2011/2/10 Joaquin Rivera Padron <joahk...@gmail.com>
> hi,
> I diff-ed 3.0.0 with 3.0.1 and I got this
>
sorry I meant diff-ed 3.0.1 to 3.0.2
>
> diff --git a/actionpack/lib/action_dispatch/routing/polymorphic_routes.rb
> b/actionpack/lib/action_dispatch/routing/polymorphic_routes.rb
> index 142cd08..fb2118a 100644
> --- a/actionpack/lib/action_dispatch/routing/polymorphic_routes.rb
> +++ b/actionpack/lib/action_dispatch/routing/polymorphic_routes.rb
> @@ -17,7 +17,7 @@ module ActionDispatch
> #
> ...skipping...
> buffer = with_output_buffer { value = yield(*args) }
> if string = buffer.presence || value and string.is_a?(String)
> - NonConcattingString.new(string)
> + NonConcattingString.new(*ERB::Util.html_escape(string)*)
> end
> end
>
> if I put bac k the NonConcattingString.new(string) it works (at least for
> me)
>
> don't know the implications though, wdyt?
>
> jk
>
> 2011/2/10 Joaquin Rivera Padron <joahk...@gmail.com>
>
> yes, if by 3-0-stable you mean 3.0.0, yes it works
>>
>> thanks for the "ping offer", I'll let you know if anything, but I won't
>> (can't) be full time chasing the bug :-(
>>
>> jk
>>
>> 2011/2/10 Santiago Pastorino <santi...@wyeworks.com>
>>
>> Great, ping me if I can help you.
>>> BTW did you tried 3-0-stable?
>>>
>>> On Thu, Feb 10, 2011 at 9:51 AM, Joaquin Rivera Padron
>>> <joahk...@gmail.com> wrote:
>>> > for me are broken also versions 3.0.4, 3.0.4.rc1, 3.0.3 and 3.0.2
>>> > ok is 3.0.1, will keep digging then
>>> > jk
>>> >
>>> > 2011/2/9 Brian Morearty <bmorea...@gmail.com>
>>> >>
>>> >> Yes, I saw something similar when I upgraded to 3.0.4 this morning. I
>>> >> didn't have a chance to debug it so for the moment I went back to
>>> >> 3.0.1. I wasn't sure if it was my doing so I didn't say anything on
>>> >> this list.
>>> >>
>>> >> I have a helper function that returns an HTML string. The function
>>> >> calls .html_safe before returning. That worked in 3.0.1 but in 3.0.4
>>> >> it is being escaped in the output.
>>> >>
>>> >> I also tried adding .html_safe to the .html.erb file (double-safe it)
>>> >> but to no avail.
>>> >>
>>> >> I was not able to reproduce it in a simple case though, even in very
>>> >> same function.
>>> >>
>>> >> Brian
>>> >>
>>> >>
>>> >> On Feb 9, 1:06 pm, Joaquin Rivera Padron <joahk...@gmail.com> wrote:
>>> >> > hello,
>>> >> > I have today updated my rails app to 3.0.4 security release but now
>>> this
>>> >> >
>>> >> > yield :javascripts
>>> >> >
>>> >> > fails in the layout and I get my custom js escaped as text in the
>>> view.
>>> >> >
>>> >> > anybody seeing this also?
>>> >> >
>>> >> > tia,
>>> >> > jk
>>> >> >
>>> >> > --www.least-significant-bit.com
>>> >>
>>> >> --
>>> >> You received this message because you are subscribed to the Google
>>> Groups
>>> >> "Ruby on Rails: Core" group.
>>> >> To post to this group, send email to
>>> rubyonrails-core@googlegroups.com.
>>> >> To unsubscribe from this group, send email to
>>> >> rubyonrails-core+unsubscr...@googlegroups.com.
>>> >> For more options, visit this group at
>>> >> http://groups.google.com/group/rubyonrails-core?hl=en.
>>> >>
>>> >
>>> >
>>> >
>>> > --
>>> > www.least-significant-bit.com
>>> >
>>> > --
>>> > You received this message because you are subscribed to the Google
>>> Groups
>>> > "Ruby on Rails: Core" group.
>>> > To post to this group, send email to rubyonrails-core@googlegroups.com
>>> .
>>> > To unsubscribe from this group, send email to
>>> > rubyonrails-core+unsubscr...@googlegroups.com.
>>> > For more options, visit this group at
>>> > http://groups.google.com/group/rubyonrails-core?hl=en.
>>> >
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Ruby on Rails: Core" group.
>>> To post to this group, send email to rubyonrails-core@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> rubyonrails-core+unsubscr...@googlegroups.com.
>>> For more options, visit this group at
>>> http://groups.google.com/group/rubyonrails-core?hl=en.
>>>
>>>
>>
>>
>> --
>> www.least-significant-bit.com
>>
>
>
>
> --
> www.least-significant-bit.com
>
--
www.least-significant-bit.com
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Core" group.
To post to this group, send email to rubyonrails-core@googlegroups.com.
To unsubscribe from this group, send email to
rubyonrails-core+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-core?hl=en.
