rails.git - Mirror of official rails repo with custom fixes.

diff options

author	Michael Koziarski <michael@koziarski.com>	2010-12-07 16:27:55 +1300
committer	Aaron Patterson <aaron.patterson@gmail.com>	2011-02-08 13:56:08 -0800
commit	3ddd7f7ec9b156e4b7de4c23d448c2db98f30504 (patch)
tree	e3b492fcf19d1a7610cb7424f9c159807e646e87 /actionpack/test/controller/render_test.rb
parent	8ce57652b224c01d474ef20b27ea3c3838534467 (diff)
download	rails-3ddd7f7ec9b156e4b7de4c23d448c2db98f30504.tar.gz rails-3ddd7f7ec9b156e4b7de4c23d448c2db98f30504.tar.bz2 rails-3ddd7f7ec9b156e4b7de4c23d448c2db98f30504.zip

Be sure to javascript_escape the email address to prevent apostrophes inadvertently causing javascript errors.

This fixes CVE-2011-0446

Diffstat (limited to 'actionpack/test/controller/render_test.rb')

0 files changed, 0 insertions, 0 deletions