- 20 2月, 2014 3 次提交
-
-
由 Arun Agrawal 提交于
-
由 Xavier Noria 提交于
Add note to silence_stream and quietly. [skip ci]
-
由 Arthur Neves 提交于
State that on the doc. [fixes #11954]
-
- 19 2月, 2014 30 次提交
-
-
由 Arun Agrawal 提交于
Close the meta tag with '/>' instead of '>'
-
由 Prakash Murthy 提交于
This change fixes the 42 instances of `end tag for "meta" omitted, but OMITTAG NO was specified` error message that comes up when the full railsguides are validated. Full error list at https://gist.github.com/prakashmurthy/9086679.
-
由 Guillermo Iguaran 提交于
The errors were introduced in e220a34e
-
由 Guillermo Iguaran 提交于
Update Docs in favor to use render plain instead of text option
-
由 robertomiranda 提交于
ref #14062
-
由 Arthur Nogueira Neves 提交于
Typo fix for unscope [ci skip]
-
由 Amit Thawait 提交于
-
由 Rafael Mendonça França 提交于
Before we were calling to_sym in the mime type, even when it is unknown what can cause denial of service since symbols are not removed by the garbage collector. Fixes: CVE-2014-0082
-
由 Rafael Mendonça França 提交于
Conflicts: actionview/CHANGELOG.md activerecord/CHANGELOG.md
-
由 Rafael Mendonça França 提交于
-
由 Aaron Patterson 提交于
Thanks Godfrey Chan for reporting this! Fixes: CVE-2014-0080
-
由 Rafael Mendonça França 提交于
Previously the values of these options were trusted leading to potential XSS vulnerabilities. Fixes: CVE-2014-0081
-
由 Godfrey Chan 提交于
Sync 4.1 release notes with changes since 7f648bc7
-
由 Godfrey Chan 提交于
-
由 Rafael Mendonça França 提交于
Introduce `:plain`, `:html`, and `:body` render options.
-
由 Prem Sichanugrist 提交于
-
由 Prem Sichanugrist 提交于
Setting this attribute to `true` will remove the content type header from the request. This is use in `render :body` feature.
-
由 Prem Sichanugrist 提交于
-
由 Prem Sichanugrist 提交于
* Introduces `:plain`, `:html`, `:body` render option. * Update guide to use `render :plain` instead of `render :text`.
-
由 Prem Sichanugrist 提交于
-
由 Prem Sichanugrist 提交于
This test were assuming that the list of render options will always be the same. Fixing that so this doesn't break when we add/remove render option in the future.
-
由 Prem Sichanugrist 提交于
This is an option for to HTML content with a content type of `text/html`. This rendering option calls `ERB::Util.html_escape` internally to escape unsafe HTML string, so you will have to mark your string as html safe if you have any HTML tag in it. Please see #12374 for more detail.
-
由 Prem Sichanugrist 提交于
This is as an option to render content with a content type of `text/plain`. This is the preferred option if you are planning to render a plain text content. Please see #12374 for more detail.
-
由 Prem Sichanugrist 提交于
-
由 Prem Sichanugrist 提交于
This is an option for sending a raw content back to browser. Note that this rendering option will unset the default content type and does not include "Content-Type" header back in the response. You should only use this option if you are expecting the "Content-Type" header to not be set. More information on "Content-Type" header can be found on RFC 2616, section 7.2.1. Please see #12374 for more detail.
-
由 Rafael Mendonça França 提交于
Document `default_scope` changes
-
由 Rafael Mendonça França 提交于
[ci skip]
-
由 Rafael Mendonça França 提交于
-
由 Rafael Mendonça França 提交于
and upgrating guides [ci skip]
-
由 Carlos Antonio da Silva 提交于
Fix parameter naming in RemoteIp middleware constructor method [ci skip]
-
- 18 2月, 2014 7 次提交
-
-
由 Carlos Antonio da Silva 提交于
-
由 Carlos Antonio da Silva 提交于
-
由 David Heinemeier Hansson 提交于
-
由 Guillermo Iguaran 提交于
Upgrade Doc: assets:precompile:all was removed on 4
-
由 David Heinemeier Hansson 提交于
-
由 Arthur Neves 提交于
-
由 Rafael Mendonça França 提交于
-