diff options
| author | Andrew White <andyw@pixeltrix.co.uk> | 2015-11-27 13:46:46 +0000 |
|---|---|---|
| committer | Aaron Patterson <aaron.patterson@gmail.com> | 2016-01-22 15:01:20 -0800 |
| commit | cdabc95608336dbea7b6a3a3e925de5bbd5313ba (patch) | |
| tree | 743d5043e983483389c94e68a0a8341264e02516 /actionpack/lib/action_view/helpers/output_safety_helper.rb | |
| parent | 127967b735813cd4f263df7a50426d74e7e9cc17 (diff) | |
| download | rails-cdabc95608336dbea7b6a3a3e925de5bbd5313ba.tar.gz rails-cdabc95608336dbea7b6a3a3e925de5bbd5313ba.tar.bz2 rails-cdabc95608336dbea7b6a3a3e925de5bbd5313ba.zip | |
Don't short-circuit reject_if proc
When updating an associated record via nested attribute hashes the
reject_if proc could be bypassed if the _destroy flag was set in the
attribute hash and allow_destroy was set to false.
The fix is to only short-circuit if the _destroy flag is set and the
option allow_destroy is set to true. It also fixes an issue where
a new record wasn't created if _destroy was set and the option
allow_destroy was set to false.
CVE-2015-7577
Diffstat (limited to 'actionpack/lib/action_view/helpers/output_safety_helper.rb')
0 files changed, 0 insertions, 0 deletions