| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Fix AC::Parameters not being sanitized for query methods. | Guo Xiang Tan | 2015-10-02 | 1 | -2/+3 |
| | | |||||
| * | Check attributes passed to create_with and where | Rafael Mendonça França | 2014-08-18 | 1 | -0/+1 |
| | | | | | | | | | | | | If the request parameters are passed to create_with and where they can be used to do mass assignment when used in combination with Relation#create. Fixes CVE-2014-3514 Conflicts: activerecord/lib/active_record/relation/query_methods.rb | ||||
| * | rm dead code | Aaron Patterson | 2012-11-09 | 1 | -1/+1 |
| | | |||||
| * | change AMo::ForbiddenAttributesProtection#sanitize_for_mass_assignment to ↵ | Francesco Rodriguez | 2012-09-20 | 1 | -7/+8 |
| | | | | | protected | ||||
| * | update AMo::ForbiddenAttributesError documentation [ci skip] | Francesco Rodriguez | 2012-09-20 | 1 | -0/+12 |
| | | |||||
| * | Rename ForbiddenAttributes exception to ForbiddenAttributesError | Guillermo Iguaran | 2012-09-16 | 1 | -2/+2 |
| | | |||||
| * | Remove MassAssignmentSecurity from ActiveModel | Guillermo Iguaran | 2012-09-16 | 1 | -4/+4 |
| | | | | | This will be moved out to protected_attributes gem | ||||
| * | Integrate ActiveModel::ForbiddenAttributesProtection from StrongParameters gem | Guillermo Iguaran | 2012-09-16 | 1 | -0/+14 |
 |
index : rails.git | |
| Mirror of official rails repo with custom fixes. | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |