Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | revises implementation and documentation of csrf_meta_tags, and aliases ↵ | Xavier Noria | 2010-09-11 | 1 | -2/+2 |
| | | | | csrf_meta_tag to it for backwards compatibilty | ||||
* | Revert "Setup explicit requires for files with exceptions. Removed them from ↵ | José Valim | 2010-09-02 | 1 | -1/+0 |
| | | | | | | | | autoloading." Booting a new Rails application does not work after this commit [#5359 state:open] This reverts commit 38a421b34d0b414564e919f67d339fac067a56e6. | ||||
* | Setup explicit requires for files with exceptions. Removed them from ↵ | Łukasz Strzałkowski | 2010-09-02 | 1 | -0/+1 |
| | | | | | | autoloading. Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
* | Reflect how CSRF protection now works and refer to the Security Guide for ↵ | Joost Baaij | 2010-08-26 | 1 | -36/+18 |
| | | | | more information | ||||
* | Fix a bunch of minor spelling mistakes | Evgeniy Dolzhenko | 2010-06-11 | 1 | -1/+1 |
| | |||||
* | Changes made while working on upgrading cells to Rails 3 | wycats | 2010-06-02 | 1 | -0/+1 |
| | |||||
* | Clean up the config object in ActionPack. Create config_accessor which just ↵ | José Valim | 2010-04-22 | 1 | -74/+44 |
| | | | | delegates to the config object, reducing the number of deprecations and add specific tests. | ||||
* | ActionController::Base.request_forgery_protection_token should actually be ↵ | Carl Lerche | 2010-03-11 | 1 | -1/+1 |
| | | | | the name of the token and not true. | ||||
* | Move request forgery protection configuration to the AC config object | Carl Lerche | 2010-03-08 | 1 | -4/+41 |
| | | | | This is an interim solution pending revisiting the rails framework configuration situation. | ||||
* | Convert to class_attribute | Jeremy Kemper | 2010-02-01 | 1 | -2/+4 |
| | |||||
* | Use extlib_inheritable_accessor in request_forgery_protection.rb. | Carl Lerche | 2009-12-29 | 1 | -1/+1 |
| | | | For some reason the current class_inheritable_accessor does not play nice with included hooks. class_inheritable_accessor will be revised shortly. | ||||
* | Merge Session stuff into RackConvenience | Joshua Peek | 2009-12-20 | 1 | -16/+16 |
| | |||||
* | Extract form_authenticity_param instance method so it's overridable in ↵ | Jeremy Kemper | 2009-11-17 | 1 | -0/+5 |
| | | | | subclasses | ||||
* | Reorganize CSRF a bit | Yehuda Katz | 2009-10-28 | 1 | -33/+23 |
| | |||||
* | Rename /base to /metal and make base.rb and metal.rb top-level to reflect ↵ | Yehuda Katz | 2009-08-06 | 1 | -0/+118 |
their module locations |