- 09 2月, 2016 1 次提交
-
-
由 Aaron Patterson 提交于
For better or worse, anonymous `*` args will allocate arrays. Ideally, the interpreter would optimize away this allocation. However, given the number of times we call `html_safe` it seems worth the shedding idealism and going for performance. This line was the top allocation spot for a scaffold (and presumably worse on real applications).
-
- 26 1月, 2016 1 次提交
-
-
由 Vipul A M 提交于
[ci skip] Fixes #20808 [Vipul A M & Julio Lopez]
-
- 21 12月, 2015 1 次提交
-
-
由 Takashi Kokubun 提交于
-
- 18 9月, 2015 1 次提交
-
-
由 Akira Matsuda 提交于
[ci skip]
-
- 09 6月, 2015 1 次提交
-
-
由 Grey Baker 提交于
Use `ActiveSupport::Multibyte::Unicode.tidy_bytes` to handle invalid UTF-8 strings in `ERB::Util.unwrapped_html_escape` and `ERB::Util.html_escape_once`. Prevents user-entered input passed from a querystring into a form field from causing invalid byte sequence errors.
-
- 12 3月, 2015 1 次提交
-
-
由 yui-knk 提交于
-
- 12 2月, 2015 1 次提交
-
-
由 Godfrey Chan 提交于
`coder.represent_scalar` means something along the lines of "Here is a quoted string, you can just add it to the output", which is not the case here. It only works for simple strings that can appear unquoted in YAML, but causes problems for e.g. primitive-like strings ("1", "true"). `coder.represent_object` on the other hand, means that "This is the Ruby-object representation for this thing suitable for use in YAML dumping", which is what we want here. Before: YAML.load ActiveSupport::SafeBuffer.new("Hello").to_yaml # => "Hello" YAML.load ActiveSupport::SafeBuffer.new("true").to_yaml # => true YAML.load ActiveSupport::SafeBuffer.new("false").to_yaml # => false YAML.load ActiveSupport::SafeBuffer.new("1").to_yaml # => 1 YAML.load ActiveSupport::SafeBuffer.new("1.1").to_yaml # => 1.1 After: YAML.load ActiveSupport::SafeBuffer.new("Hello").to_yaml # => "Hello" YAML.load ActiveSupport::SafeBuffer.new("true").to_yaml # => "true" YAML.load ActiveSupport::SafeBuffer.new("false").to_yaml # => "false" YAML.load ActiveSupport::SafeBuffer.new("1").to_yaml # => "1" YAML.load ActiveSupport::SafeBuffer.new("1.1").to_yaml # => "1.1" If we ever want Ruby to behave more like PHP or JavaScript though, this is an excellent trick to use ;)
-
- 04 1月, 2015 1 次提交
-
-
由 Rafael Mendonça França 提交于
-
- 29 12月, 2014 2 次提交
-
-
由 Rafael Mendonça França 提交于
-
由 Vipul A M 提交于
When trying to access a character on a string buffer object via `:[]`, if the object being accessed currently returns `html_safe?` as true, we used to set `@html_safe` variable as true on new object created. When doing something like x = 'Hello'.html_safe x[/a/, 1] would throw an error on ruby 2.2, since when nothign gets matched nil is returned by the code and it tries to set `@html_safe` value to true, which would error since starting 2.2 nil is frozen. This change adds a safety net to avoid setting `@html_safe = true` on frozen objects. Fixes #18235
-
- 25 11月, 2014 1 次提交
-
-
由 Sean Griffin 提交于
It should be part of the documented public API, since we have an entire section of the guides dedicated to it. Documented in a way that addresses the concerns which kept it undocumented in the past.
-
- 25 10月, 2014 1 次提交
-
-
由 Akira Matsuda 提交于
-
- 03 7月, 2014 2 次提交
-
-
由 Godfrey Chan 提交于
-
由 John F. Douthat 提交于
(This is a manual merge of #9102)
-
- 03 6月, 2014 3 次提交
-
-
由 Aaron Patterson 提交于
before this change, we were allocating AS::SafeBuffer objects that were being interpolated in to a string, so the safe buffer object was being thrown away. This change only allocates a string (vs a string *and* a safebuffer) and interpolates the string. On my test application, this reduced the AS::SafeBuffer objects from 1527k per request to about 500 per request.
-
由 Aaron Patterson 提交于
html_escape_interpolated_argument is only used in mutation methods: https://github.com/rails/rails/blob/c07d09559ec171e1904b55c7ad7e8c7d586ca51b/activesupport/lib/active_support/core_ext/string/output_safety.rb#L174 https://github.com/rails/rails/blob/c07d09559ec171e1904b55c7ad7e8c7d586ca51b/activesupport/lib/active_support/core_ext/string/output_safety.rb#L179 The return value doesn't need to be converted to an AS::SafeBuffer since we know that the current object is an AS::SafeBuffer and will be mutated, and the return value from html_escape_interpolated_argument will be thrown away
-
由 Aaron Patterson 提交于
-
- 03 4月, 2014 1 次提交
-
-
由 Carlos Antonio da Silva 提交于
Change to require all active_support/deprecation since that's the actual entry point for the deprecation methods.
-
- 02 4月, 2014 1 次提交
-
-
由 Pavel Pravosud 提交于
-
- 01 4月, 2014 1 次提交
-
-
由 Pavel Pravosud 提交于
Make `#prepend` method modify instance in-place and return self instead of just returning modified value. That is exactly what `#prepend!` method was doing previously, so it's deprecated from now on.
-
- 12 2月, 2014 1 次提交
-
-
由 Yuval Kordov 提交于
Amended json_escape comment to clarify that user-generated content must still be html_escaped if being inserted ingot he DOM via JQuery's html() method.
-
- 10 1月, 2014 1 次提交
-
-
由 Jon Jensen 提交于
The behavior of json_escape was fixed in 2f1c5789, but the doc changes and example in that commit incorrectly indicated that the return value would be html-safe. Since quotation marks are preserved, the raw value is not safe to use in other contexts (specifically HTML attributes).
-
- 14 12月, 2013 1 次提交
-
-
由 Julien Letessier 提交于
Interpolation was untested and did not work with hash arguments. Adds - support for interpolation with hash argument - tests for the above - tests for safe/unsafe interpolation
-
- 05 12月, 2013 5 次提交
-
-
由 Carlos Antonio da Silva 提交于
-
由 Godfrey Chan 提交于
-
由 Godfrey Chan 提交于
-
由 Godfrey Chan 提交于
-
由 Godfrey Chan 提交于
-
- 03 12月, 2013 1 次提交
-
-
由 Carlos Antonio da Silva 提交于
Use the already existing strings instead of creating a new one each time just to test if it responds to the methods.
-
- 16 5月, 2013 1 次提交
-
-
由 Rafael Mendonça França 提交于
This reverts commit 8ce3c1e5, reversing changes made to f93da579. Reason: It slow down the running time. require "diffbench" load 'output_safety.rb' N = 10000 b = ActiveSupport::SafeBuffer.new("hello world") DiffBench.bm do report "capitalize in safe buffer" do N.times do b.capitalize end end end > git checkout 069ea45c; diffbench bench.rb; diffbench bench.rb;diffbench bench.rb;diffbench bench.rb;diffbench bench.rb;diffbench bench.rb;diffbench bench.rb; Running benchmark with current working tree Checkout HEAD^ Running benchmark with HEAD^ Checkout to previous HEAD again user system total real ----------------------------------capitalize in safe buffer After patch: 0.010000 0.000000 0.010000 ( 0.009733) Before patch: 0.010000 0.000000 0.010000 ( 0.007702) Improvement: -26% Running benchmark with current working tree Checkout HEAD^ Running benchmark with HEAD^ Checkout to previous HEAD again user system total real ----------------------------------capitalize in safe buffer After patch: 0.010000 0.000000 0.010000 ( 0.009768) Before patch: 0.010000 0.000000 0.010000 ( 0.007896) Improvement: -24% Running benchmark with current working tree Checkout HEAD^ Running benchmark with HEAD^ Checkout to previous HEAD again user system total real ----------------------------------capitalize in safe buffer After patch: 0.010000 0.000000 0.010000 ( 0.009938) Before patch: 0.010000 0.000000 0.010000 ( 0.007768) Improvement: -28% Running benchmark with current working tree Checkout HEAD^ Running benchmark with HEAD^ Checkout to previous HEAD again user system total real ----------------------------------capitalize in safe buffer After patch: 0.010000 0.000000 0.010000 ( 0.010001) Before patch: 0.010000 0.000000 0.010000 ( 0.007873) Improvement: -27% Running benchmark with current working tree Checkout HEAD^ Running benchmark with HEAD^ Checkout to previous HEAD again user system total real ----------------------------------capitalize in safe buffer After patch: 0.010000 0.000000 0.010000 ( 0.009670) Before patch: 0.010000 0.000000 0.010000 ( 0.007800) Improvement: -24% Running benchmark with current working tree Checkout HEAD^ Running benchmark with HEAD^ Checkout to previous HEAD again user system total real ----------------------------------capitalize in safe buffer After patch: 0.010000 0.000000 0.010000 ( 0.009949) Before patch: 0.010000 0.000000 0.010000 ( 0.007752) Improvement: -28%
-
- 14 5月, 2013 2 次提交
-
-
由 aditya-kapoor 提交于
-
由 aditya-kapoor 提交于
-
- 05 3月, 2013 1 次提交
-
-
由 Aman Gupta 提交于
-
- 13 9月, 2012 1 次提交
-
-
由 Francesco Rodriguez 提交于
-
- 09 9月, 2012 1 次提交
-
-
由 Kalys Osmonov 提交于
-
- 01 8月, 2012 1 次提交
-
- 24 5月, 2012 1 次提交
-
- 20 5月, 2012 1 次提交
-
-
由 Henrik Hodne 提交于
For future reference, this is the regex I used: ^\s*#\s*\n(?!\s*#). Replace with the first match, and voilà! Note that the regex matches a little bit too much, so you probably want to `git add -i .` and go through every single diff to check if it actually should be changed.
-
- 18 5月, 2012 1 次提交
-
-
由 Vasiliy Ermolovich 提交于
-
- 17 5月, 2012 1 次提交
-
-
由 Vasiliy Ermolovich 提交于
-