Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Complete work on 3.2 for render_data_leak patch. | Arthur Neves | 2016-02-29 | 1 | -3/+2 |
| | | | | | | | | | | | | | | | | | | Render could leak access to external files before this patch. A previous patch(CVE-2016-0752), attempted to fix this. However the tests were miss-placed outside the TestCase subclass, so they were not running. We should allow :file to be outside rails root, but anything else must be inside the rails view directory. The implementation has changed a bit though. Now the patch is more similar with the 4.x series patches. Now `render 'foo/bar'`, will add a special key in the options hash, and not use the :file one, so when we look up that file, we don't set the fallbacks, and only lookup a template, to constraint the folders that can be accessed. CVE-2016-2097 | ||||
* | Remove trailing white-spaces | Guillermo Iguaran | 2011-06-05 | 1 | -1/+1 |
| | |||||
* | [action_view] added custom patterns to template resolver | Chris Kowalik | 2011-03-20 | 1 | -6/+6 |
| | |||||
* | #948 template_inheritance | artemave | 2010-12-26 | 1 | -1/+5 |
| | |||||
* | Resolvers now consider timestamps. | José Valim | 2010-10-10 | 1 | -2/+3 |
| | | | | | | | | | | | Before this patch, every request in development caused the template to be compiled, regardless if it was updated in the filesystem or not. This patch now checks the timestamp and only compiles it again if any change was done. While this probably won't show any difference for current setups, but it will be useful for asset template handlers (like SASS), as compiling their templates is slower than ERb, Haml, etc. | ||||
* | Allow cache to be temporarily disabled through lookup_context. | José Valim | 2010-10-07 | 1 | -3/+5 |
| | |||||
* | Get rid of ruby warnings in Resolvers. Move a few methods up to the abstract ↵ | José Valim | 2010-10-07 | 1 | -2/+2 |
| | | | | class. | ||||
* | Don't shadow outer local variables. | Emilio Tagua | 2010-09-27 | 1 | -4/+4 |
| | |||||
* | Deletes trailing whitespaces (over text files only find * -type f -exec sed ↵ | Santiago Pastorino | 2010-08-14 | 1 | -1/+1 |
| | | | | 's/[ \t]*$//' -i {} \;) | ||||
* | add NullResolver | David Chelimsky | 2010-05-02 | 1 | -0/+8 |
| | | | | | | [#4523 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
* | move FixtureResolver to a file that is accessible outside Rails' own tests | David Chelimsky | 2010-05-02 | 1 | -0/+35 |
[#4522 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> |