| Rails 2.3.5 patch for CVE-2013-0333 vulnerability: | |
| If you can't upgrade your Rails installation you can get the OkJson parser and include it in your project. How? | |
| - Add cve_2013_0333_patch.rb in '/config/initializers' directory. | |
| - Add okjson.rb in '/lib/active_support/json/backends' directory. | |
| To test the parser, try to decode with a bad formatted json: | |
| (I don't know if it's the best test, but you check if you are using the json parser in the rails 2.3 official patch) |
| #!/usr/bin/env bash | |
| action=$1 | |
| shift | |
| function usage(){ | |
| echo " Commits changes for the mentioned issue" | |
| echo " commit ITEM#" | |
| echo " Searches for an issue number in the todo line and opens the default editor with the issue number just to write your commit" | |
| echo "" |
Extracted from official patchs.
| shared_examples_for "model with attributes" do |model_name| | |
| context "validations" do | |
| context "with valid values" do | |
| let(:attributes) { attributes_for model_name } | |
| let(:model_object) { build model_name, attributes } | |
| subject { model_object } |
| require 'vcr' | |
| VCR.configure do |c| | |
| c.cassette_library_dir = 'spec/fixtures/vcr/' | |
| c.hook_into :webmock # or :fakeweb | |
| c.allow_http_connections_when_no_cassette = true | |
| c.configure_rspec_metadata! | |
| c.default_cassette_options = { :record => :new_episodes, :erb => true, :match_requests_on => [:path] } | |
| c.ignore_request do |request| | |
| uri = URI(request.uri) | |
| uri.host == '127.0.0.1' |
| # Extension to Refinery Admin controller to avoid 2 problems: | |
| # | |
| # 1) Edit locale propagates through requests as Thread.current[:globalize_locale] is never reset to nil | |
| # 2) Crudify's find filter is pepended before de globalize filter. This way, if you're editing in a non-default locale and the update url comes with a slug in that locale it won't be found (in fact, it does work in some circunstances) | |
| ::Refinery::AdminController.class_eval do | |
| # We should reset globalize so we don't propagate Globalize locale between requests | |
| def reset_globalize | |
| Thread.current[:globalize_locale] = nil |
| $('form').parsley( { | |
| listeners: { | |
| onFieldError: function ( elem, constraints, ParsleyField ) { | |
| if (javascript_env == 'production') { | |
| return; | |
| } | |
| _log("Errores: ") | |
| _log(elem.attr("name") + ": " + elem.val()); | |
| for(constraint_id in constraints) { |
| ....... | |
| ....... | |
| <% cache menu_cache_key, expire_in: 1.day do %> | |
| <%= render(:partial => "/refinery/menu", :locals => { | |
| :css => 'submenu' | |
| }) %> | |
| <% end %> | |
| ....... | |
| ....... |
| # This module allows you to run your request specs in a responsive mode quite easily | |
| # | |
| # Requirement: It requries Poltergeist, but could work with any capybara driver with a resize method | |
| # | |
| # Instructions: | |
| # | |
| # 0. Setup Poltergeist and register the driver | |
| # 1. Drop this module in your spec/support folder | |
| # 2. Include this module before your describe | |
| # 3. Use a responsive: true param in describe to enable responsive requests. We will need a js:true to enable poltergeist |
| testing |