gems activerecord 6.0.4.8

latest releases: 8.0.0, 7.2.2, 7.1.5...
2 years ago

Active Support

  • Fix and add protections for XSS in ActionView::Helpers and ERB::Util.

    Add the method ERB::Util.xml_name_escape to escape dangerous characters
    in names of tags and names of attributes, following the specification of XML.

    Álvaro Martín Fraguas

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • Fix and add protections for XSS in ActionView::Helpers and ERB::Util.

    Escape dangerous characters in names of tags and names of attributes in the
    tag helpers, following the XML specification. Rename the option
    :escape_attributes to :escape, to simplify by applying the option to the
    whole tag.

    Álvaro Martín Fraguas

Action Pack

  • Allow Content Security Policy DSL to generate for API responses.

    Tim Wade

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

Railties

  • No changes.

Don't miss a new activerecord release

NewReleases is sending notifications on new releases.