ࠓ͢͜ͱ
• ͕ Rails 5.0 ʹ͍ΕͨҎԼͷύονʹؔͯ͠ࢥ͏
͜ͱΛ͠·͢
• #22722 Use CGI.escapeHTML for html escape
• #18109 Allow joins to be unscoped
• #22125 Alias left_joins to left_outer_joins
Slide 4
Slide 4 text
Use CGI.escapeHTML
for html escape
https://github.com/rails/rails/pull/22722
Slide 5
Slide 5 text
#22722 Use CGI.escapeHTML
for html escape
Slide 6
Slide 6 text
#22722 Use CGI.escapeHTML
for html escape
• erbͷHTMLΤεέʔϓʹgsubͷݺͼग़͠Ͱ
ͳ͘ CGI.escapeHTML Λ͏Α͏ʹ͢Δౕ
• Ruby 2.3 Ͱ CGI.escapeHTML ΛߴԽͨ͠
Ͳͷ͘Β͍มΘ͔ͬͨ
• લఏࣝ: String࿈݁ͷݱࡏͷੑೳൺֱ
TMJNͷDPNQJMFECFODIͷ)5.-Τεέʔϓ༗ޮ൛ JT
IBNMJU
W
TMJN
W
GBNM
W
FSVCJT
W
IBNM
WCFUB
https://travis-ci.org/k0kubun/hamlit/jobs/131694989
Slide 11
Slide 11 text
Ͳͷ͘Β͍มΘ͔ͬͨ
• ActionViewͰͷݩʑͷੑೳൺֱ
https://gist.github.com/k0kubun/e9363d8359d9a9604c55bd23fb28c64d
લͷϖʔδͷౕͷ"DUJPO7JFXԽ൛
FSCͷ$(*FTDBQF)5.-Խͳ͠ JT
IBNMJU
W
TMJN
W
GBNM
W
"75FNQMBUF
)FMQFST&SVCJT
IBNM
WCFUB
Slide 12
Slide 12 text
Ͳͷ͘Β͍มΘ͔ͬͨ
• ActionViewͰͷerbͷCGI.escapeHTMLԽͷޮՌ
https://gist.github.com/k0kubun/3ea0c0dba78ac2e832c8fbe5a104d04b
લͷϖʔδͷౕͷ"DUJPO7JFXԽ൛
FSCͷ$(*FTDBQF)5.-Խ͋Γ JT
IBNMJU
W
TMJN
W
GBNM
W
"75FNQMBUF
)FMQFST&SVCJT
IBNM
WCFUB