| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Authorization scheme should be case insensitive. Fixes #21199 | Dennis Suratna | 2015-08-11 | 1 | -1/+1 |
| | | |||||
| * | Stop using deprecated `render :text` in test | Prem Sichanugrist | 2015-07-17 | 1 | -1/+1 |
| | | | | | | | | | | This will silence deprecation warnings. Most of the test can be changed from `render :text` to render `:plain` or `render :body` right away. However, there are some tests that needed to be fixed by hand as they actually assert the default Content-Type returned from `render :body`. | ||||
| * | Add missing "header" word in documentation of Token#authentication_request ↵ | Prathamesh Sonpatki | 2015-06-14 | 1 | -1/+1 |
| | | | | | [ci skip] | ||||
| * | allow `Bearer` as well as `Token` | phoet | 2015-06-01 | 1 | -1/+1 |
| | | |||||
| * | Give authentication methods the ability to customize response message. | Keenan Brock | 2015-05-03 | 1 | -14/+16 |
| | | | | | Digest allowed the messages. Add the same feature to basic and token | ||||
| * | Tiny optimization of http auth Realm unquoting | Strech (Sergey Fedorov) | 2015-04-14 | 1 | -2/+2 |
| | | |||||
| * | Freeze static arguments for gsub | brainopia | 2015-04-02 | 1 | -2/+2 |
| | | |||||
| * | Prefer string patterns for gsub | brainopia | 2015-04-02 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | https://github.com/ruby/ruby/pull/579 - there is a new optimization since ruby 2.2 Previously regexp patterns were faster (since a string was converted to regexp underneath anyway). But now string patterns are faster and better reflect the purpose. Benchmark.ips do |bm| bm.report('regexp') { 'this is ::a random string'.gsub(/::/, '/') } bm.report('string') { 'this is ::a random string'.gsub('::', '/') } bm.compare! end # string: 753724.4 i/s # regexp: 501443.1 i/s - 1.50x slower | ||||
| * | Doc fix [ci skip] | Sushruth Sivaramakrishnan | 2015-03-05 | 1 | -1/+1 |
| | | |||||
| * | Fixed undefined method error when doing authentication. | Zhang Kai Yu | 2015-01-24 | 1 | -2/+2 |
| | | |||||
| * | Minor documentation edits [ci skip] | Robin Dupret | 2014-12-28 | 1 | -1/+1 |
| | | |||||
| * | Update example test documentation | Ben Prew | 2014-12-28 | 1 | -4/+2 |
| | | | | Example does not work with session headers, should use request headers. [ci skip] | ||||
| * | Merge pull request #17186 from tgxworld/header_authentication_token | Matthew Draper | 2014-11-27 | 1 | -2/+9 |
| |\ | | | | | | | Allow authentication header to not have to specify 'token=' key. | ||||
| | * | Allow authentication header to not have to specify 'token=' key. | Guo Xiang Tan | 2014-10-10 | 1 | -2/+9 |
| | | | | | | | | | Fixes: https://github.com/rails/rails/issues/17108. | ||||
| * | | Wrap code snippets in +, not backticks, in sdoc | claudiob | 2014-11-20 | 1 | -3/+3 |
| |/ | | | | | | | | I grepped the source code for code snippets wrapped in backticks in the comments and replaced the backticks with plus signs so they are correctly displayed in the Rails documentation. [ci skip] | ||||
| * | Improve token_and_options regex and test | Xinjiang Lu | 2014-07-01 | 1 | -1/+1 |
| | | | | | add a test case to test the regex for the helper method raw_params | ||||
| * | Fix parsed token value with header `Authorization token=`. | Larry Lv | 2014-06-13 | 1 | -2/+2 |
| | | |||||
| * | Set the status before of setting the response body | Guillermo Iguaran | 2014-06-13 | 1 | -2/+2 |
| | | | | | | | | The 401 status should be set first because setting the response body in a live controller also closes the response to further changes. Fixes #14229. | ||||
| * | Merge pull request #11346 from tomykaira/fix_10257 | Rafael Mendonça França | 2014-05-20 | 1 | -2/+14 |
| |\ | | | | | Check authentication scheme in Basic auth | ||||
| | * | Run login_procedure only when the auth_scheme is valid | tomykaira | 2013-07-08 | 1 | -7/+14 |
| | | | |||||
| | * | Check authentication scheme in Basic auth | tomykaira | 2013-07-07 | 1 | -1/+6 |
| | | | | | | | | | | | | | | | | | | | | | `authenticate_with_http_basic` and its families should check the authentication schema is "Basic". Different schema, such as OAuth2 Bearer should be rejected by basic auth, but it was passing as the test shows. This fixes #10257. | ||||
| * | | Replace trivial regexp with string or index, twice as fast | Kelley Reynolds | 2014-03-28 | 1 | -1/+1 |
| | | | |||||
| * | | Update Docs in favor to use render plain instead of text option | robertomiranda | 2014-02-18 | 1 | -6/+6 |
| |/ | | | | ref #14062 | ||||
| * | Prefer find_by over dynamic finders in rdoc | Sam Ruby | 2013-04-02 | 1 | -2/+2 |
| | | |||||
| * | Digest auth should not 500 when given a basic header. | Brad Dunbar | 2013-03-18 | 1 | -0/+1 |
| | | |||||
| * | Revert "Merge pull request #8989 from robertomiranda/use-rails-4-find-by" | Guillermo Iguaran | 2013-01-18 | 1 | -2/+2 |
| | | | | | | This reverts commit 637a7d9d357a0f3f725b0548282ca8c5e7d4af4a, reversing changes made to 5937bd02dee112646469848d7fe8a8bfcef5b4c1. | ||||
| * | User Rails 4 find_by | robertomiranda | 2013-01-18 | 1 | -2/+2 |
| | | |||||
| * | Namespace HashWithIndifferentAccess | Akira Matsuda | 2013-01-07 | 1 | -1/+1 |
| | | |||||
| * | "warning: ambiguous first argument; put parentheses or even spaces" | Akira Matsuda | 2012-12-24 | 1 | -1/+1 |
| | | |||||
| * | Refactoring the token_and_options method to fix bugs | Kurtis Rainbolt-Greene | 2012-12-15 | 1 | -11/+27 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adding a test for the equal trun bug Adding a test for the after equal trunc bug Adding a test for the slash bug Adding a test for the slash quote bug Adding a helper method for creating a sample request object with token Writing a method to create params array from raw params Writing a method to rewrite param values in the params Writing a method to get the token params from an authorization value Refactoring the token_and_options method to fix bugs Removing unnessecary test A constant for this shared regex seemed appropriate Wanting to split up this logic Adding small documentation pieces | ||||
| * | update documentation and code to use _action callbacks | Francesco Rodriguez | 2012-12-07 | 1 | -5/+5 |
| | | |||||
| * | Allow users to change the default salt if they want, shouldn't be necessary | Santiago Pastorino | 2012-11-03 | 1 | -2/+3 |
| | | |||||
| * | Use derived keys everywhere, http_authentication was missing it | Santiago Pastorino | 2012-11-03 | 1 | -3/+2 |
| | | |||||
| * | Multiple changes to 1,9 hash syntax | AvnerCohen | 2012-10-27 | 1 | -10/+10 |
| | | |||||
| * | Merge branch 'master' of github.com:lifo/docrails | Vijay Dev | 2012-08-04 | 1 | -1/+1 |
| |\ | | | | | | | | | | | Conflicts: activemodel/lib/active_model/secure_password.rb activerecord/lib/active_record/associations/collection_proxy.rb | ||||
| | * | use 'HTTP_AUTHORIZATION' instead of :authorization as key when dealing with ↵ | Francesco Rodriguez | 2012-07-27 | 1 | -1/+1 |
| | | | | | | | | | HTTP Token authentication in integration tests | ||||
| * | | Merge pull request #7240 from steveklabnik/fix_2301 | Rafael Mendonça França | 2012-08-02 | 1 | -1/+1 |
| |\ \ | | | | | | | Fix for digest authentication bug - issue #2301 in rails/rails | ||||
| | * | | Fix for digest authentication bug - issue #2301 in rails/rails | Arthur Smith | 2012-08-02 | 1 | -1/+1 |
| | | | | |||||
| * | | | load active_support/core_ext/object/blank in active_support/rails | Xavier Noria | 2012-08-02 | 1 | -1/+0 |
| |/ / | |||||
| * / | * Do not convert digest auth strings to symbols. CVE-2012-3424 | Aaron Patterson | 2012-07-26 | 1 | -2/+2 |
| |/ | | | | | Conflicts: actionpack/lib/action_controller/metal/http_authentication.rb | ||||
| * | Don't raise an error if http auth token isn't well formatted | Piotr Sarnacki | 2012-07-11 | 1 | -4/+6 |
| | | | | | | | | | | | | | | | When someone sends malformed authorization header, like: Authorization: Token foobar given token should be just ignored and resource should not be authorized, instead of raising error. Before this patch controller would return 401 header only for well formed tokens, like: Authorization: Token token=foobar and would return 500 in former case. | ||||
| * | moar copy edits [ci skip] | Vijay Dev | 2012-06-14 | 1 | -2/+1 |
| | | |||||
| * | fixed http token authentication formatting | Jakub Kuźma | 2012-06-12 | 1 | -8/+13 |
| | | |||||
| * | Move HTTP Token auth docs above the Token module | Elia Schito | 2012-05-11 | 1 | -42/+44 |
| | | |||||
| * | Updated/changed useless tr/gsubs | Jurriaan Pruis | 2012-04-03 | 1 | -1/+1 |
| | | |||||
| * | fix api doc [ci skip] | Vijay Dev | 2012-03-01 | 1 | -1/+1 |
| | | |||||
| * | Add config.default_method_for_update to support PATCH | David Lee | 2012-02-22 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | PATCH is the correct HTML verb to map to the #update action. The semantics for PATCH allows for partial updates, whereas PUT requires a complete replacement. Changes: * adds config.default_method_for_update you can set to :patch * optionally use PATCH instead of PUT in resource routes and forms * adds the #patch verb to routes to detect PATCH requests * adds #patch? to Request * changes documentation and comments to indicate support for PATCH This change maintains complete backwards compatibility by keeping :put as the default for config.default_method_for_update. | ||||
| * | example bracket error | Damian Le Nouaille | 2012-01-23 | 1 | -1/+1 |
| | | |||||
| * | fix base64 require | Sergey Nartimov | 2012-01-03 | 1 | -1/+1 |
| | | |||||
| * | remove ActiveSupport::Base64 in favor of ::Base64 | Sergey Nartimov | 2012-01-02 | 1 | -4/+4 |
| | | |||||
 |
index : rails.git | |
| Mirror of official rails repo with custom fixes. | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |