diff options
| author | Aaron Patterson <aaron.patterson@gmail.com> | 2013-01-04 12:02:22 -0800 |
|---|---|---|
| committer | Aaron Patterson <aaron.patterson@gmail.com> | 2013-01-07 17:20:12 -0800 |
| commit | d99e8c9e1618f509bb35f052d4bd0d1848bce771 (patch) | |
| tree | 4692f089b25801a251758cd8332a33391a4a6ac8 /activerecord/test | |
| parent | efbb041fb0146d5f633c2e645217f3a734539f11 (diff) | |
| download | rails-d99e8c9e1618f509bb35f052d4bd0d1848bce771.tar.gz rails-d99e8c9e1618f509bb35f052d4bd0d1848bce771.tar.bz2 rails-d99e8c9e1618f509bb35f052d4bd0d1848bce771.zip | |
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_dispatch/http/request.rb
actionpack/lib/action_dispatch/middleware/params_parser.rb
activerecord/CHANGELOG.md
activerecord/lib/active_record/relation/predicate_builder.rb
activerecord/test/cases/relation/where_test.rb
Diffstat (limited to 'activerecord/test')
| -rw-r--r-- | activerecord/test/cases/relation/where_test.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/activerecord/test/cases/relation/where_test.rb b/activerecord/test/cases/relation/where_test.rb index 297e865308..d1c3690478 100644 --- a/activerecord/test/cases/relation/where_test.rb +++ b/activerecord/test/cases/relation/where_test.rb @@ -90,6 +90,12 @@ module ActiveRecord [[], {}, nil, ""].each do |blank| assert_equal 4, Edge.where(blank).order("sink_id").to_a.size end + def test_where_with_table_name_and_empty_array + assert_equal 0, Post.where(:id => []).count + end + + def test_where_with_empty_hash_and_no_foreign_key + assert_equal 0, Edge.where(:sink => {}).count end end end |