Posts tagged "simple_form"

Incorrect Access Control in Simple Form (CVE-2019-16676)

Simple Form version 5.0 was released today with a fix for a security issue that could allow an attacker to execute methods on form objects. The issue is explained in details below.

Bootstrap 3 support for Simple Form

We just released Simple Form 3.1.0.rc1 with support to Bootstrap 3. To make it possible, we leveled up the Wrapper API to make it more extensible and to allow developers to directly configure it instead of relying on global state. After such improvements, it was very easy to change the Simple Form configuration to work … »

XSS vulnerability on Simple Form

There is a XSS vulnerability on Simple Form’s label, hint and error options. Fixed versions: 3.0.1, 2.1.1

Devise and Rails 4

Devise 3.0 rc version with Rails 4 compatibility and new 2.2.4 stable version. Simple Form, Responders, Show For and Mail Form versions with Rails 4 compatibility.

SimpleForm 2.0 + Bootstrap: for you with love

The Carnival is over in Brazil but we are still partying at Plataformatec by bringing you, not a small bump, but a shiny new version: Simple Form 2.0. Simple Form 2.0 features a new wrapper API which makes it very flexible and easy to integrate with CSS frameworks like Twitter Bootstrap.

SimpleForm 1.4 is out

I’m pleased to say that we released SimpleForm 1.4. Like the last version, this release had a lot of contributions from the community, closing bugs and adding some nice features. Here is a brief introduction to some of the new features: Custom Form Builders Now you can set a custom form builder that inherits from SimpleForm::FormBuilder: … »