aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal/request_forgery_protection.rb
diff options
context:
space:
mode:
authorJeremy Daer <jeremydaer@gmail.com>2016-03-31 17:47:00 -0700
committerJeremy Daer <jeremydaer@gmail.com>2016-03-31 18:15:32 -0700
commitc1c9c690401bff43b350241cb58b6017ca5fe632 (patch)
tree872aefa9209475c9939c1ab219e0709b51358453 /actionpack/lib/action_controller/metal/request_forgery_protection.rb
parenta26a3a075637215c9028308436ca89cba8da2ed5 (diff)
downloadrails-c1c9c690401bff43b350241cb58b6017ca5fe632.tar.gz
rails-c1c9c690401bff43b350241cb58b6017ca5fe632.tar.bz2
rails-c1c9c690401bff43b350241cb58b6017ca5fe632.zip
Strong ETag validators
* Introduce `Response#strong_etag=` and `#weak_etag=` and analogous options for `fresh_when` and `stale?`. `Response#etag=` sets a weak ETag. Strong ETags are desirable when you're serving byte-for-byte identical responses that support Range requests, like PDFs or videos (typically done by reproxying the response from a backend storage service). Also desirable when fronted by some CDNs that support strong ETags only, like Akamai. * No longer strips quotes (`"`) from ETag values before comparing them. Quotes are significant, part of the ETag. A quoted ETag and an unquoted one are not the same entity. * Support `If-None-Match: *`. Rarely useful for GET requests; meant to provide some optimistic concurrency control for PUT requests.
Diffstat (limited to 'actionpack/lib/action_controller/metal/request_forgery_protection.rb')
0 files changed, 0 insertions, 0 deletions