Commit Graph

10 Commits

Author SHA1 Message Date
Sam Stephenson
fea6bc1a21 prototype: Automatically strip security delimiter comments from JSON strings before evaling them. The default delimiter is '/*-secure- ... */' or you can specify your own with the Prototype.JSONFilter regular expression. If you wrap your JSON response bodies in this delimiter on the server side, rogue external sites can't hijack potentially sensitive data via <script> tags. Closes #7910. 2007-04-24 03:31:14 +00:00
Thomas Fuchs
c0509c7f5f Prototype: clean (un)escapeHTML IE special casing and optimize speed for IE and Safari 2007-03-29 17:39:48 +00:00
Thomas Fuchs
9a7dcd54fb Prevent linefeed normalisation in String.prototype.escapeHTML and unescapeHTML on IE for consistency with other browsers 2007-03-28 11:35:05 +00:00
Thomas Fuchs
5f2acb4be5 Make Hash.toQueryString serialize undefined values. Ensure consistency with String.prototype.toQueryParams. Closes #7806. [Mislav Marohnic] 2007-03-27 20:55:56 +00:00
Thomas Fuchs
fc91a3e456 Fix an issue with String.prototype.endsWith. Closes #7822. [altblue] 2007-03-27 17:43:30 +00:00
Sam Stephenson
f160bc4d4d prototype: Add support for JSON encoding and decoding. Closes #7427. 2007-03-09 03:23:24 +00:00
Thomas Fuchs
5224f0fc4f Prototype: Add String.prototype.empty and String.prototype.blank (tests if empty or whitespace-only). Closes #7016. [Jonathan Viney, Thomas Fuchs] 2007-02-19 21:32:37 +00:00
Sam Stephenson
74596ac289 prototype: String.prototype.endsWith should not fail on multiple occurrences. Closes #7416. 2007-02-05 04:56:46 +00:00
Sam Stephenson
5345085b33 prototype: Add String.prototype.startsWith, String.prototype.endsWith, and String.prototype.include. Closes #7075. 2007-01-27 18:45:54 +00:00
Sam Stephenson
bb4d189b37 prototype: Reorganize the source tree. 2007-01-18 22:24:27 +00:00