This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# A Rails 2.3.14 monkey patch for the "XSS Vulnerability in the select helper", as reported in: | |
# http://groups.google.com/group/rubyonrails-security/browse_thread/thread/9da0c515a6c4664 | |
# | |
module ActionView | |
module Helpers | |
class InstanceTag #:nodoc: | |
private | |
def add_options(option_tags, options, value = nil) | |
if options[:include_blank] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gem 'rails', '4.0.2' | |
require 'active_record' | |
require 'logger' | |
# Print out what version we're running | |
# 4.0.2 | |
puts "Active Record #{ActiveRecord::VERSION::STRING}" | |
# 4.0.1 | |
puts "Arel #{Arel::VERSION}" |