Displaying 20 results from an estimated 10000 matches similar to: "Rails 2.3.8 still escaping html in strings"
2010 Aug 03
7
rails 2.3.8 and html_safe
Hi,
Can somebody update me on the state of html_safe strings in rails 2.3.8?
I know rails 2.3.6 and 2.3.7 broke a lot of code because strings were
being escaped when they shouldn''t have been and I thought this was all
fixed in 2.3.8.
I''m upgrading an app from 2.3.5 to 2.3.8 and there are many spots where
previous code was output correctly and now it expects html_safe method
2018 Jul 02
0
Incomplete HTML escaping by Xapian::MSet::snippet() (CVE-2018-0499)
Hi folks,
I spotted an HTML escaping bug in Xapian::MSet::snippet() while working
on the code. This issue has been assigned CVE-2018-0499 (though
currently there's no useful information on cve.mitre.org for it). I've
added a wiki page for it here:
https://trac.xapian.org/wiki/SecurityFixes/2018-07-02
The intended behaviour is that the selected input text is escaped for
use in HTML,
2009 Jul 30
2
Can I turn off config.action_view.cache_template_loading in Production
I''ve got an app which users can edit the ERB templates for emails, the
changes aren''t taking effect till the app restarts though because
config.action_view.cache_template_loading = true
I''ve seen various comments that suggest it has to be true when in
Production for thread safety - is Rails actually running in a threaded
manner yet? Surely this is a none issue at the
2006 Jan 20
1
Suppress HTML escaping in link_to(:title)?
Hi guys,
I''m new to this list and it seems you are my last hope.
How can I prevent Rails from automatically escaping HTML entities when
creating a hyperlink?
You know, link_to( ... :title => ''This is „quoted“'') returns
''This is „quoted“'' because Rails escapes the ampersands to
&.
Is there a way I
2004 Sep 10
1
About maildir
Hi,
i just discover dovecot, and it's what i always wanted to have
i read that it support qmail Maildir, i use postfix, but read on
postfix site that postfix Maildir are compatible with qmail.
so i have something like
/var/mail/vhosts/domaine.tld/testuser/
i tried a simple setup to 'test'
auth_userdb = static uid=500 gid=500 home=/var/mail/vhosts/%d/%n
auth_passdb = passwd-file
2006 Aug 15
4
escaping html?
Hi
I have a wysiwyg html ditor in my app. How do I escape html written to the
database and encoding when I display the content>
Ty
Pieter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060815/d8c50941/attachment.html
2006 Jun 17
5
RailsForum.com
A lot of the traffic on this list involves questions that may be better
suited for a forum environment. RailsForum.com has people of all experience
levels and, while very new, is proving to be a useful place for getting
help.
Just in case folks hadn''t heard about it,
- Danger
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2023 Apr 17
0
[ANNOUNCE] libXft 2.3.8
Alan Coopersmith (1):
configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
Matt Turner (1):
libXft 2.3.8
Thomas E. Dickey (3):
add check for missing glyph in XftFontCheckGlyph()
issue 17: libxft-2.3.7: Bold fonts in urxvt missing leftmost pixels
issue 18: Problems with rotated text (monospace font only)
git tag: libXft-2.3.8
2004 Nov 29
4
escaping backslash in a string
How can I get a single backslash in a character string?
My goal is to escape dots in a string that will be used as a regular
expression. I thought I could do it this way:
gsub(".", "\\.", x)
Unfortunately, "\\" does not represent a literal backslash as I
expected, but rather a pair of backslashes:
> "\\."
[1] "\\."
> "\\"
[1]
2010 Apr 19
1
Character escaping in item name
Hi!
In the rsync man page under " -8, --8-bit-output", it says:
. . .
All control characters (but never tabs) are always escaped, regardless of this option's setting.
The escape idiom that started in 2.6.7 is to output a literal backslash (\) and a hash (#),
followed by exactly 3 octal digits. For example, a newline would output as "\#012".
A literal backslash
2006 Jun 21
1
sortable tables not working because of html escaping
i just went through the following tutorial on creating a sortable table:
http://dev.nozav.org/rails_ajax_table.html
it appears to work as it is supposed to except for the fact that my
links are being written wrong. the "&" symbol is being replaced with
& therefore creating this as my url:
http://localhost:3000/item/list?sort=qty&query=
instead of
2007 Nov 18
0
Escaping html entities with in_place_editor_field
I have a field where a user might need to enter text that includes
greater than and less than signs.
I am using in_place_editor_field, so I need a way to tell it to escape
html entities (convert to > and <) when displaying and NOT
escape html entities (just show the greater than and less than signs)
when editing.
Any ideas?
--~--~---------~--~----~------------~-------~--~----~
You
2017 Apr 09
1
[Bug] FTS double escaping
Cit?t Timo Sirainen <tss at iki.fi>:
> On 6 Apr 2017, at 14.58, azurit at pobox.sk wrote:
>>
>> Hi,
>>
>> i'm trying to resolve few problems with indexing 'From' headers
>> using FTS/Solr. I was tcpdumping the communication between Dovecot
>> and Jetty/Solr and noticed that 'From' headers, which includes also
>>
2011 May 13
2
Rails 3 Forces HTML Escape of Forms
I have a legacy application I ported from Rails 2.x. I found that the
escaping was occurring where it shouldn''t, like in creation of forms,
and I couldn''t turn it off. I found two mechanisms that should have
disabled it, a function safe_html, which is supposed to mark a string
as not needing to be escaped. The other is raw, which similarly
indicates that a string should be output
2006 Jan 22
0
Escaping and Unescaping text in ERb
Instead of continuing the thread hijack, I''ve started a new one....
Douglas Livingstone wrote:
> 2006/1/22, Kevin Olbrich <kevin.olbrich@duke.edu>:
>>
>> You know, this has been bothering me a bit lately. If the point of
>> doing an html escape on the output is to prevent security problems,
>> wouldn''t it make sense for the default action on
2017 Apr 06
0
[Bug] FTS double escaping
On 06.04.2017 14:58, azurit at pobox.sk wrote:
> Hi,
>
> i'm trying to resolve few problems with indexing 'From' headers using
> FTS/Solr. I was tcpdumping the communication between Dovecot and
> Jetty/Solr and noticed that 'From' headers, which includes also
> sender's name, are double escaped. This is what was Dovecot sending to
> Solr:
>
>
2017 Apr 09
0
[Bug] FTS double escaping
On 6 Apr 2017, at 14.58, azurit at pobox.sk wrote:
>
> Hi,
>
> i'm trying to resolve few problems with indexing 'From' headers using FTS/Solr. I was tcpdumping the communication between Dovecot and Jetty/Solr and noticed that 'From' headers, which includes also sender's name, are double escaped. This is what was Dovecot sending to Solr:
>
>
2009 Jan 05
1
Problem Escaping Spaces in File Name
Hi All,
I realize this has been addressed ad naseum, but I simply cannot seem to
solve my issue despite many hours of mucking about. I am attempting to
run a command like:
rsync -prvl --delete --stats --progress -e 'ssh -p 22 -i
/root/.ssh/id_dsa'
backup/company/data/current_backup/company_Ralf/doc\\\ -\\\ network/
2017 Apr 06
4
[Bug] FTS double escaping
Hi,
i'm trying to resolve few problems with indexing 'From' headers using
FTS/Solr. I was tcpdumping the communication between Dovecot and
Jetty/Solr and noticed that 'From' headers, which includes also
sender's name, are double escaped. This is what was Dovecot sending to
Solr:
</field><field name="from">Name Surname
&lt;test at
2006 Jun 16
2
DISABLE auto-escaping in image_tag helper
Is there any way to disable image_tag''s automatic escaping of special html
entities in it''s :alt tag?
Example:
>From the controller:
@sale[''title''] = ''My Company Product©''
In the view:
<%= image_tag(''path/to/file.png'', :alt => @sale[''title'']) %>
Output:
<img alt="My Company