Commit 56c16891903a905d1490786cd41615b9abe7fc4d
1 parent
5a405e1f
Exists in
master
and in
1 other branch
update vote.to_xml to handle serialized tracking
security fix disallowed parsing of YAML in XML
Showing
1 changed file
with
12 additions
and
0 deletions
Show diff stats
app/models/vote.rb
| ... | ... | @@ -70,4 +70,16 @@ class Vote < ActiveRecord::Base |
| 70 | 70 | loser_choice.compute_score! |
| 71 | 71 | end |
| 72 | 72 | end |
| 73 | + | |
| 74 | + def to_xml(options={}) | |
| 75 | + opts = {:except => 'tracking'} | |
| 76 | + options.merge!(opts) | |
| 77 | + super(options) do |xml| | |
| 78 | + xml.tracking do | |
| 79 | + self.tracking.each do |key, value| | |
| 80 | + xml.tag!(key.to_s) { value } | |
| 81 | + end | |
| 82 | + end | |
| 83 | + end | |
| 84 | + end | |
| 73 | 85 | end | ... | ... |