Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Revert "Merge pull request #29540 from kirs/rubocop-frozen-string" | Matthew Draper | 2017-07-02 | 1 | -1/+0 |
| | | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa. | ||||
* | Enforce frozen string in Rubocop | Kir Shatrov | 2017-07-01 | 1 | -0/+1 |
| | |||||
* | Privatize unneededly protected methods in Active Model | Akira Matsuda | 2016-12-24 | 1 | -1/+1 |
| | |||||
* | Fix AC::Parameters not being sanitized for query methods. | Guo Xiang Tan | 2015-10-02 | 1 | -2/+3 |
| | |||||
* | Check attributes passed to create_with and where | Rafael Mendonça França | 2014-08-18 | 1 | -0/+1 |
| | | | | | | | | | | | If the request parameters are passed to create_with and where they can be used to do mass assignment when used in combination with Relation#create. Fixes CVE-2014-3514 Conflicts: activerecord/lib/active_record/relation/query_methods.rb | ||||
* | rm dead code | Aaron Patterson | 2012-11-09 | 1 | -1/+1 |
| | |||||
* | change AMo::ForbiddenAttributesProtection#sanitize_for_mass_assignment to ↵ | Francesco Rodriguez | 2012-09-20 | 1 | -7/+8 |
| | | | | protected | ||||
* | update AMo::ForbiddenAttributesError documentation [ci skip] | Francesco Rodriguez | 2012-09-20 | 1 | -0/+12 |
| | |||||
* | Rename ForbiddenAttributes exception to ForbiddenAttributesError | Guillermo Iguaran | 2012-09-16 | 1 | -2/+2 |
| | |||||
* | Remove MassAssignmentSecurity from ActiveModel | Guillermo Iguaran | 2012-09-16 | 1 | -4/+4 |
| | | | | This will be moved out to protected_attributes gem | ||||
* | Integrate ActiveModel::ForbiddenAttributesProtection from StrongParameters gem | Guillermo Iguaran | 2012-09-16 | 1 | -0/+14 |