rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix HTML sanitizer allowed_css_properties comment	Alexey Vakhov	2012-04-13	1	-1/+1
\|
*	Don't ignore non Enumerable values passed to sanitize (closes #5585)	Piotr Sarnacki	2012-03-27	1	-0/+11
\| \| \| \| \| \| \| \| \|	When someone accidentally passes a string to sanitize like: sanitize("<span>foo</span>", :tags => "b") there is no indication that it's the wrong way and span will not be removed.
*	Handle leading spaces in protocol while sanitizing	Manu	2012-01-12	1	-1/+1
\|
*	deprecate String#encoding_aware? and remove its usage	Sergey Nartimov	2011-12-24	1	-1/+1
\|
*	HTMl -> HTML: html scanner comment fix	Alexey Vakhov	2011-10-15	1	-1/+1
\|
*	add missing require to html sanitizer	Alexey Vakhov	2011-09-27	1	-0/+1
\|
*	Tags with invalid names should also be stripped in order to prevent	Aaron Patterson	2011-08-16	1	-1/+1
\| \| \| \|	XSS attacks. Thanks Sascha Depold for the report.
*	Remove extra white spaces on ActionPack docs.	Sebastian Martinez	2011-05-23	1	-1/+1
\|
*	Merge pull request #280 from jballanc/frozen-string-strip-tags	José Valim	2011-05-07	1	-1/+1
\|\ \| \| \| \|	Stripping tags from a frozen string
\| *	Fix for stripping tags from frozen strings.	Joshua Ballanco	2011-04-14	1	-1/+1
\| \| \| \| \| \| \| \|	This returns behavior under Ruby 1.9 to match Ruby 1.8.
* \|	document HTML::Selector's :has(string) pseudo class	misfo	2011-04-23	1	-0/+2
\|/
*	ActionController::Base.helpers.sanitize ignores case in protocol	Timothy N. Tsvetkov	2010-12-30	1	-1/+1
\| \| \| \| \| \|	[#6044 state:committed] Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
*	class inheritable attributes is used no more! all internal use of class ↵	Josh Kalderimis	2010-11-20	1	-2/+2
\| \| \| \| \| \|	inheritable has been changed to class_attribute. class inheritable attributes has been deprecated. Signed-off-by: José Valim <jose.valim@gmail.com>
*	Remove more warnings shadowing outer local variable.	Emilio Tagua	2010-09-27	1	-3/+3
\| \| \| \|	Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
*	Remove more warnings shadowing outer local variable.	Emilio Tagua	2010-09-27	1	-3/+3
\|
*	Refactor methods in html node to avoid injects.	Emilio Tagua	2010-09-22	1	-8/+4
\| \| \| \|	Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
*	Use join instead of looping and calling to_s [#5492 state:resolved]	Thiago Pradi	2010-09-01	1	-3/+1
\| \| \| \|	Signed-off-by: José Valim <jose.valim@gmail.com>
*	Deletes trailing whitespaces (over text files only find * -type f -exec sed ↵	Santiago Pastorino	2010-08-14	5	-65/+65
\| \| \| \|	's/[ \t]*$//' -i {} \;)
*	Strip_tags never ending attribute should not raise a TypeError [#4870 ↵	Bruno Michel	2010-06-28	2	-0/+2
\| \| \| \| \| \|	state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
*	regular expressions are usually ASCII-encoded, so force_encoding the content ↵	wycats	2010-06-07	1	-0/+1
\| \| \| \|	of a Node to the encoding of the regular expression is wrong.
*	html-scanner uses Set and class_inheritable_accessor	Jeremy Kemper	2009-05-30	1	-0/+3
\|
*	Ensure WhiteListSanitizer allows dl tag [#2393 state:resolved]	Jeffrey Chupp	2009-05-17	1	-1/+1
\| \| \| \|	Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
*	Ensure assert_select works with XML namespaced attributes [#1547 ↵	Pratik Naik	2009-03-07	1	-1/+1
\| \| \| \|	state:resolved] [Jon Yurek]
*	Fixed the sanitize helper to avoid double escaping already properly escaped ↵	David Heinemeier Hansson	2008-11-06	1	-1/+1
\| \| \| \|	entities [#683 state:committed]
*	Fix incorrect closing CDATA delimiter. Add tests for CDATA nodes.	Jeffrey Hardy	2008-10-23	1	-1/+1
\| \| \| \|	Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
*	Fix that HTML::Node.parse would blow up on unclosed CDATA sections.	Jeffrey Hardy	2008-10-23	1	-1/+8
\| \| \| \| \| \| \| \|	If an unclosed CDATA section is encountered and parsing is strict, an exception will be raised. Otherwise, we consider the remainder of the line to be the section contents. This is consistent with HTML::Tokenizer#scan_tag. Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
*	Merge with docrails.	Pratik Naik	2008-07-16	1	-2/+2
\|
*	Patched HTML::Document#initialize call to Node.parse so that it includes the ↵	Jimmy Baker	2008-06-24	1	-1/+1
\| \| \| \|	strict argument. [#330]
*	Fixed HTML::Tokenizer (used in sanitize helper) didnt handle unclosed CDATA ↵	David Heinemeier Hansson	2008-03-28	1	-1/+1
\| \| \| \| \| \|	tags (closes #10071) [esad, packagethief] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9111 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Fix HTML Sanitizer to allow trailing spaces in CSS style attributes. Closes ↵	Rick Olson	2007-12-23	1	-2/+2
\| \| \| \| \| \|	#10566 [wesley.moxam] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8485 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Removed some of the tags that does not make sense to allow per default in ↵	David Heinemeier Hansson	2007-12-04	1	-2/+2
\| \| \| \| \| \|	the whitelist git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8269 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Refactor sanitizer helpers into HTML classes and make it easy to swap them ↵	Rick Olson	2007-11-26	2	-0/+174
\| \| \| \| \| \|	out with custom implementations. Closes #10129. [rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8213 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Fixed spelling errors (closes #9706) [tarmo/rmm5t]	David Heinemeier Hansson	2007-09-28	1	-1/+1
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7666 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	[html-scanner] Fix parsing of empty tags. Closes #7641. [anthony.bailey]	Michael Koziarski	2007-09-21	1	-0/+3
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7528 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Back out of [7300] -- it screwed up nested XML	David Heinemeier Hansson	2007-08-21	1	-3/+0
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7357 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Ignore processing instructions when parsing html	Michael Koziarski	2007-08-10	1	-0/+3
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7300 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Add much-needed html-scanner tests. Fixed CDATA parsing bug. [Rick]	Rick Olson	2007-02-04	1	-3/+1
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6117 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Use a consistent load path to avoid double requires. Fix some scattered Ruby ↵	Jeremy Kemper	2007-01-28	2	-9/+13
\| \| \| \| \| \|	warnings. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6057 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Nodoc the irrelevant (from 1.2)	David Heinemeier Hansson	2007-01-26	1	-1/+2
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6044 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Fix HTML::Node to output double quotes instead of single quotes. Closes ↵	Rick Olson	2006-12-14	1	-1/+1
\| \| \| \| \| \|	#6845 [mitreandy] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5718 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Fix assert_tag so that :content => "foo" does not match substrings, but only ↵	Jamis Buck	2006-09-10	1	-1/+1
\| \| \| \| \| \|	exact strings. Use :content => /foo/ to match substrings. closes #2799 git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5086 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Added assert_select* for CSS selector-based testing (deprecates assert_tag) ↵	David Heinemeier Hansson	2006-09-03	2	-0/+823
\| \| \| \| \| \|	#5936 [assaf.arkin@gmail.com] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@4929 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Cleanup assert_tag :children counting. Closes #2181.	Jeremy Kemper	2006-09-03	1	-1/+0
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@4915 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	allow -'s in tag names for html scanner when scanning AR xml documents	Rick Olson	2006-04-22	1	-1/+1
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@4251 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Remove insignificant classes from docs	David Heinemeier Hansson	2005-12-08	1	-1/+1
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3249 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Allow assert_tag(:conditions) to match the empty string when a tag has no ↵	Jamis Buck	2005-11-21	2	-2/+8
\| \| \| \| \| \|	children. Closes #2959. [Jamis Buck] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3154 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Update html-scanner to handle CDATA sections better. Closes #2970. [Jamis Buck]	Jamis Buck	2005-11-21	2	-0/+16
\| \| \| \|	git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3153 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	assert_tag uses exact matches for string conditions, instead of partial ↵	Jamis Buck	2005-11-09	1	-1/+1
\| \| \| \| \| \|	matches. Use regex to do partial matches. #2799 git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2952 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Fix conflict with assert_tag and Glue gem (closes #2255) ↵	David Heinemeier Hansson	2005-11-07	1	-2/+2
\| \| \| \| \| \|	[david.felstead@gmail.com] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2905 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
*	Fix the html-scanner to count children correctly, playing nicely with :only, ↵	Jamis Buck	2005-10-18	1	-1/+5
\| \| \| \| \| \|	fixes #2181 [patrick@lenz.sh] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2670 5ecf4fe2-1ee6-0310-87b1-e25e094e27de