actionview 6.0.3.7 → 6.0.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of actionview might be problematic. Click here for more details.

Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +11 -0
  3. data/README.rdoc +1 -1
  4. data/lib/action_view/gem_version.rb +2 -2
  5. data/lib/action_view/helpers/form_tag_helper.rb +5 -6
  6. data/lib/action_view/helpers/sanitize_helper.rb +2 -2
  7. data/lib/assets/compiled/rails-ujs.js +1 -1
  8. metadata +14 -14
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '0901467d038615517c4bb844ada76405c5881b51faf764c6620b593c33cdc32d'
4
- data.tar.gz: 511ca67c07b8a6a900c4e124cc810b5d83c9b7fda92c401058a974aecf4653ec
3
+ metadata.gz: 6ae3e4955963f84b4299850e39bf729597e07e7c0f9af6d79258a65131053f22
4
+ data.tar.gz: 609472d2030d8e4d54964169fe770a58e2a908f2a5b7c4e207a6496a8e4cd6a4
5
5
  SHA512:
6
- metadata.gz: 77ca182510ca79fc7de26c58a5a86790938eec97cbea0f69d7ad374e3910017181e533ad4925752407f765f7d9db2c4d51725cac1b6d7aff09d0abcd29533d04
7
- data.tar.gz: 1c987532210718e9d512c14c143418c378cf9ce1e7e83b87b79876899e3ae9bb1baa13931efdbf17f29100b7d1f70e03f9ffb702fe6536271d1bf8c6964c7e4a
6
+ metadata.gz: f0c4acc4e8cfb5e67b19ed61155b56ecb6b627d1e172ea8b38db4d2a6a4a2ec41db356581993e9ca228029896bdca775e40f4dba2a37120a3cb7b061a0d6d096
7
+ data.tar.gz: e2789295904614c027c6f4d1bade6b8d1beeae00d2cc224b59ee83af0073ce126d4f2bb5f210c2cd362668266f578449f6d022eb62fd0b216e9c83dba750a31e
data/CHANGELOG.md CHANGED
@@ -1,3 +1,13 @@
1
+ ## Rails 6.0.4 (June 15, 2021) ##
2
+
3
+ * SanitizeHelper.sanitized_allowed_attributes and SanitizeHelper.sanitized_allowed_tags
4
+ call safe_list_sanitizer's class method
5
+
6
+ Fixes #39586
7
+
8
+ *Taufiq Muhammadi*
9
+
10
+
1
11
  ## Rails 6.0.3.7 (May 05, 2021) ##
2
12
 
3
13
  * No changes.
@@ -34,6 +44,7 @@
34
44
 
35
45
  * [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs
36
46
 
47
+
37
48
  ## Rails 6.0.3 (May 06, 2020) ##
38
49
 
39
50
  * annotated_source_code returns an empty array so TemplateErrors without a
data/README.rdoc CHANGED
@@ -15,7 +15,7 @@ The latest version of Action View can be installed with RubyGems:
15
15
 
16
16
  Source code can be downloaded as part of the Rails project on GitHub:
17
17
 
18
- * https://github.com/rails/rails/tree/master/actionview
18
+ * https://github.com/rails/rails/tree/main/actionview
19
19
 
20
20
 
21
21
  == License
data/lib/action_view/gem_version.rb CHANGED
@@ -9,8 +9,8 @@ module ActionView
9
9
  module VERSION
10
10
  MAJOR = 6
11
11
  MINOR = 0
12
- TINY = 3
13
- PRE = "7"
12
+ TINY = 4
13
+ PRE = nil
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
data/lib/action_view/helpers/form_tag_helper.rb CHANGED
@@ -896,16 +896,15 @@ module ActionView
896
896
  end
897
897
 
898
898
  def set_default_disable_with(value, tag_options)
899
- return unless ActionView::Base.automatically_disable_submit_tag
900
- data = tag_options["data"]
899
+ data = tag_options.fetch("data", {})
901
900
 
902
- unless tag_options["data-disable-with"] == false || (data && data["disable_with"] == false)
901
+ if tag_options["data-disable-with"] == false || data["disable_with"] == false
902
+ data.delete("disable_with")
903
+ elsif ActionView::Base.automatically_disable_submit_tag
903
904
  disable_with_text = tag_options["data-disable-with"]
904
- disable_with_text ||= data["disable_with"] if data
905
+ disable_with_text ||= data["disable_with"]
905
906
  disable_with_text ||= value.to_s.clone
906
907
  tag_options.deep_merge!("data" => { "disable_with" => disable_with_text })
907
- else
908
- data.delete("disable_with") if data
909
908
  end
910
909
 
911
910
  tag_options.delete("data-disable-with")
data/lib/action_view/helpers/sanitize_helper.rb CHANGED
@@ -129,11 +129,11 @@ module ActionView
129
129
  end
130
130
 
131
131
  def sanitized_allowed_tags
132
- safe_list_sanitizer.allowed_tags
132
+ sanitizer_vendor.safe_list_sanitizer.allowed_tags
133
133
  end
134
134
 
135
135
  def sanitized_allowed_attributes
136
- safe_list_sanitizer.allowed_attributes
136
+ sanitizer_vendor.safe_list_sanitizer.allowed_attributes
137
137
  end
138
138
 
139
139
  # Gets the Rails::Html::FullSanitizer instance used by +strip_tags+. Replace with
data/lib/assets/compiled/rails-ujs.js CHANGED
@@ -1,6 +1,6 @@
1
1
  /*
2
2
  Unobtrusive JavaScript
3
- https://github.com/rails/rails/blob/master/actionview/app/assets/javascripts
3
+ https://github.com/rails/rails/blob/main/actionview/app/assets/javascripts
4
4
  Released under the MIT license
5
5
  */;
6
6
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actionview
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.3.7
4
+ version: 6.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-05 00:00:00.000000000 Z
11
+ date: 2021-06-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 6.0.3.7
19
+ version: 6.0.4
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 6.0.3.7
26
+ version: 6.0.4
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: builder
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -92,28 +92,28 @@ dependencies:
92
92
  requirements:
93
93
  - - '='
94
94
  - !ruby/object:Gem::Version
95
- version: 6.0.3.7
95
+ version: 6.0.4
96
96
  type: :development
97
97
  prerelease: false
98
98
  version_requirements: !ruby/object:Gem::Requirement
99
99
  requirements:
100
100
  - - '='
101
101
  - !ruby/object:Gem::Version
102
- version: 6.0.3.7
102
+ version: 6.0.4
103
103
  - !ruby/object:Gem::Dependency
104
104
  name: activemodel
105
105
  requirement: !ruby/object:Gem::Requirement
106
106
  requirements:
107
107
  - - '='
108
108
  - !ruby/object:Gem::Version
109
- version: 6.0.3.7
109
+ version: 6.0.4
110
110
  type: :development
111
111
  prerelease: false
112
112
  version_requirements: !ruby/object:Gem::Requirement
113
113
  requirements:
114
114
  - - '='
115
115
  - !ruby/object:Gem::Version
116
- version: 6.0.3.7
116
+ version: 6.0.4
117
117
  description: Simple, battle-tested conventions and helpers for building web pages.
118
118
  email: david@loudthinking.com
119
119
  executables: []
@@ -236,11 +236,11 @@ licenses:
236
236
  - MIT
237
237
  metadata:
238
238
  bug_tracker_uri: https://github.com/rails/rails/issues
239
- changelog_uri: https://github.com/rails/rails/blob/v6.0.3.7/actionview/CHANGELOG.md
240
- documentation_uri: https://api.rubyonrails.org/v6.0.3.7/
239
+ changelog_uri: https://github.com/rails/rails/blob/v6.0.4/actionview/CHANGELOG.md
240
+ documentation_uri: https://api.rubyonrails.org/v6.0.4/
241
241
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
242
- source_code_uri: https://github.com/rails/rails/tree/v6.0.3.7/actionview
243
- post_install_message:
242
+ source_code_uri: https://github.com/rails/rails/tree/v6.0.4/actionview
243
+ post_install_message:
244
244
  rdoc_options: []
245
245
  require_paths:
246
246
  - lib
@@ -257,7 +257,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
257
257
  requirements:
258
258
  - none
259
259
  rubygems_version: 3.1.2
260
- signing_key:
260
+ signing_key:
261
261
  specification_version: 4
262
262
  summary: Rendering framework putting the V in MVC (part of Rails).
263
263
  test_files: []