rails.git - Mirror of official rails repo with custom fixes.

diff options

author	Santiago Pastorino <santiago@wyeworks.com>	2012-07-31 22:25:54 -0300
committer	Santiago Pastorino <santiago@wyeworks.com>	2012-08-02 17:14:30 -0300
commit	28f2c6f4037081da0a82104a3f473165ed4ed2ce (patch)
tree	a511eac32c29cf7f9612b6691ac15ac558c5bd77 /activesupport/test/json
parent	9c1b1bd42ce00d43b7894daaf096eff9ee55aef1 (diff)
download	rails-28f2c6f4037081da0a82104a3f473165ed4ed2ce.tar.gz rails-28f2c6f4037081da0a82104a3f473165ed4ed2ce.tar.bz2 rails-28f2c6f4037081da0a82104a3f473165ed4ed2ce.zip

html_escape should escape single quotes

https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215 Conflicts: actionpack/test/template/erb_util_test.rb actionpack/test/template/form_tag_helper_test.rb actionpack/test/template/text_helper_test.rb actionpack/test/template/url_helper_test.rb activesupport/lib/active_support/core_ext/string/output_safety.rb

Diffstat (limited to 'activesupport/test/json')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: