| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | fix `number_to_percentage` with `Float::NAN`, `Float::INFINITY`. | Yves Senn | 2014-03-17 | 1 | -0/+3 |
| | | | | | | | | Closes #14405. This is a follow-up to 9e997e9039435617b6a844158f5437e97f6bc107 to restore the documented behavior. | ||||
| * | Escape format, negative_format and units options of number helpers | Rafael Mendonça França | 2014-02-18 | 1 | -0/+39 |
| | | | | | | | | Previously the values of these options were trusted leading to potential XSS vulnerabilities. Fixes: CVE-2014-0081 | ||||
| * | Escape the unit value provided to number_to_currency | Michael Koziarski | 2013-12-02 | 1 | -1/+2 |
| | | | | | | | Previously the unit values were trusted leading to potential XSS vulnerabilities. Fixes: CVE-2013-6415 | ||||
| * | Move template tests from actionpack to actionview | Piotr Sarnacki | 2013-06-20 | 1 | -0/+151 |
 |
index : rails.git | |
| Mirror of official rails repo with custom fixes. | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |