mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
b9e142af52
Since we are dealing with untrusted user input, we should not be using JSON.load. According to the docs[1]: BEWARE: This method is meant to serialise data from trusted user input, like from your own database server or clients under your control, it could be dangerous to allow untrusted users to pass JSON sources into it. The default options for the parser can be changed via the ::load_default_options method. [1] http://www.ruby-doc.org/stdlib-2.0/libdoc/json/rdoc/JSON.html#method-i-load |
||
|---|---|---|
| .. | ||
| bin | ||
| lib | ||
| test | ||
| activesupport.gemspec | ||
| CHANGELOG.md | ||
| MIT-LICENSE | ||
| Rakefile | ||
| README.rdoc | ||
= Active Support -- Utility classes and Ruby extensions from Rails Active Support is a collection of utility classes and standard library extensions that were found useful for the Rails framework. These additions reside in this package so they can be loaded as needed in Ruby projects outside of Rails. == Download and installation The latest version of Active Support can be installed with RubyGems: % [sudo] gem install activesupport Source code can be downloaded as part of the Rails project on GitHub: * https://github.com/rails/rails/tree/master/activesupport == License Active Support is released under the MIT license: * http://www.opensource.org/licenses/MIT == Support API documentation is at: * http://api.rubyonrails.org Bug reports and feature requests can be filed with the rest for the Ruby on Rails project here: * https://github.com/rails/rails/issues