rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Move safe buffer into test/template	Joshua Peek	2009-10-10	1	-41/+0
\|
*	Switch to on-by-default XSS escaping for rails.	Michael Koziarski	2009-10-08	1	-0/+41
\| \| \| \| \| \| \| \| \| \| \| \|	This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration.
*	File extra test folders into controller, dispatch, or template	Joshua Peek	2009-10-03	1	-172/+0
\|
*	Add custom "with_routing" to internal tests to fix reseting session after using	Joshua Peek	2009-10-03	1	-0/+1
\| \| \| \|	with_routing. This only affects our internal AP tests.
*	Ported the new ActionView::TestCase from 2-3-stable to master [#3260	Erik Ostrom	2009-09-28	1	-4/+167
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	state:resolved] The test case now mimicks the template environment more closely, so it's possible to use render, load helper dependencies. This also fixes assert_select, and similar assertions. Because view tests and helpers generally don't render full templates assert_select looks first in rendered and then in output_buffer to find the rendered output. Additional `master'-only changes: Made the Action Pack Rakefile run the ActionView::TestCase tests, and made ActionView::Rendering#_render_text always return a string. Signed-off-by: Joshua Peek <josh@joshpeek.com>
*	Fixed ActionView::TestCase current url context [#1561 state:resolved]	Dan Pickett	2008-12-15	1	-0/+8
	Signed-off-by: Joshua Peek <josh@joshpeek.com>