diff options
author | rick <rick@spacemonkey.local> | 2008-05-13 09:41:10 -0700 |
---|---|---|
committer | rick <rick@spacemonkey.local> | 2008-05-13 09:41:10 -0700 |
commit | 74fd17346f30fddba0e174ae17f5697f2c22279e (patch) | |
tree | 1267cea613ee4a73a2f5ddf3fb24d224dc8bbded /actionpack/lib/action_view | |
parent | d09a8446d5606a5a0b5c024224b09a1318e9cf4d (diff) | |
parent | 4dedc7ddcaffa8c606af11ae2d32707131b99a2e (diff) | |
download | rails-74fd17346f30fddba0e174ae17f5697f2c22279e.tar.gz rails-74fd17346f30fddba0e174ae17f5697f2c22279e.tar.bz2 rails-74fd17346f30fddba0e174ae17f5697f2c22279e.zip |
Merge branch 'master' of git@github.com:rails/rails
Diffstat (limited to 'actionpack/lib/action_view')
4 files changed, 8 insertions, 3 deletions
diff --git a/actionpack/lib/action_view/helpers/javascripts/controls.js b/actionpack/lib/action_view/helpers/javascripts/controls.js index fbc4418b83..5aaf0bb2b7 100644 --- a/actionpack/lib/action_view/helpers/javascripts/controls.js +++ b/actionpack/lib/action_view/helpers/javascripts/controls.js @@ -1,4 +1,4 @@ -// Copyright (c) 2005-2007 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) +// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // (c) 2005-2007 Ivan Krstic (http://blogs.law.harvard.edu/ivan) // (c) 2005-2007 Jon Tirsen (http://www.tirsen.com) // Contributors: diff --git a/actionpack/lib/action_view/helpers/javascripts/dragdrop.js b/actionpack/lib/action_view/helpers/javascripts/dragdrop.js index ccf4a1e45c..bf5cfea66c 100644 --- a/actionpack/lib/action_view/helpers/javascripts/dragdrop.js +++ b/actionpack/lib/action_view/helpers/javascripts/dragdrop.js @@ -1,4 +1,4 @@ -// Copyright (c) 2005-2007 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) +// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // (c) 2005-2007 Sammi Williams (http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz) // // script.aculo.us is freely distributable under the terms of an MIT-style license. diff --git a/actionpack/lib/action_view/helpers/javascripts/effects.js b/actionpack/lib/action_view/helpers/javascripts/effects.js index 65aed23957..f030b5dbe9 100644 --- a/actionpack/lib/action_view/helpers/javascripts/effects.js +++ b/actionpack/lib/action_view/helpers/javascripts/effects.js @@ -1,4 +1,4 @@ -// Copyright (c) 2005-2007 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) +// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us) // Contributors: // Justin Palmer (http://encytemedia.com/) // Mark Pilgrim (http://diveintomark.org/) diff --git a/actionpack/lib/action_view/helpers/sanitize_helper.rb b/actionpack/lib/action_view/helpers/sanitize_helper.rb index 3129ff414e..6c0a7ec25c 100644 --- a/actionpack/lib/action_view/helpers/sanitize_helper.rb +++ b/actionpack/lib/action_view/helpers/sanitize_helper.rb @@ -48,6 +48,11 @@ module ActionView # config.action_view.sanitized_allowed_attributes = 'id', 'class', 'style' # end # + # Please note that sanitizing user-provided text does not guarantee that the + # resulting markup is valid (conforming to a document type) or even well-formed. + # The output may still contain e.g. unescaped '<', '>', '&' characters and + # confuse browsers. + # def sanitize(html, options = {}) self.class.white_list_sanitizer.sanitize(html, options) end |