activesupport 3.0.16 → 3.0.17

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of activesupport might be problematic. Click here for more details.

Files changed (4) hide show
  1. data/CHANGELOG +4 -0
  2. data/lib/active_support/core_ext/string/output_safety.rb +3 -3
  3. data/lib/active_support/version.rb +1 -1
  4. metadata +6 -3
data/CHANGELOG CHANGED
@@ -1,3 +1,7 @@
1
+ ## Rails 3.0.17 (Aug 9, 2012)
2
+
3
+ * No changes.
4
+
1
5
  ## Rails 3.0.16 (Jul 26, 2012)
2
6
 
3
7
  * No changes.
data/lib/active_support/core_ext/string/output_safety.rb CHANGED
@@ -3,13 +3,13 @@ require 'active_support/core_ext/kernel/singleton_class'
3
3
 
4
4
  class ERB
5
5
  module Util
6
- HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;' }
6
+ HTML_ESCAPE = { '&' => '&amp;', '>' => '&gt;', '<' => '&lt;', '"' => '&quot;', "'" => '&#x27;' }
7
7
  JSON_ESCAPE = { '&' => '\u0026', '>' => '\u003E', '<' => '\u003C' }
8
8
 
9
9
  # A utility method for escaping HTML tag characters.
10
10
  # This method is also aliased as <tt>h</tt>.
11
11
  #
12
- # In your ERb templates, use this method to escape any unsafe content. For example:
12
+ # In your ERB templates, use this method to escape any unsafe content. For example:
13
13
  # <%=h @person.name %>
14
14
  #
15
15
  # ==== Example:
@@ -20,7 +20,7 @@ class ERB
20
20
  if s.html_safe?
21
21
  s
22
22
  else
23
- s.to_s.gsub(/&/, "&amp;").gsub(/\"/, "&quot;").gsub(/>/, "&gt;").gsub(/</, "&lt;").html_safe
23
+ s.gsub(/[&"'><]/n) { |special| HTML_ESCAPE[special] }.html_safe
24
24
  end
25
25
  end
26
26
 
data/lib/active_support/version.rb CHANGED
@@ -2,7 +2,7 @@ module ActiveSupport
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 3
4
4
  MINOR = 0
5
- TINY = 16
5
+ TINY = 17
6
6
  PRE = nil
7
7
 
8
8
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.16
4
+ version: 3.0.17
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-07-26 00:00:00.000000000 Z
12
+ date: 2012-08-09 00:00:00.000000000 Z
13
13
  dependencies: []
14
14
  description: A toolkit of support libraries and Ruby core extensions extracted from
15
15
  the Rails framework. Rich support for multibyte strings, internationalization, time
@@ -246,9 +246,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
246
246
  - - ! '>='
247
247
  - !ruby/object:Gem::Version
248
248
  version: '0'
249
+ segments:
250
+ - 0
251
+ hash: -2545111425282888453
249
252
  requirements: []
250
253
  rubyforge_project: activesupport
251
- rubygems_version: 1.8.23
254
+ rubygems_version: 1.8.24
252
255
  signing_key:
253
256
  specification_version: 3
254
257
  summary: A toolkit of support libraries and Ruby core extensions extracted from the