diff options
author | Rick Olson <technoweenie@gmail.com> | 2007-09-23 00:11:08 +0000 |
---|---|---|
committer | Rick Olson <technoweenie@gmail.com> | 2007-09-23 00:11:08 +0000 |
commit | 2d02199e1581db8dc84361803950b1697f493fc0 (patch) | |
tree | 732d42271e966dc294d9263f1bf411f44286d876 /actionpack/CHANGELOG | |
parent | 4965b1b96163aa7bbc5f14d237683a12300e0798 (diff) | |
download | rails-2d02199e1581db8dc84361803950b1697f493fc0.tar.gz rails-2d02199e1581db8dc84361803950b1697f493fc0.tar.bz2 rails-2d02199e1581db8dc84361803950b1697f493fc0.zip |
Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. Closes #8877. [Rick, lifofifo, Jacques Distler]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7589 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/CHANGELOG')
-rw-r--r-- | actionpack/CHANGELOG | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index df25ec800f..b684148f91 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,10 @@ *SVN* +* Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. Closes #8877. [Rick, lifofifo, Jacques Distler] + + This merges and renames the popular white_list helper (along with some css sanitizing from Jacques Distler version of the same plugin). + Also applied updated versions of #strip_tags and #strip_links from #8877. + * Remove use of & logic operator. Closes #8114. [watson] * Fixed JavaScriptHelper#escape_javascript to also escape closing tags #8023 [rubyruy] |