The Ruby on Rails community has announced Rails 2.3.5, a new release of the Ruby on Rails Web development framework that features improved support for Ruby 1.9 and more.
In a 30 November blog post, Gregg Pollack, a Rails developer and member of the Rails Activism team, said Rails 2.3.5 provides several bug fixes and one security fix. The new release is compatible with other 2.3.x versions of Rails, he said.
In addition to the improved compatibility with Ruby 1.9, Rails 2.3.5 supports a RailsXss plug-in. “If you want to have this functionality today you can install Koz’s RailsXss plug-in in Rails 2.3.5,” Pollack said.
In a post 27 November, Mike Gunderloy, a Rails developer and contributor, said, “An XSS vulnerability in strip_tags is fixed. Rails 2.3.5 supports the xss_safe plug-in, which gives you the XSS escaping features that will be the default in Rails 3.0.”
In addition, “With Rails 2.3 we were given the ability to switch out the default XML parser from REXML to other faster parsers like Nokogiri,” Pollack said. “If your application is parsing lots of XML you may want to switch to this faster XML parser.”
Gunderloy also said the MySQL adapter for Rails has been updated to allow the use of stored procedures, and a problem that prevented the debugger from going into IRB (Interactive Ruby) mode has been fixed.
Moreover, Gunderloy advises: “If you’re using Rails 2.3.x, you should upgrade to this version as soon as possible, to get the security fixes that it contains. If you’re using Rails 2.2, there’s a separate patch available. Rails versions older than 2.2 are no longer supported with security patches, and should be retired/upgraded as soon as possible.”
Troubled chip giant Intel will invest more than $28 billion to construct two new chip…
In Q3 Apple rejoins ranks of top five smartphone makers in China, as government welcomes…
IT spending growth in 2025 comes as CIOs move from proof-of-concept, and begin investment into…
Industry supply chain analyst says Apple cut orders for the iPhone 16 for Q4 2024…
Heavy fine for LinkedIn, after Irish data protection watchdog cites GDPR violations with people's personal…
UK competition regulator begins phase one investigation into Alphabet's partnership with AI startup Anthropic
View Comments
If peformance is important, vtd-xml is the best and fastest XML parsing technology on the planet
I really like this approach and use it for most of what I do online. But I get into all-or-nothing phases where I won’t even start on a project if I don’t think I can make it turn out perfect. Never starting is a waste of a good idea and opportunity.