kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
72240 commits 72 branches 493 tags 355 MiB
Commit graph

8 commits

Author SHA1 Message Date
Yoshiyuki Hirano
9740a59aee Fix broken doc layout for action_view [ci skip] 2017-08-27 09:12:19 +09:00
Kir Shatrov
424117281e Use frozen string literal in actionview/ 2017-07-24 11:53:43 +03:00
Matthew Draper
87b3e226d6 Revert "Merge pull request #29540 from kirs/rubocop-frozen-string" 
This reverts commit 3420a14590, reversing
changes made to afb66a5a59.
 2017-07-02 02:15:17 +09:30
Kir Shatrov
cfade1ec7e Enforce frozen string in Rubocop 2017-07-01 02:11:03 +03:00
Andrey Molchanov
525736a407 DRYing duplicate methods 2016-09-16 17:28:58 +03:00
Xavier Noria
66a7cfa910 applies new string literal convention in actionview/lib 
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
 2016-08-06 18:48:35 +02:00
Rafael Mendonça França
33cb47ee48 Use the reference for the mime type to get the format 
Before we were calling to_sym in the mime type, even when it is unknown
what can cause denial of service since symbols are not removed by the
garbage collector.

Fixes: CVE-2014-0082
 2014-02-18 16:12:51 -03:00
Prem Sichanugrist
920f3ba266 Introduce render :html for render HTML string 
This is an option for to HTML content with a content type of
`text/html`. This rendering option calls `ERB::Util.html_escape`
internally to escape unsafe HTML string, so you will have to mark your
string as html safe if you have any HTML tag in it.

Please see #12374 for more detail.
 2014-02-18 12:08:36 -05:00