Path to this page:
Subject: CVS commit: pkgsrc
From: Takahiro Kambe
Date: 2022-06-07 17:05:23
Message id: 20220607150523.A63E2FB19@cvs.NetBSD.org
Log Message:
www/ruby-rails61: update to 6.1.6
Ruby on Rails 6.1.6 (2022-05-12)
Active Support
* Fix and add protections for XSS in ActionView::Helpers and ERB::Util.
Add the method ERB::Util.xml_name_escape to escape dangerous characters in
names of tags and names of attributes, following the specification of XML.
Action View
* Fix and add protections for XSS in ActionView::Helpers and ERB::Util.
Escape dangerous characters in names of tags and names of attributes in
the tag helpers, following the XML specification. Rename the option
:escape_attributes to :escape, to simplify by applying the option to the
whole tag.
Action Pack
* Allow Content Security Policy DSL to generate for API responses.
Files: