Andrew Kaspick wrote: > Exactly. I'm not using the rails_xss plugin, but the escaping rules are > not as they were in 2.3.5. String literals were "safe" in 2.3.5, but > aren't in 2.3.8... a minor difference with huge implications.
I created a quick-n-dirty test app. See the result here: http://www.ruby-forum.com/topic/214314#new -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
