- 04 9月, 2014 1 次提交
-
-
由 Kasper Timm Hansen 提交于
-
- 19 8月, 2014 1 次提交
-
-
由 Rafael Mendonça França 提交于
-
- 17 6月, 2014 2 次提交
- 16 6月, 2014 2 次提交
- 14 5月, 2014 1 次提交
-
-
由 azul 提交于
-
- 20 6月, 2013 1 次提交
-
-
由 Piotr Sarnacki 提交于
-
- 15 10月, 2012 1 次提交
-
-
由 Ayrton De Craene 提交于
-
- 10 8月, 2012 1 次提交
-
-
由 Santiago Pastorino 提交于
Thanks to Marek Labos & Nethemba CVE-2012-3465
-
- 21 12月, 2011 1 次提交
-
-
由 Arun Agrawal 提交于
Testing Sandbox removed.
-
- 08 10月, 2009 1 次提交
-
-
由 Michael Koziarski 提交于
This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration.
-
- 26 8月, 2008 1 次提交
-
-
由 Joshua Peek 提交于
-
- 20 4月, 2008 1 次提交
-
-
由 Joshua Peek 提交于
-
- 05 1月, 2008 1 次提交
-
-
由 Jeremy Kemper 提交于
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8564 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
-
- 26 11月, 2007 1 次提交
-
-
由 Rick Olson 提交于
Refactor sanitizer helpers into HTML classes and make it easy to swap them out with custom implementations. Closes #10129. [rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8213 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
-
- 11 10月, 2007 1 次提交
-
-
由 David Heinemeier Hansson 提交于
Extracted sanitization methods from TextHelper to SanitizeHelper [DHH] Changed SanitizeHelper#sanitize to only allow the custom attributes and tags when specified in the call [DHH] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7825 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
-