From f86421fb282ff2d209914db736ca64380dab044d Mon Sep 17 00:00:00 2001
From: Bruno Michel <bmichel@menfin.info>
Date: Sat, 13 Feb 2010 19:53:26 -0200
Subject: content_tag should escape its input

Signed-off-by: Yehuda Katz <yehudakatz@YK.local>
---
 actionpack/lib/action_view/helpers/active_model_helper.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'actionpack/lib/action_view/helpers/active_model_helper.rb')

diff --git a/actionpack/lib/action_view/helpers/active_model_helper.rb b/actionpack/lib/action_view/helpers/active_model_helper.rb
index e106bb0897..c87e216c32 100644
--- a/actionpack/lib/action_view/helpers/active_model_helper.rb
+++ b/actionpack/lib/action_view/helpers/active_model_helper.rb
@@ -127,7 +127,7 @@ module ActionView
         if (obj = (object.respond_to?(:errors) ? object : instance_variable_get("@#{object}"))) &&
           (errors = obj.errors[method])
           content_tag("div",
-            "#{options[:prepend_text]}#{ERB::Util.html_escape(errors.first)}#{options[:append_text]}",
+            "#{options[:prepend_text]}#{ERB::Util.html_escape(errors.first)}#{options[:append_text]}".html_safe,
             :class => options[:css_class]
           )
         else
@@ -228,14 +228,14 @@ module ActionView
               object.errors.full_messages.map do |msg|
                 content_tag(:li, ERB::Util.html_escape(msg))
               end
-            end.join
+            end.join.html_safe
 
             contents = ''
             contents << content_tag(options[:header_tag] || :h2, header_message) unless header_message.blank?
             contents << content_tag(:p, message) unless message.blank?
             contents << content_tag(:ul, error_messages)
 
-            content_tag(:div, contents, html)
+            content_tag(:div, contents.html_safe, html)
           end
         else
           ''
-- 
cgit v1.2.3


From 98a5bf8ff219f796e6db2d8d8b21dd114be47965 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Pastorino=20and=20Jos=C3=A9=20Ignacio=20Costa?=
 <santiago+jose@wyeworks.com>
Date: Sun, 14 Feb 2010 01:46:02 -0200
Subject: Explicit html_escape removed when not needed

Signed-off-by: Yehuda Katz <yehudakatz@YK.local>
---
 actionpack/lib/action_view/helpers/active_model_helper.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'actionpack/lib/action_view/helpers/active_model_helper.rb')

diff --git a/actionpack/lib/action_view/helpers/active_model_helper.rb b/actionpack/lib/action_view/helpers/active_model_helper.rb
index c87e216c32..2f309fcca0 100644
--- a/actionpack/lib/action_view/helpers/active_model_helper.rb
+++ b/actionpack/lib/action_view/helpers/active_model_helper.rb
@@ -127,7 +127,7 @@ module ActionView
         if (obj = (object.respond_to?(:errors) ? object : instance_variable_get("@#{object}"))) &&
           (errors = obj.errors[method])
           content_tag("div",
-            "#{options[:prepend_text]}#{ERB::Util.html_escape(errors.first)}#{options[:append_text]}".html_safe,
+            (options[:prepend_text].html_safe << errors.first).safe_concat(options[:append_text]),
             :class => options[:css_class]
           )
         else
@@ -226,7 +226,7 @@ module ActionView
 
             error_messages = objects.sum do |object|
               object.errors.full_messages.map do |msg|
-                content_tag(:li, ERB::Util.html_escape(msg))
+                content_tag(:li, msg)
               end
             end.join.html_safe
 
-- 
cgit v1.2.3


From 250c8092461f5e6bf62751b313f6605a37fd1b2b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Valim?= <jose.valim@gmail.com>
Date: Sun, 21 Feb 2010 11:09:21 +0100
Subject: Require persisted? in ActiveModel::Lint and remove new_record? and
 destroyed? methods. ActionPack does not care if the resource is new or if it
 was destroyed, it cares only if it's persisted somewhere or not.

---
 actionpack/lib/action_view/helpers/active_model_helper.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'actionpack/lib/action_view/helpers/active_model_helper.rb')

diff --git a/actionpack/lib/action_view/helpers/active_model_helper.rb b/actionpack/lib/action_view/helpers/active_model_helper.rb
index 2f309fcca0..ed83b8a8b2 100644
--- a/actionpack/lib/action_view/helpers/active_model_helper.rb
+++ b/actionpack/lib/action_view/helpers/active_model_helper.rb
@@ -80,13 +80,13 @@ module ActionView
         record = convert_to_model(record)
 
         options = options.symbolize_keys
-        options[:action] ||= record.new_record? ? "create" : "update"
+        options[:action] ||= record.persisted? ? "update" : "create"
         action = url_for(:action => options[:action], :id => record)
 
         submit_value = options[:submit_value] || options[:action].gsub(/[^\w]/, '').capitalize
 
         contents = form_tag({:action => action}, :method =>(options[:method] || 'post'), :enctype => options[:multipart] ? 'multipart/form-data': nil)
-        contents.safe_concat hidden_field(record_name, :id) unless record.new_record?
+        contents.safe_concat hidden_field(record_name, :id) if record.persisted?
         contents.safe_concat all_input_tags(record, record_name, options)
         yield contents if block_given?
         contents.safe_concat submit_tag(submit_value)
-- 
cgit v1.2.3


From 39d6f9e112f2320d8c2006ee3bcc160cfa761d0a Mon Sep 17 00:00:00 2001
From: wycats <wycats@gmail.com>
Date: Sun, 7 Mar 2010 06:24:30 -0800
Subject: Make many parts of Rails lazy. In order to facilitate this, add
 lazy_load_hooks.rb, which allows us to declare code that should be run at
 some later time. For instance, this allows us to defer requiring
 ActiveRecord::Base at boot time purely to apply configuration. Instead, we
 register a hook that should apply configuration once ActiveRecord::Base is
 loaded.

With these changes, brings down total boot time of a
new app to 300ms in production and 400ms in dev.

TODO: rename base_hook
---
 actionpack/lib/action_view/helpers/active_model_helper.rb | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'actionpack/lib/action_view/helpers/active_model_helper.rb')

diff --git a/actionpack/lib/action_view/helpers/active_model_helper.rb b/actionpack/lib/action_view/helpers/active_model_helper.rb
index ed83b8a8b2..4e12cdab54 100644
--- a/actionpack/lib/action_view/helpers/active_model_helper.rb
+++ b/actionpack/lib/action_view/helpers/active_model_helper.rb
@@ -5,9 +5,11 @@ require 'active_support/core_ext/enumerable'
 require 'active_support/core_ext/kernel/reporting'
 
 module ActionView
-  class Base
-    @@field_error_proc = Proc.new{ |html_tag, instance| "<div class=\"fieldWithErrors\">#{html_tag}</div>".html_safe }
-    cattr_accessor :field_error_proc
+  ActionView.base_hook do
+    class ActionView::Base
+      @@field_error_proc = Proc.new{ |html_tag, instance| "<div class=\"fieldWithErrors\">#{html_tag}</div>".html_safe }
+      cattr_accessor :field_error_proc
+    end
   end
 
   module Helpers
-- 
cgit v1.2.3