aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/template/output_safety_helper_test.rb
diff options
context:
space:
mode:
authorAaron Patterson <aaron.patterson@gmail.com>2013-01-08 12:11:18 -0800
committerAaron Patterson <aaron.patterson@gmail.com>2013-01-08 12:11:18 -0800
commit88cc1688d0cb828c17706b41a8bd27870f2a2beb (patch)
tree1001415a74aa4ba81cc8fc305f4cb7a0bc145afc /actionpack/test/template/output_safety_helper_test.rb
parentf049016cd348627bf8db0d72382d7580bf802a79 (diff)
parent2ced6f2f8a85957b160710ae5d9fb245a6106550 (diff)
downloadrails-88cc1688d0cb828c17706b41a8bd27870f2a2beb.tar.gz
rails-88cc1688d0cb828c17706b41a8bd27870f2a2beb.tar.bz2
rails-88cc1688d0cb828c17706b41a8bd27870f2a2beb.zip
Merge branch 'master-sec'
* master-sec: CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
Diffstat (limited to 'actionpack/test/template/output_safety_helper_test.rb')
0 files changed, 0 insertions, 0 deletions