- 04 3月, 2011 1 次提交
-
-
由 R.T. Lechow 提交于
-
- 23 2月, 2011 2 次提交
-
-
由 Prem Sichanugrist 提交于
Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
由 Michael Koziarski 提交于
-
- 18 2月, 2011 1 次提交
-
-
由 Nicholas Rowe 提交于
-
- 16 2月, 2011 1 次提交
-
-
由 Steve Schwartz 提交于
-
- 14 2月, 2011 5 次提交
-
-
由 Andrew White 提交于
[#6389 state:resolved]
-
由 Andrew White 提交于
[#6416 state:resolved]
-
由 Andrew White 提交于
-
由 Andrew White 提交于
-
由 Andrew White 提交于
-
- 13 2月, 2011 6 次提交
-
-
由 Santiago Pastorino 提交于
-
由 Josh Kalderimis 提交于
Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
由 Sjoerd Andringa 提交于
Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
由 Josh Kalderimis 提交于
Applied changes to stylesheet_link_tag from javascript_include_tag which corrects issues with ordering and duplicates.
-
由 Josh Kalderimis 提交于
This corrects two issues with javascript_include_tag, the order at which they are expanded, and removing duplicates. When individual js assets are specified, they will override the order of the same asset specified in an expansion. [#5938 state:resolved]
-
由 Carlos Antonio da Silva 提交于
Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
- 12 2月, 2011 2 次提交
-
-
由 Tom Stuart 提交于
As per the HTML 4.01 spec: Buttons created with the BUTTON element function just like buttons created with the INPUT element, but they offer richer rendering possibilities: the BUTTON element may have content. For example, a BUTTON element that contains an image functions like and may resemble an INPUT element whose type is set to "image", but the BUTTON element type allows content. Since rich content is the main purpose of the <button> element, it makes sense for the button_tag helper to accept a block. http://www.w3.org/TR/html401/interact/forms.html#edef-BUTTON http://dev.w3.org/html5/spec/the-button-element.html#the-button-elementSigned-off-by: NSantiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
-
由 Tom Stuart 提交于
"submit" is the default value of the <button> element's type attribute according to the HTML 4.01 and the HTML5 draft specs, so if button_tag is going to have a default, type="submit" is a more sensible choice than type="button". http://www.w3.org/TR/html401/interact/forms.html#adef-type-BUTTON http://dev.w3.org/html5/spec/the-button-element.html#attr-button-typeSigned-off-by: NSantiago Pastorino and Emilio Tagua <santiago+emilioe@wyeworks.com>
-
- 11 2月, 2011 2 次提交
-
-
由 Carlos Antonio da Silva 提交于
Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
由 José Valim 提交于
-
- 10 2月, 2011 4 次提交
-
-
由 Josh Kalderimis 提交于
Removed Array#safe_join in AS core_ext and moved it to a view helper with the same same. This also changes how safe_join works, if items or the separator are not html_safe they are html_escape'd, a html_safe string is always returned. Signed-off-by: NJosé Valim <jose.valim@gmail.com>
-
由 José Valim 提交于
Applied the wrong version. This reverts commit 98c0c5db.
-
由 Josh Kalderimis 提交于
-
由 Gabriel Horner 提交于
-
- 09 2月, 2011 7 次提交
-
-
由 Aaron Patterson 提交于
-
由 Michael Koziarski 提交于
Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets. To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header: X-CSRF-Token: ... This fixes CVE-2011-0447
-
由 José Valim 提交于
-
由 José Valim 提交于
This fixes CVE-2011-0449
-
由 Michael Koziarski 提交于
Be sure to javascript_escape the email address to prevent apostrophes inadvertently causing javascript errors. This fixes CVE-2011-0446
-
由 Santiago Pastorino 提交于
[#6381 state:committed]
-
由 Carlos Antonio da Silva 提交于
Add tests showing the LH issue #6381: fields_for with inline blocks and nested attributes already persisted Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
- 08 2月, 2011 1 次提交
-
-
由 Aaron Patterson 提交于
-
- 07 2月, 2011 2 次提交
-
-
由 Dan Pickett 提交于
[#6228 state:committed] Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
由 Andre Arko 提交于
For example, page_cache_directory = Rails.root.join("public/cache") Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
- 06 2月, 2011 2 次提交
-
-
由 Timothy N. Tsvetkov 提交于
Added tests for form_for and an authenticity_token option. Added docs for for_for and authenticity_token option. Added section to form helpers guide about forms for external resources and new authenticity_token option for form_tag and form_for helpers. [#6228 state:committed] Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
由 Gabriel Horner 提交于
-
- 05 2月, 2011 1 次提交
-
-
由 german 提交于
[#6372 state:committed] Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
- 04 2月, 2011 2 次提交
-
-
由 Gabriel Horner 提交于
-
由 Franco Brusatti 提交于
[#6369 state:committed] Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-
- 03 2月, 2011 1 次提交
-
-
由 Anton Astashov 提交于
To make sure it will show block contents if it is placed after 'render :partial' [#5557 state:resolved] Signed-off-by: NSantiago Pastorino <santiago@wyeworks.com>
-