kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity
rails--rails/actionview
History
Alvaro Martin Fraguas 649516ce0f
Fix and add protections for XSS in names. 
Add the method ERB::Util.xml_name_escape to escape dangerous characters
in names of tags and names of attributes, following the specification of
XML.

Use that method in the tag helpers of ActionView::Helpers. Rename the option
:escape_attributes to :escape, to simplify by applying the option to the whole
tag.
 		2022-04-26 12:34:42 -07:00
..
app/assets/javascripts Bump license years to 2022 [ci-skip] 2022-01-01 15:22:15 +09:00
bin
lib Fix and add protections for XSS in names. 2022-04-26 12:34:42 -07:00
test Fix and add protections for XSS in names. 2022-04-26 12:34:42 -07:00
.gitignore
CHANGELOG.md Fix and add protections for XSS in names. 2022-04-26 12:34:42 -07:00
MIT-LICENSE Bump license years to 2022 [ci-skip] 2022-01-01 15:22:15 +09:00
README.rdoc Rename master to main in all code references 2021-01-19 20:46:33 +00:00
RUNNING_UJS_TESTS.rdoc
RUNNING_UNIT_TESTS.rdoc
Rakefile Load framework test files in deterministic order 2019-12-16 16:55:06 +00:00
actionview.gemspec Fix gemspec 2021-11-15 21:06:21 +00:00
blade.yml
coffeelint.json
package.json Start Rails 7.1 development 2021-12-07 15:52:30 +00:00

README.rdoc 

= Action View

Action View is a framework for handling view template lookup and rendering, and provides
view helpers that assist when building HTML forms, Atom feeds and more.
Template formats that Action View handles are ERB (embedded Ruby, typically
used to inline short Ruby snippets inside HTML), and XML Builder.

You can read more about Action View in the {Action View Overview}[https://edgeguides.rubyonrails.org/action_view_overview.html] guide.

== Download and installation

The latest version of Action View can be installed with RubyGems:

  $ gem install actionview

Source code can be downloaded as part of the Rails project on GitHub:

* https://github.com/rails/rails/tree/main/actionview


== License

Action View is released under the MIT license:

* https://opensource.org/licenses/MIT


== Support

API documentation is at

* https://api.rubyonrails.org

Bug reports for the Ruby on Rails project can be filed here:

* https://github.com/rails/rails/issues

Feature requests should be discussed on the rails-core mailing list here:

* https://discuss.rubyonrails.org/c/rubyonrails-core