Added support for HTTP Only cookies (works in IE6+ and FF 2.0.5+) as an improvement for XSS attacks (closes #8895) [lifo/Spakman]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7525 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
author: David Heinemeier Hansson <david@loudthinking.com> 2007-09-21 15:05:49 +0000
committer: David Heinemeier Hansson <david@loudthinking.com> 2007-09-21 15:05:49 +0000
commit: eede82ccb980d9d1c67cddc6972a7125ddab1949 (patch)
tree: 58a454089b3c9d28c477a27f3ba7f0c061fc4668 /actionpack/CHANGELOG
parent: 26238ac1731208949312f4f91d75011a2da30d49 (diff)
download: rails-eede82ccb980d9d1c67cddc6972a7125ddab1949.tar.gz
rails-eede82ccb980d9d1c67cddc6972a7125ddab1949.tar.bz2
rails-eede82ccb980d9d1c67cddc6972a7125ddab1949.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG
index 11f08e5b23..facdeb56b1 100644
--- a/actionpack/CHANGELOG
+++ b/actionpack/CHANGELOG
@@ -1,5 +1,7 @@
 *SVN*
 
+* Added support for HTTP Only cookies (works in IE6+ and FF 2.0.5+) as an improvement for XSS attacks #8895 [lifo/Spakman]
+
 * Don't warn when a path segment precedes a required segment. Closes #9615. [Nicholas Seckar]
 
 * Fixed CaptureHelper#content_for to work with the optional content parameter instead of just the block #9434 [sandofsky/wildchild].
author	David Heinemeier Hansson <david@loudthinking.com>	2007-09-21 15:05:49 +0000
committer	David Heinemeier Hansson <david@loudthinking.com>	2007-09-21 15:05:49 +0000
commit	eede82ccb980d9d1c67cddc6972a7125ddab1949 (patch)
tree	58a454089b3c9d28c477a27f3ba7f0c061fc4668 /actionpack/CHANGELOG
parent	26238ac1731208949312f4f91d75011a2da30d49 (diff)
download	rails-eede82ccb980d9d1c67cddc6972a7125ddab1949.tar.gz rails-eede82ccb980d9d1c67cddc6972a7125ddab1949.tar.bz2 rails-eede82ccb980d9d1c67cddc6972a7125ddab1949.zip