Bh v1.3.6 Release Notes

Release Date: 2015-12-18 // over 8 years ago
    • [ENHANCEMENT] Bump versions of asset libraries

Previous changes from v1.3.4

    • πŸ›  [BUGFIX] Security: don’t always assume that the content of link_to is safe

    Note that this might break your code if it relied on the wrong behavior of Bh, assuming that the content of link_to was always HTML safe.

    For instance, if your app has the following code to display an image with a πŸ”— link link_to '<img src="logo.png">', '/', then the image will not display πŸš… anymore, since Bh now correctly escapes the HTML content (as Rails and Padrino do). In this case, you should use link_to image_tag('logo.png'), '/' instead.