Merge branch 'master-sec'

* master-sec: fix protocol checking in sanitization [CVE-2013-1857] JDOM XXE Protection [CVE-2013-1856] fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855] stop calling to_sym when building arel nodes [CVE-2013-1854]
author: Aaron Patterson <aaron.patterson@gmail.com> 2013-03-18 10:17:32 -0700
committer: Aaron Patterson <aaron.patterson@gmail.com> 2013-03-18 10:17:32 -0700
commit: 2392535f4085d88186097e3c23414e958fb1d16d (patch)
tree: ff6fa883b22554acc0c464395ffbd4ae3b4f6210 /activesupport/test/fixtures/xml/jdom_include.txt
parent: 0053c21019494fc3f5d14a11062e633bdb23bd2f (diff)
parent: e115ace02a88290d2fc707b4979f23728c300950 (diff)
download: rails-2392535f4085d88186097e3c23414e958fb1d16d.tar.gz
rails-2392535f4085d88186097e3c23414e958fb1d16d.tar.bz2
rails-2392535f4085d88186097e3c23414e958fb1d16d.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/activesupport/test/fixtures/xml/jdom_include.txt b/activesupport/test/fixtures/xml/jdom_include.txt
new file mode 100644
index 0000000000..239ca3afaf
--- /dev/null
+++ b/activesupport/test/fixtures/xml/jdom_include.txt
@@ -0,0 +1 @@
+include me
author	Aaron Patterson <aaron.patterson@gmail.com>	2013-03-18 10:17:32 -0700
committer	Aaron Patterson <aaron.patterson@gmail.com>	2013-03-18 10:17:32 -0700
commit	2392535f4085d88186097e3c23414e958fb1d16d (patch)
tree	ff6fa883b22554acc0c464395ffbd4ae3b4f6210 /activesupport/test/fixtures/xml/jdom_include.txt
parent	0053c21019494fc3f5d14a11062e633bdb23bd2f (diff)
parent	e115ace02a88290d2fc707b4979f23728c300950 (diff)
download	rails-2392535f4085d88186097e3c23414e958fb1d16d.tar.gz rails-2392535f4085d88186097e3c23414e958fb1d16d.tar.bz2 rails-2392535f4085d88186097e3c23414e958fb1d16d.zip