| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Conflicts:
actionpack/lib/action_dispatch/middleware/static.rb
make sure that unreadable files are also not leaked
CVE-2014-7829
|
|\
| |
| |
| |
| |
| | |
* 3.2.20:
bumping version to 3.2.20
FileHandler should not be called for files outside the root
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
FileHandler#matches? should return false for files that are outside the
"root" path.
Conflicts:
actionpack/lib/action_dispatch/middleware/static.rb
Conflicts:
actionpack/lib/action_dispatch/middleware/static.rb
actionpack/test/dispatch/static_test.rb
|
|/
|
|
|
|
| |
Fixed broken test.
Thanks Stephen Richards for reporting.
|
|\
| |
| |
| |
| | |
Conflicts:
actionpack/CHANGELOG.md
|
| | |
|
| |
| |
| |
| |
| |
| | |
This will avoid directory traversal in implicit render.
Fixes: CVE-2014-0130
|
|\|
| |
| |
| |
| | |
Conflicts:
actionpack/CHANGELOG.md
|
| |
| |
| |
| |
| |
| |
| |
| | |
Before we were calling to_sym in the mime type, even when it is unknown
what can cause denial of service since symbols are not removed by the
garbage collector.
Fixes: CVE-2014-0082
|
| |
| |
| |
| |
| |
| |
| | |
Previously the values of these options were trusted leading to
potential XSS vulnerabilities.
Fixes: CVE-2014-0081
|
| |
| |
| |
| |
| |
| |
| | |
Escalate missing error when :raise is true in translate helper, fix regression introduced by security fix.
Conflicts:
actionpack/CHANGELOG.md
|
| |
| |
| |
| |
| |
| | |
Now users have to explicit mark the unit as safe if they trust it.
Closes #13161
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
| |
The previous implementation of this functionality could be accidentally
subverted by instantiating a raw Rack::Request before the first Rails::Request
was constructed.
Fixes CVE-2013-6417
Conflicts:
actionpack/lib/action_dispatch/http/request.rb
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
i18n doesn't depend on active support which means it can't use our html_safe
code to do its escaping when generating the spans. Rather than try to sanitize
the output from i18n, just revert to our old behaviour of rescuing the error
and constructing the tag ourselves.
Fixes: CVE-2013-4491
Conflicts:
actionpack/lib/action_view/helpers/translation_helper.rb
Backport: 50afd8eec9d088ad5a2d41f00a05520d5b78a6a0
|
|
|
|
|
|
| |
Fixes CVE-2013-6415
Previously the values were trusted blindly allowing for potential XSS attacks.
|
|
|
|
| |
constraints have access
|
| |
|
|
|
|
|
|
| |
Issue: when `assert_redirected_to` fails due to the response redirect not
matching the expected redirect the user-supplied message (second parameter)
is not shown. This message is only shown if the response is not a redirect.
|
|
|
|
| |
This test file is not be running from a long time
This test is already covered in controller/caching_test.rb
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Merge `:action` from routing scope and assign endpoint if both `:controller`
and `:action` are present. The endpoint assignment only occurs if there is
no `:to` present in the options hash so should only affect routes using the
shorthand syntax (i.e. endpoint is inferred from the the path).
Fixes #9856
Backport of 37b4276
|
|
|
|
| |
Always escape the result of link_to_unless method
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before:
image_tag("HTTP://google.com")
# => "<img alt=\"Google\" src=\"/assets/HTTP://google.com\" />"
image_tag("http://google.com")
# => "<img alt=\"Google\" src=\"http://google.com\" />"
After:
image_tag("HTTP://google.com")
# => "<img alt=\"Google\" src=\"HTTP://google.com\" />"
image_tag("http://google.com")
# => "<img alt=\"Google\" src=\"http://google.com\" />"
Backport of #10969
|
|
|
|
| |
In those version to_date call Fixnum#/, what will cause a failure
|
| |
|
|
|
|
|
|
|
|
| |
If a file field tag is passed the multiple option, it is turned into an
array field (appending "[]"), but if the file field is passed an
explicit name as an option, leave the name alone (do not append "[]").
Fixes #9830
|
|
|
|
| |
Introduced in 2c22376fe04b89e8f34620139720b85a85ce3428
|
|
|
|
| |
Introduced in 2c22376fe04b89e8f34620139720b85a85ce3428
|
|
|
|
| |
and PartialRenderer
|
|
|
|
|
|
| |
df36c5f - Fix assert_template assertion with :layout option
4bd05a7 - Fix assert_template :layout => nil assertion
0d19a08 - Improve assert_template layout checking
|
|
|
|
| |
Pathname doesn't respond to to_path
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 3-2-stable:
Merge pull request #9802 from newsline/fix-broken-action-missing
Remove bad changelog entry from AR [ci skip]
Wrong exception is occured when raising no translatable exception
Don't crash exception translation w/ nil result attribute.
Conflicts:
actionpack/CHANGELOG.md
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix missing action_missing
Conflicts:
actionpack/CHANGELOG.md
Conflicts:
actionpack/test/controller/base_test.rb
Fixes #9799
|
|/
|
|
|
| |
The PR #8756 uses Sprockets for resolving files that already exists on disk, for those files their extensions don't need to be rewritten.
Fixes #9803
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 3-2-13:
bumping to 3.2.13
fix protocol checking in sanitization [CVE-2013-1857]
JDOM XXE Protection [CVE-2013-1856]
fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855]
stop calling to_sym when building arel nodes [CVE-2013-1854]
Merge pull request #9616 from exviva/multiple_select_name_double_square_brackets
bumping to rc2
Revert "Merge pull request #8209 from senny/backport_8176"
Freeze columns only once per Result
Preparing for 3.2.13.rc1 release
Update CHANGELOGs for 3.2.13 release.
Conflicts:
actionmailer/CHANGELOG.md
actionpack/CHANGELOG.md
activemodel/CHANGELOG.md
activeresource/CHANGELOG.md
activesupport/CHANGELOG.md
railties/CHANGELOG.md
|
| |
| |
| |
| |
| | |
Conflicts:
actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix incorrectly appended square brackets to a multiple select box
Before:
select(:category, [], {}, {:multiple => true, :name => "post[category][]"})
# => <select name="post[category][][]" ...>
After:
select(:category, [], {}, {:multiple => true, :name => "post[category][]"})
# => <select name="post[category][]" ...>
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_view/helpers/tags/base.rb
actionpack/test/template/form_options_helper_test.rb
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix incorrectly appended square brackets to a multiple select box
Before:
select(:category, [], {}, {:multiple => true, :name => "post[category][]"})
# => <select name="post[category][][]" ...>
After:
select(:category, [], {}, {:multiple => true, :name => "post[category][]"})
# => <select name="post[category][]" ...>
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_view/helpers/tags/base.rb
actionpack/test/template/form_options_helper_test.rb
|
|/
|
|
|
| |
Fix ActionDispatch::Request#formats when HTTP_ACCEPT header is an empty
string.
|
|
|
|
| |
few times, so fix up the test to work with however it chooses to escape.
|