kotovalexarian-likes-github
/
heartcombo--simple_form
mirror of https://github.com/heartcombo/simple_form.git
1
0
Fork 0
Code Releases Activity
heartcombo--simple_form/test
History
Rafael Mendonça França 7d0ba39309 Always escape error messages 
Before, if your error message contained HTML tags, they were marked as
safe. Some error messages may contain user input so this would
lead a XSS vulnerability.

Error messages are now always escaped. If users need to mark them
as safe they will need to use the explicit `:error` option:

    f.input :name, error: raw('My <b>error</b>')
 		2014-11-25 18:02:01 -02:00
..
action_view_extensions Merge pull request #1109 from rmm5t/simple_form_for-config-overrides 2014-11-19 14:23:45 -02:00
components Remove all warnings of invalid CSS selector 2014-09-08 17:19:40 -03:00
form_builder Always escape error messages 2014-11-25 18:02:01 -02:00
generators Fix simple form generator test 2014-07-31 19:42:55 +02:00
inputs Generate right for attribute for labels in collection inputs 2014-11-25 18:00:18 -02:00
support Do not remove HTML attributes if components are not present 2014-11-19 19:20:17 -02:00
simple_form_test.rb Warn users if Simple Form is not configured in the application 2014-04-02 18:30:54 -03:00
test_helper.rb Add label to NO_STIP list of rails-dom-assertion 2014-09-08 17:27:12 -03:00