Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Explicit html_escape removed when not needed | Santiago Pastorino and José Ignacio Costa | 2010-02-14 | 3 | -4/+4 |
| | | | | Signed-off-by: Yehuda Katz <yehudakatz@YK.local> | ||||
* | html_escape mail_to when encode javascript and not hex | Santiago Pastorino and José Ignacio Costa | 2010-02-14 | 1 | -5/+3 |
| | | | | Signed-off-by: Yehuda Katz <yehudakatz@YK.local> | ||||
* | content_tag should escape its input | Bruno Michel | 2010-02-14 | 10 | -24/+25 |
| | | | | Signed-off-by: Yehuda Katz <yehudakatz@YK.local> | ||||
* | simple_format returns a safe buffer escaping unsafe input [Santiago Pastorino] | David Heinemeier Hansson | 2010-02-12 | 2 | -1/+13 |
| | |||||
* | Safely concat the ending tag to simple_format or it will be escaped | David Heinemeier Hansson | 2010-02-12 | 1 | -1/+1 |
| | |||||
* | Revert to rack-mount 0.4.7 | Jeremy Kemper | 2010-02-12 | 1 | -1/+1 |
| | |||||
* | Wups, rack-mount 0.5.0 | Jeremy Kemper | 2010-02-11 | 1 | -1/+1 |
| | |||||
* | Bump rack-mount dep to 0.5.3 | Jeremy Kemper | 2010-02-11 | 1 | -1/+1 |
| | |||||
* | Its not a deprecation if you actually just ignore the call | David Heinemeier Hansson | 2010-02-09 | 1 | -0/+2 |
| | |||||
* | Adding ruby version spec to all gemspec files to at least 1.8.7 | Mikel Lindsaar | 2010-02-08 | 1 | -0/+1 |
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
* | Fix pluralization for numbers formatted like '1.00' | Gabriel Mansour | 2010-02-07 | 2 | -1/+3 |
| | | | | Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> | ||||
* | Fix nested attributes with specified collection. | José Valim | 2010-02-07 | 2 | -7/+33 |
| | |||||
* | Fix tiny version number from '3.0.0beta' to '3.0.0.beta1', so 'rake install' ↵ | Prem Sichanugrist | 2010-02-06 | 1 | -1/+1 |
| | | | | | | will be run correctly [#3879 status:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
* | Add a test which ensures namespaced roots. | José Valim | 2010-02-06 | 1 | -0/+10 |
| | |||||
* | Routes should not swallow all NameErrors [#3862 status:resolved]. | José Valim | 2010-02-06 | 1 | -1/+2 |
| | |||||
* | Updates subscriber test for new output | Yehuda Katz | 2010-02-05 | 1 | -1/+1 |
| | |||||
* | Lookup the status code and rework the Completed line a bit | David Heinemeier Hansson | 2010-02-05 | 1 | -2/+1 |
| | |||||
* | More html_safe strings now use the safe_concat method | Santiago Pastorino and José Ignacio Costa | 2010-02-05 | 5 | -7/+7 |
| | | | | | | [#3856 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> | ||||
* | Make UrlWriter includable in a Module | Jeremy Kemper | 2010-02-05 | 1 | -1/+9 |
| | |||||
* | Bump git versions to 3.0.0.beta1 since we've released | Jeremy Kemper | 2010-02-05 | 1 | -3/+3 |
| | |||||
* | Submarine the rake-gemcutter dep in Rakefiles | Jeremy Kemper | 2010-02-05 | 1 | -4/+5 |
| | |||||
* | Fix task defines | Jeremy Kemper | 2010-02-04 | 1 | -1/+1 |
| | |||||
* | Release using gemcutter gem:push tasks | Jeremy Kemper | 2010-02-04 | 1 | -0/+6 |
| | |||||
* | Test that csrf meta content is html-escaped, too | Jeremy Kemper | 2010-02-04 | 1 | -1/+2 |
| | |||||
* | Revert dumb test | Jeremy Kemper | 2010-02-04 | 1 | -2/+2 |
| | |||||
* | HTML-escape csrf meta contents | Jeremy Kemper | 2010-02-04 | 2 | -3/+3 |
| | |||||
* | Expose CSRF param name also | Jeremy Kemper | 2010-02-04 | 2 | -2/+2 |
| | |||||
* | Expose CSRF tag for UJS adapters | Jeremy Kemper | 2010-02-04 | 3 | -1/+29 |
| | |||||
* | Rationalize railtie dependencies: AC uses AV; AR uses AMo; and Rails always ↵ | Jeremy Kemper | 2010-02-04 | 1 | -0/+1 |
| | | | | uses AS. | ||||
* | Homogenize gemspecs and remove the deprecated autorequire | David Heinemeier Hansson | 2010-02-03 | 1 | -14/+13 |
| | |||||
* | Move to 3.0.0.beta | David Heinemeier Hansson | 2010-02-03 | 2 | -4/+4 |
| | |||||
* | Add method and path to AC notifications. | José Valim | 2010-02-03 | 1 | -1/+3 |
| | |||||
* | Routing Mapper with % interpolation on Ruby 1.9.1 fixed [#3837 status:resolved] | Santiago Pastorino and José Ignacio Costa | 2010-02-02 | 1 | -2/+1 |
| | | | | Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
* | Configuration values should be on AV::Base. | José Valim | 2010-02-02 | 2 | -20/+7 |
| | |||||
* | Modify the behavior of `radio_button_tag` to use `sanitize_to_id` for ↵ | Prem Sichanugrist | 2010-02-02 | 2 | -3/+5 |
| | | | | | | consistency [#1792 status:resolved] Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
* | Make rdoc match current API | Sam Ruby | 2010-02-02 | 1 | -105/+47 |
| | | | | Signed-off-by: Mikel Lindsaar <raasdnil@gmail.com> | ||||
* | Resolve view paths correctly on CygWin | Sam Ruby | 2010-02-02 | 1 | -1/+1 |
| | | | | Signed-off-by: Mikel Lindsaar <raasdnil@gmail.com> | ||||
* | Merge branch 'master' of git://github.com/rails/rails | Mikel Lindsaar | 2010-02-02 | 46 | -266/+193 |
|\ | |||||
| * | Merge branch 'master' of gitproxy:rails/rails | José Valim | 2010-02-01 | 14 | -42/+74 |
| |\ | |||||
| | * | Convert to class_attribute | Jeremy Kemper | 2010-02-01 | 14 | -42/+74 |
| | | | |||||
| * | | Deprecate AC configuration values which were moved to Rack. | José Valim | 2010-02-01 | 1 | -6/+22 |
| |/ | |||||
| * | Add support for compile-time <%= raw %> | Yehuda Katz | 2010-01-31 | 2 | -23/+39 |
| | | |||||
| * | Deleted all references to ActionView::SafeBuffer in favor of ↵ | Santiago Pastorino | 2010-01-31 | 4 | -45/+2 |
| | | | | | | | | | | | | ActiveSupport::SafeBuffer Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local> | ||||
| * | action_view/safe_buffer is no longer valid | Santiago Pastorino | 2010-01-31 | 1 | -1/+0 |
| | | | | | | | | Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local> | ||||
| * | action_view is requiring the deleted action_view/erb/util.rb file | Santiago Pastorino | 2010-01-31 | 1 | -1/+0 |
| | | | | | | | | Signed-off-by: Yehuda Katz <wycats@Yehuda-Katz.local> | ||||
| * | For performance reasons, you can no longer call html_safe! on Strings. ↵ | Yehuda Katz | 2010-01-31 | 28 | -141/+58 |
| | | | | | | | | | | | | | | | | | | | | | | | | Instead, all Strings are always not html_safe?. Instead, you can get a SafeBuffer from a String by calling #html_safe, which will SafeBuffer.new(self). * Additionally, instead of doing concat("</form>".html_safe), you can do safe_concat("</form>"), which will skip both the flag set, and the flag check. * For the first pass, I converted virtually all #html_safe!s to #html_safe, and the tests pass. A further optimization would be to try to use #safe_concat as much as possible, reducing the performance impact if we know up front that a String is safe. | ||||
| * | Get rails tests running on bundler 0.9 | Carl Lerche | 2010-01-31 | 1 | -10/+1 |
| | | |||||
* | | Updating copyright dates on all licenses | Mikel Lindsaar | 2010-02-01 | 4 | -4/+4 |
|/ | |||||
* | UJS documentation. | Stefan Penner | 2010-01-31 | 3 | -33/+78 |
| | |||||
* | data-remote needs to be on the form and not the submit when using button_to ↵ | Erik St. Martin | 2010-01-31 | 2 | -1/+10 |
| | | | | :remote=>true |