June 8, 2011
Potential XSS Vulnerability in Ruby on Rails Applications
The XSS prevention support in recent versions Ruby on Rails allows some string operations which, when combined with user supplied data, may leave an ‘unsafe string’ incorrectly considered safe. It...
June 2, 2011
News from the Documentation Front
New Configuration Guide Rails 3.1 will come with a new comprehensive guide about configuring Rails applications written by Ryan Bigg (@ryanbigg). The current draft is already available in the edge...
May 30, 2011
[ANN] Rails 3.0.8.rc3 (third time is the charm!)
Hey everybody! I’ve pushed Rails 3.0.8.rc3. Hopefully this release candidate takes care of all the outstanding issues remaining. To see what has changed between 3.0.8.rc2 and 3.0.8.rc3, check out this...
May 27, 2011
[ANN] Rails 3.0.8.rc2
Hey folks! I’ve pushed 3.0.8.rc2. I want to give a big thanks to Philip Arndt and Robert Pankowecki for reporting regressions in 3.0.8.rc1! We’ve fixed the regressions, so I pushed...
May 25, 2011
[ANN] Rails 3.0.8.rc1
ZOMG HI EVERYBODY!!!! HAPPY WEDNESDAY (UTC-7). I am EXCITED, PLEASED, and even MORE EXCITED to announce the release of the Rails 3.0.8 released candidate NUMBER ONE! OMG RELEASE CANDIDATE. WHAT...
May 22, 2011
Rails 3.1: Release candidate
As I promised at RailsConf, we’re finally good to go on the Rails 3.1: Release Candidate. This is a fantastically exciting release. We have three new star features and an...
May 5, 2011
Rails 3.1 beta 1 released
We’ve taken our first release step towards the final version of Rails 3.1 today with the unveiling of beta 1. This is a release mostly for people who’ve already been...
April 21, 2011
jQuery: New Default
In Rails 3.1 jQuery is going to be the default JavaScript library. Also, RJS has been extracted out. This post explains what that means for new applications, and what to...
April 18, 2011
Rails 3.0.7 has been released!
Hello everyone! I’ve released Rails version 3.0.7! I want to say thanks to Santiago for handling the release candidate gems. He’s on vacation, so I get to do the real...
April 18, 2011
Why HTTP Streaming?
Rails 3.1 is going to support HTTP streaming, aka chunked responses, this post explains what’s all about. What Is HTTP Streaming? Ordinary dynamic HTTP responses need a Content-Length header. Their...