kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity
rails--rails/actionpack/test/controller
History
Michael Koziarski 9415935902 Switch to on-by-default XSS escaping for rails. 
This consists of:

  * String#html_safe! a method to mark a string as 'safe'
  * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it
  * Calls to String#html_safe! throughout the rails helpers
  * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB)
  * New ERB implementation based on erubis which uses a SafeBuffer instead of a String

Hat tip to Django for the inspiration.
 		2009-10-08 09:31:20 +13:00
..
controller_fixtures
deprecation Extract ActionController rescue templates into Rescue and ShowExceptions middleware. 2009-05-02 23:02:22 -05:00
new_base Redraw default routes on all internal integration tests. We don't need SimpleRouteCase anymore 2009-10-03 23:18:32 -05:00
request Inherit TestSession from Session::AbstractStore and add indifferent access to Session::AbstractStore. 2009-04-26 14:33:57 -05:00
action_pack_assertions_test.rb Fix isolated running of ActionPackAssertionTest 2009-09-06 21:19:29 -05:00
addresses_render_test.rb Fix isolated running of AddressesTest 2009-09-06 21:42:05 -05:00
assert_select_test.rb Add :redirect to the testable RJS statements [#2612 state:resolved] 2009-08-09 02:00:15 +01:00
base_test.rb Cleanup route reloading in tests. Prefer with_routing over using ActionController::Routing::Routes directly 2009-08-16 21:14:26 -05:00
benchmark_test.rb
caching_test.rb Use with_routing helper in tests instead of modifying global route set 2009-10-03 23:31:38 -05:00
capture_test.rb Cherry-pick core extensions 2009-05-13 12:00:15 -07:00
content_type_test.rb Avoid conflicts with another ContentTypeController used in testing 2009-09-19 12:50:14 -05:00
cookie_test.rb Memoize cookies so that updates to cookies are available in the current request. [#2733 state:resolved] 2009-05-28 09:18:27 -05:00
dispatcher_test.rb Move middleware and route configuration from AC::Dispatcher to Rails application object 2009-09-26 21:59:28 -05:00
filter_params_test.rb Fix filtering parameters when there are Fixnum or other un-dupable values. 2009-09-10 18:53:50 -07:00
filters_test.rb Cleaning up more tests and code that needed to work in both old and new base 2009-06-17 16:51:51 -07:00
flash_test.rb The FlashHash and friends causes a lot of needless session storing, when we know for a fact that there's no content in the flash. By not storing the empty hash in the session we save a lot of communication with the various session backends, while still keeping the same interface to the flash. [#2703 state:resolved] 2009-05-28 09:30:49 -05:00
helper_test.rb Cleaning up more tests and code that needed to work in both old and new base 2009-06-17 16:51:51 -07:00
http_basic_authentication_test.rb Fix HTTP basic authentication for long credentials [#2572 state:resolved] 2009-08-09 01:28:43 +01:00
http_digest_authentication_test.rb Make http digest work with different server/browser combinations 2009-08-09 15:53:52 +01:00
integration_test.rb Add custom "with_routing" to internal tests to fix reseting session after using 2009-10-03 20:45:49 -05:00
layout_test.rb Fixing pending tests and fixed some formats / partial rendering semantics 2009-06-17 12:54:19 -07:00
logging_test.rb Resurrect AC::Benchmarking [#3140 state:resolved] 2009-09-24 12:13:09 -05:00
mime_responds_test.rb Use with_routing helper in tests instead of modifying global route set 2009-10-03 23:31:38 -05:00
output_escaping_test.rb Switch to on-by-default XSS escaping for rails. 2009-10-08 09:31:20 +13:00
record_identifier_test.rb Clean up render @object a bit more. 2009-08-07 00:52:13 -03:00
redirect_test.rb Cleanup route reloading in tests. Prefer with_routing over using ActionController::Routing::Routes directly 2009-08-16 21:14:26 -05:00
render_js_test.rb Namespace TestControllers inside their test case class 2009-09-19 13:04:12 -05:00
render_json_test.rb Namespace TestControllers inside their test case class 2009-09-19 13:04:12 -05:00
render_other_test.rb Namespace TestControllers inside their test case class 2009-09-19 13:04:12 -05:00
render_test.rb Switch to on-by-default XSS escaping for rails. 2009-10-08 09:31:20 +13:00
render_xml_test.rb Namespace TestControllers inside their test case class 2009-09-19 13:04:12 -05:00
request_forgery_protection_test.rb Cleanup route reloading in tests. Prefer with_routing over using ActionController::Routing::Routes directly 2009-08-16 21:14:26 -05:00
rescue_test.rb Add custom "with_routing" to internal tests to fix reseting session after using 2009-10-03 20:45:49 -05:00
resources_test.rb Rewrite resource routing tests that are coupled to the router implementation 2009-09-13 18:43:16 -05:00
routing_test.rb Avoid creating new controller constants during test runtime. All routable controllers should be defined beforehand. 2009-10-03 23:03:08 -05:00
selector_test.rb Add some more tests to the test_new_base_on_old_tests task 2009-05-23 01:46:37 +02:00
send_file_test.rb Update cache_control to be a Hash of options that is used to build the header. 2009-08-02 19:39:33 -04:00
test_test.rb Track all AC base subclasses as possible controllers for internal testing 2009-08-25 23:34:48 -05:00
translation_test.rb
url_rewriter_test.rb Add fake controllers for url rewriter tests 2009-09-06 23:02:55 -05:00
verification_test.rb Use with_routing helper in tests instead of modifying global route set 2009-10-03 23:31:38 -05:00
view_paths_test.rb Fix the */* with Net::HTTP bug [#3100 state:resolved] 2009-09-01 15:54:29 -07:00
webservice_test.rb Add custom "with_routing" to internal tests to fix reseting session after using 2009-10-03 20:45:49 -05:00