diff options
author | Guillermo Iguaran <guilleiguaran@gmail.com> | 2014-07-10 19:38:20 -0400 |
---|---|---|
committer | Guillermo Iguaran <guilleiguaran@gmail.com> | 2014-07-10 19:38:20 -0400 |
commit | 0d676d154547b7c8f1c5ba03c9d2e51c089d7732 (patch) | |
tree | b7fd3b8f210a9a503d2f9791625f63a183597797 /actionpack/CHANGELOG.md | |
parent | 6e76031e8f1f815b390f966cb21e25c66e5ded50 (diff) | |
parent | 013c74d645a5842ce35857e4f14af7fc9961c54d (diff) | |
download | rails-0d676d154547b7c8f1c5ba03c9d2e51c089d7732.tar.gz rails-0d676d154547b7c8f1c5ba03c9d2e51c089d7732.tar.bz2 rails-0d676d154547b7c8f1c5ba03c9d2e51c089d7732.zip |
Merge pull request #14883 from chancancode/rm-single-space
Removed the single space character for Safari
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r-- | actionpack/CHANGELOG.md | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index fb36396167..58e5641a7e 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,17 @@ +* `render nothing: true` or rendering a `nil` body no longer add a single + space to the response body. + + The old behavior was added as a workaround for a bug in an early version of + Safari, where the HTTP headers are not returned correctly if the response + body has a 0-length. This is been fixed since and the workaround is no + longer necessary. + + Use `render body: ' '` if the old behavior is desired. + + See #14883 for details. + + *Godfrey Chan* + * Prepend a JS comment to JSONP callbacks. Addresses CVE-2014-4671 ("Rosetta Flash") |