| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This reads a lot better, and we won't need to try start_with? for blank
delimiters.
Also rename method name to read better.
|
| |
|
|
|
| |
The conversion without area code already changed the passed number in
place, so change the other method to do the same.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
number
|
| | |
|
| |
|
|
| |
skip]
|
| |\
| |
| | |
Improve formatting of ActiveRecord migration exception messages
|
| | | |
|
| |\ \
| | |
| | | |
Fix offset with last.
|
| | |/
| |
| |
| | |
Closes #7441
|
| | |
| |
| |
| |
| | |
We are generating safe strings in the paragraph, so we can escape the
tags
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| | |
* master-sec:
Deep Munge the parameters for GET and POST
Stop using i18n's built in HTML error handling.
Ensure simple_format escapes its html attributes
Escape the unit value provided to number_to_currency
Only use valid mime type symbols as cache keys
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The previous implementation of this functionality could be accidentally
subverted by instantiating a raw Rack::Request before the first Rails::Request
was constructed.
Fixes CVE-2013-6417
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
i18n doesn't depend on active support which means it can't use our html_safe
code to do its escaping when generating the spans. Rather than try to sanitize
the output from i18n, just revert to our old behaviour of rescuing the error
and constructing the tag ourselves.
Fixes: CVE-2013-4491
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The previous behavior equated the sanitize option for simple_format with the
escape option of content_tag, however these are two distinct concepts.
This fixes CVE-2013-6416
Conflicts:
actionview/lib/action_view/helpers/text_helper.rb
|
| | |
| |
| |
| |
| |
| | |
Previously the unit values were trusted leading to potential XSS vulnerabilities.
Fixes: CVE-2013-6415
|
| | |
| |
| |
| | |
CVE-2013-6414
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Closes #13146.
This fixes an error when using:
```
change_colum :table, :column, :bigint, array: true
```
|
| | | |
|
| |\ \
| | |
| | | |
Added Date#all_week/month/quarter/year for generating date ranges
|
| |/ / |
|
| |\ \
| | |
| | | |
Add support for localized date references
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Ruby's Date class automatically gives us #yesterday, #today,
and #tomorrow. And ActiveSupport has a handy Time.zone.today
for getting a localized version. But there was no localized
version of #yesterday or #tomorrow. Until now.
|
| | | | |
|
| |\ \ \
| |/ /
|/| | |
fix email regex example code [ci skip]
|
| | | |
| | |
| | |
| | | |
different from the regex in EmailValidator
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
joker1007/fix_active_record_callbacks_document_bug
Fix ActiveRecord::Callbacks sample code [ci skip]
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Callback caller class uses `after_initialize`,
but Callback callee defines `after_find`.
Current sample code causes following error.
NoMethodError: undefined method `after_initialize' for #<EncryptionWrapper:0x007fe4931fa5c0>
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Fix QueryCache to work with nested blocks
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
already have cache true.
This commit takes into account the last cache_enabled value, before clearing query_cache.
|
| |\ \ \
| | | |
| | | | |
Introduce a context for rendering fixtures ERB.
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixture files are passed through an ERB renderer before being read as
YAML. The rendering is currently done in the context of the main object,
so method definitons leak into other fixtures, and there is no clean
place to define fixture helpers.
After this commit, the ERB renderer will use a new subclass of
ActiveRecord::FixtureSet.context_class each time a fixture is rendered.
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Conflicts:
actionpack/CHANGELOG.md
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This PR fixes #13064 regression bug introduced by the #8085
Now in _process_format when the format is a Mime::NullType nothing is written in self.content_type.
In this way the method Response#assign_default_content_type_and_charset can
write the the default mime_type.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
keys. Also, show the wrong value as it was entered.
{ :failore => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: failore
{ 'failore' => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: failore
{ 'failore' => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: "failore". Valid keys are: :failure, :funny
{ :failore => "stuff", :funny => "business" }.assert_valid_keys([ :failure, :funny ])
=> ArgumentError: Unknown key: :failore. Valid keys are: :failure, :funny
Conflicts:
activerecord/CHANGELOG.md
Closes #11624.
|
| |\ \ \
| | | |
| | | | |
CHANGELOG for JSON refactor + added back the `encode_big_decimal_as_string` option with warning
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Also added the missing CHANGELOG entry for #12183 @ 80e7552073 and
4d02296cfb.
|
| | |_|/
|/| |
| | |
| | |
| | | |
Use the already existing strings instead of creating a new one each time
just to test if it responds to the methods.
|
| |\ \ \ |
|
| | |\ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
Add regression test for IpSpoofAttackError issue
Closes #10780
|
