Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: rails/rails
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v6.1.7.1
Choose a base ref
...
head repository: rails/rails
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v6.1.7.3
Choose a head ref
  • 7 commits
  • 45 files changed
  • 3 contributors

Commits on Jan 25, 2023

  1. Merge pull request #47087 from jhawthorn/cookie_domain 

    Fix cookie domain for `domain: all` on two letter single level TLD
    @jhawthorn
    jhawthorn committed Jan 25, 2023
    Configuration menu
    Copy the full SHA
    1e5011d View commit details
    Browse the repository at this point in the history

  2. Version 6.1.7.2

    @jhawthorn
    jhawthorn committed Jan 25, 2023
    Configuration menu
    Copy the full SHA
    3e0c1a5 View commit details
    Browse the repository at this point in the history

  3. Preparing for 6.1.7.2 release

    @jhawthorn
    jhawthorn committed Jan 25, 2023
    Configuration menu
    Copy the full SHA
    f0c5e60 View commit details
    Browse the repository at this point in the history

Commits on Mar 13, 2023

  1. Implement SafeBuffer#bytesplice

    @amatsuda @jhawthorn
    amatsuda authored and jhawthorn committed Mar 13, 2023
    Configuration menu
    Copy the full SHA
    3cf23c3 View commit details
    Browse the repository at this point in the history

  2. Ignore certain data-* attributes in rails-ujs when element is content… 

    …editable

There is a potential DOM based cross-site scripting issue in rails-ujs
which leverages the Clipboard API to target HTML elements that are
assigned the contenteditable attribute. This has the potential to occur
when pasting malicious HTML content from the clipboard that includes
a data-method, data-disable-with or data-remote attribute.

[CVE-2023-23913]
    @fresh-eggs @jhawthorn
    fresh-eggs authored and jhawthorn committed Mar 13, 2023
    Configuration menu
    Copy the full SHA
    5037a13 View commit details
    Browse the repository at this point in the history

  3. Prepare version 6.1.7.3

    @jhawthorn
    jhawthorn committed Mar 13, 2023
    Configuration menu
    Copy the full SHA
    7167e53 View commit details
    Browse the repository at this point in the history

  4. Preparing for 6.1.7.3 release

    @jhawthorn
    jhawthorn committed Mar 13, 2023
    Configuration menu
    Copy the full SHA
    f09dc7c View commit details
    Browse the repository at this point in the history
Loading