemper
9e262de3d8 Fix backport error: wrong exception name 2010-04-24 19:38:10 -07:00
Cezary Baginski
ec7716abcd actionpack: added missing encoding comments [#4466 state:resolved] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-04-24 17:30:59 -07:00
Jeremy Kemper
f6e71c674c Expect an incompatible encoding exception when a template with a magic comment renders a partial without one and its source encoding doesn't match the default external encoding 2010-04-24 17:12:05 -07:00
Jeremy Kemper
fb545f4c60 Expect an incompatible encoding exception when a template doesn't have a magic comment and its source encoding doesn't match the default external encoding 2010-04-24 17:12:00 -07:00
Jeremy Kemper
70034d820f Ensure ERB source begins with the encoding comment 2010-04-24 17:04:50 -07:00
Jeremy Kemper
81e06075b7 Ruby 1.9: ERB template encoding using a magic comment at the top of the file 2010-04-24 17:01:52 -07:00
Vicki Ball
dae247316d made error_message_on work by passing in the object name if there is no object [#3246 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-04-10 14:02:34 +02:00
Santiago Pastorino
958b0e977a fix stack trace lines on class_eval 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-04-09 22:06:51 +02:00
Santiago Pastorino
cfb31edb54 Generate routes for nested resources with nil object raise RoutingError [#4262 state:committed] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-04-06 21:28:51 -07:00
Jeremy Kemper
aa48c79ae4 HTML safety: give a deprecation warning if an array of option tags is passed to select tag. Be sure to join the tag yourself and mark them .html_safe 2010-03-31 19:49:29 -07:00
Bruno Michel
26f2cce232 button_to should generate an html_safe string 
Signed-off-by: Michael Koziarski <michael@koziarski.com>
 2010-03-22 14:07:42 +13:00
Santiago Pastorino
9cfa87519d scope_key_by_partial fix for Ruby 1.9 when there's virtual_path 
[#4202 state:committed]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-03-16 16:05:24 -07:00
Santiago Pastorino
2310aef29b translation method of TranslationHelper module returns always SafeBuffer [#4194 status:resolved] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-03-16 13:49:59 -07:00
Santiago Pastorino
056f957b22 There's a Ruby issue with File.basename different versions returns different things, so we shouldn't test that 
[#4174]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-03-14 13:37:30 -07:00
Santiago Pastorino
d3a8152203 Adds disable option to date_helpers generated hidden fields when html_options specifies it. ht by Marc Schütz 
[#3807 state:committed]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-03-05 13:49:23 -08:00
Santiago Pastorino
0307dbaba9 add time_separator for minutes only if minutes aren't hidden 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-02-24 18:41:29 -08:00
Santiago Pastorino
39bcf14b34 missing html_safe added and tests 2010-02-19 15:34:18 -08:00
Santiago Pastorino
397262a4ee i18n translate with arrays issue solved 2010-02-19 14:03:50 -08:00
Martin Andert
6227ec11f0 Fix error_messages_for i18n issue if object_name has underscores [#3629 status:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-02-17 21:07:05 +01:00
Santiago Pastorino and José Ignacio Costa
4158282e32 simple_format returns a safe buffer escaping unsafe input [Santiago Pastorino] (Closes #3767) 
Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
 2010-02-12 17:25:11 -08:00
Gabriel Mansour
6451e864b9 Fix pluralization for numbers formatted like '1.00' 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-02-07 12:15:10 -08:00
Santiago Pastorino and José Ignacio Costa
9ca6df83f6 Backport html_safe. Use latest rails_xss plugin for forward-compatibility with Rails 3. 2010-02-05 11:07:56 -08:00
David Heinemeier Hansson
d5ba7c3ea4 Fixed that much of DateHelper wouldn't return html_safe? strings [DHH] 2010-01-08 11:48:38 -08:00
José Valim
b7fd42626a Use helpers.label instead of views.labels. 2010-01-07 02:28:10 +01:00
Zach Brock
f32c96eb76 fixing autolinking other protocols 
Signed-off-by: Michael Koziarski <michael@koziarski.com>
[#3494 state:committed]
 2010-01-05 10:39:12 +13:00