github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-01-14 17:18:04 -05:00
Code Issues Packages Projects Releases Wiki Activity
10,257 Commits 34 Branches 105 Tags
github28
Commit Graph

3908 Commits

Author SHA1 Message Date
José Valim
50f3754525 Ensure translations work with symbols. 2010-05-24 23:38:49 +02:00
Santiago Pastorino
4986d5ed04 translate helper method using an array is deprecated 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-24 23:38:48 +02:00
Jeremy Kemper
4fef5af9c3 2.3.7.pre1: fixes HTML escaping when *not* using rails_xss 2010-05-24 14:02:38 -07:00
Jeremy Kemper
9d3bd87045 Work around strange Ruby 1.9 autoload issue by using absolute load paths for tests 2010-05-24 12:16:33 -07:00
Santiago Pastorino
6b0616d1b8 translation method of TranslationHelper module returns a SafeBuffer Array backport 
[#4675 state:committed]

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-24 20:56:44 +02:00
Santiago Pastorino
d3da1a2c66 Revert "translation method of TranslationHelper module returns always SafeBuffer [#4194 status:resolved]" 
This reverts commit 2310aef29b.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-24 20:56:44 +02:00
wycats
8e6a044b2b Needs to work on 1.8 too 2010-05-24 11:29:12 -07:00
wycats
50b7c0c104 Give the ERB String the encoding of the original template 2010-05-24 11:18:20 -07:00
Jeremy Kemper
c66013e2c5 Fix that captured content (e.g. with form_for or div_for) would be HTML-escaped even without the rails_xss plugin installed. Rails 2.3.7, we barely knew ya... 2010-05-24 09:12:00 -07:00
Lance Ivy
9e08e196fa Ensure auto_link does not ignore multiple trailing punctuations 
[#2504 state:resolved]
 2010-05-24 11:47:36 +02:00
Mislav Marohnić
17b4fd25e4 avoid auto_linking already linked emails; more robust detection of linked URLs 
References #1523  [#1862 state:resolved]  [#3591 state:resolved]

Add test that shows how link text can contain HTML if needed:
the trick is using block form in combination with `raw`.
Let link text be automatically HTML-escaped

[#2017 state:resolved]
 2010-05-24 11:18:20 +02:00
Mislav Marohnić
bd9ca9aed0 auto_link: support arbitrary URI schemes like "ftp:" and "file:" 
recognizes all URI scheme allowed characters, such as colon and period.

[#3494 state:resolved]
 2010-05-24 11:18:20 +02:00
Jeremy Kemper
f97da34b4f Bump 2-3-stable to 2.3.8 2010-05-24 01:39:19 -07:00
Jeremy Kemper
326188c25e 2.3.7 release: fix rails_xss compatibility 2010-05-24 00:04:41 -07:00
Jeremy Kemper
86f0287993 Revert "Don't always mark the argument to #concat as HTML-safe." 
This reverts commit e53791f8c0.
 2010-05-23 16:51:47 -07:00
Jeremy Kemper
ab2d7c8b5d Use a non-XSS-protected output buffer for view tests 2010-05-23 16:21:44 -07:00
Jeremy Kemper
ca5f5d97b9 Fix test rendering unmarked but safe HTML 2010-05-23 15:28:40 -07:00
Nathan Weizenbaum
e53791f8c0 Don't always mark the argument to #concat as HTML-safe. 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-05-23 15:00:14 -07:00
Nathan Weizenbaum
48fbe7b0d8 Mark all raw HTML being concatted as HTML-safe. 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-05-23 14:57:45 -07:00
Jeremy Kemper
55e88eeee4 Bump 2-3-stable to 2.3.7 2010-05-23 01:39:45 -07:00
Jeremy Kemper
56bb5504dd 2.3.6 release 2010-05-22 23:53:40 -07:00
José Valim
94878c61a3 Deprecate legacy CGI options in SessionStores. 2010-05-18 03:25:57 +02:00
Rizwan Reza
74206aeff2 Rack dependency bumped to 1.1.0, tests passing. [#3558 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-16 22:19:25 +02:00
Neeraj Singh
3570f3e7f6 Fix broken integration test in 2.x [#4565 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-16 10:32:53 +02:00
Jeff Kreeftmeijer
5d7ad7ba41 make sure as is set before trying to build an #{as}_counter. [#2804 state:resolved] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-05-15 11:18:31 -07:00
Jeff Kreeftmeijer
2de364636c partial counters with :as [#2804 state:resolved] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-05-15 10:32:45 -07:00
Santiago Pastorino
adcfb4e8bd simple_format should return html_safe but not escape text, that's for rails_xss plugin [#3767 state:committed] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-05-07 11:56:53 -07:00
Joe Martinez
aa401bd75a Add ActiveResource::Base.include_root_in_json, like Active Record, to serialize instances as hash of model name -> attributes hash rather than the bare attributes hash. [#2584 state:committed] 
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-04-26 15:19:03 -07:00
Jeremy Kemper
9e262de3d8 Fix backport error: wrong exception name 2010-04-24 19:38:10 -07:00
Jeremy Kemper
8716ee44e5 Fix unstated AS::Multibyte dependency 2010-04-24 17:52:12 -07:00
Cezary Baginski
ec7716abcd actionpack: added missing encoding comments [#4466 state:resolved] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-04-24 17:30:59 -07:00
Jeremy Kemper
f6e71c674c Expect an incompatible encoding exception when a template with a magic comment renders a partial without one and its source encoding doesn't match the default external encoding 2010-04-24 17:12:05 -07:00
Jeremy Kemper
fb545f4c60 Expect an incompatible encoding exception when a template doesn't have a magic comment and its source encoding doesn't match the default external encoding 2010-04-24 17:12:00 -07:00
Akira Matsuda
4082001331 Fix pattern to match various magic comment formats 2010-04-24 17:05:38 -07:00
Jeremy Kemper
70034d820f Ensure ERB source begins with the encoding comment 2010-04-24 17:04:50 -07:00
Jeremy Kemper
81e06075b7 Ruby 1.9: ERB template encoding using a magic comment at the top of the file 2010-04-24 17:01:52 -07:00
Xavier Noria
b8b568e53b fix dash -> edit in an example, and a few touches now that we are here 2010-04-14 11:57:36 -07:00
Vicki Ball
dae247316d made error_message_on work by passing in the object name if there is no object [#3246 state:resolved] 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-04-10 14:02:34 +02:00
Jeremy Kemper
2cd29f4297 Only set response etag if body is not blank 2010-04-09 20:19:03 -07:00
Jeremy Kemper
d91d6fe15f CI: show all headers for diagnosis 2010-04-09 20:06:35 -07:00
Jeremy Kemper
56c5290fce CI: message for some outstanding failures 2010-04-09 19:32:47 -07:00
José Valim
4a02437a8d Fix a failure added on 958b0e977a 2010-04-09 22:19:49 +02:00
Santiago Pastorino
958b0e977a fix stack trace lines on class_eval 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-04-09 22:06:51 +02:00
José Valim
f87a518f81 Fix tests broken in 0653a6d30e 2010-04-09 09:23:09 +02:00
David Heinemeier Hansson
0653a6d30e Fixed that default locale templates should be used if the current locale template is missing [DHH] 2010-04-08 17:15:11 -07:00
Santiago Pastorino
cfb31edb54 Generate routes for nested resources with nil object raise RoutingError [#4262 state:committed] 
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
 2010-04-06 21:28:51 -07:00
Jeremy Kemper
aa48c79ae4 HTML safety: give a deprecation warning if an array of option tags is passed to select tag. Be sure to join the tag yourself and mark them .html_safe 2010-03-31 19:49:29 -07:00
Dudley Flanders
bf563bd904 Trivial doc update on nested attributes delete renaming 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-03-30 01:40:51 +02:00
Santiago Pastorino
629afe9f19 ActionView::SafeBuffer should be there for backwards compatibility [#4241 state:committed] 
Signed-off-by: Michael Koziarski <michael@koziarski.com>
 2010-03-22 14:07:53 +13:00
Bruno Michel
26f2cce232 button_to should generate an html_safe string 
Signed-off-by: Michael Koziarski <michael@koziarski.com>
 2010-03-22 14:07:42 +13:00