Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Don't ignore non Enumerable values passed to sanitize (closes #5585) | Piotr Sarnacki | 2012-03-27 | 1 | -0/+18 |
| | | | | | | | | | When someone accidentally passes a string to sanitize like: sanitize("<span>foo</span>", :tags => "b") there is no indication that it's the wrong way and span will not be removed. | ||||
* | Refactor button_to helper to use token_tag method | Rafael Mendonça França | 2012-01-19 | 1 | -2/+0 |
| | |||||
* | Handle leading spaces in protocol while sanitizing | Manu | 2012-01-12 | 1 | -1/+8 |
| | |||||
* | Tags with invalid names should also be stripped in order to prevent | Aaron Patterson | 2011-08-16 | 1 | -0/+7 |
| | | | | XSS attacks. Thanks Sascha Depold for the report. | ||||
* | Test for stripping tags from a frozen string. | Joshua Ballanco | 2011-04-14 | 1 | -0/+1 |
| | | | | | | This test will pass under Ruby 1.8 but fail under Ruby 1.9 because of the change in behavior of gsub! w.r.t. frozen strings that do not match the pattern used [ruby-core:23664]. | ||||
* | ActionController::Base.helpers.sanitize ignores case in protocol | Timothy N. Tsvetkov | 2010-12-30 | 1 | -0/+7 |
| | | | | | | [#6044 state:committed] Signed-off-by: Santiago Pastorino <santiago@wyeworks.com> | ||||
* | Deletes trailing whitespaces (over text files only find * -type f -exec sed ↵ | Santiago Pastorino | 2010-08-14 | 1 | -17/+17 |
| | | | | 's/[ \t]*$//' -i {} \;) | ||||
* | Strip_tags never ending attribute should not raise a TypeError [#4870 ↵ | Bruno Michel | 2010-06-28 | 1 | -0/+4 |
| | | | | | | state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
* | deOMGifying Railties, Active Support, and Action Pack | Mikel Lindsaar | 2010-01-31 | 1 | -2/+2 |
| | |||||
* | File extra test folders into controller, dispatch, or template | Joshua Peek | 2009-10-03 | 1 | -0/+273 |