aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal
Commit message (Expand)AuthorAgeFilesLines
* Merge pull request #16570 from bradleybuda/breach-mitigation-mask-csrf-tokenJeremy Kemper2014-08-191-3/+65
|\
| * Auth token mask from breach-mitigation-rails gemBradley Buda2014-08-191-3/+65
* | Merge pull request #16299 from sikachu/ps-safer-ac-paramsJeremy Kemper2014-08-191-3/+84
|\ \
| * | User `#to_hash` instead of calling `super`Prem Sichanugrist2014-08-181-1/+1
| * | Fix failing test on several methods on ParameterPrem Sichanugrist2014-08-181-1/+25
| * | Refactor code to reduce duplicate `self.class.new`Prem Sichanugrist2014-08-181-12/+10
| * | Add missing `Hash` methods to `AC::Parameters`Prem Sichanugrist2014-08-181-0/+40
| * | Make `AC::Params#to_h` return Hash with safe keysPrem Sichanugrist2014-08-181-0/+19
* | | Merge branch 'master' of github.com:rails/docrailsVijay Dev2014-08-191-2/+2
|\ \ \ | |/ / |/| |
| * | Uppercase HTML in docs.Hendy Tanata2014-08-082-9/+9
* | | `responders` 1.x won't do it. Told you to RTFM for details!Godfrey Chan2014-08-171-3/+6
* | | The gem is called 'responders'Godfrey Chan2014-08-171-2/+2
* | | Raise a more helpful error for people who are using these extracted featuresGodfrey Chan2014-08-171-1/+16
* | | Move respond_with to the responders gemJosé Valim2014-08-172-528/+3
* | | When your templates change, browser caches bust automatically.Jeremy Kemper2014-08-172-6/+81
| |/ |/|
* | Pass block for logging.Guo Xiang Tan2014-08-091-4/+6
* | refactor Redirecting so we do not need a controller instanceAaron Patterson2014-08-061-3/+5
|/
* just set the host, no need for another hash allocation / merge!Aaron Patterson2014-08-011-1/+1
* Simplify code branch, remove #tapCarlos Antonio da Silva2014-07-311-7/+6
* Avoid a new hash objectCarlos Antonio da Silva2014-07-311-1/+1
* Fix protect_from_forgery docsDavid Albert2014-07-271-1/+1
* docs, add ref where to find valid `head` status symbols.Yves Senn2014-07-251-0/+2
* Don't accept parameters as argument for redirect to [via @homakov]Santiago Pastorino2014-07-161-0/+1
* Removed single space padding from empty response body.Godfrey Chan2014-07-101-6/+2
* Address CVE-2014-4671 (JSONP Flash exploit)Greg Campbell2014-07-091-1/+1
* Merge pull request #16011 from xjlu/token_and_optionsRafael Mendonça França2014-07-041-1/+1
|\
| * Improve token_and_options regex and testXinjiang Lu2014-07-011-1/+1
* | Change the JSON renderer to enforce the 'JS' Content TypeLucas Mazza2014-07-021-1/+4
|/
* Merge pull request #15933 from rafael/masterRafael Mendonça França2014-06-271-5/+20
|\
| * Improvements per code review.Rafael Chacón2014-06-271-4/+3
| * Add always_permitted_parameters as an option.Rafael Chacón2014-06-261-5/+21
* | `:nodoc: all` does not remove the constants from the API. [ci skip]Yves Senn2014-06-241-1/+1
* | [ci skip] /javascript/ ~> JavaScriptAditya Kapoor2014-06-171-3/+3
* | Merge pull request #15692 from sromano/falseClassMatthew Draper2014-06-141-1/+6
|\ \
| * | ActionController::Parameters#require now accepts FalseClass valuesSergio Romano2014-06-131-0/+1
|/ /
* | Fix parsed token value with header `Authorization token=`.Larry Lv2014-06-131-2/+2
* | Set the status before of setting the response bodyGuillermo Iguaran2014-06-131-2/+2
* | Handle client disconnect during live streamingMatthew Draper2014-06-081-0/+48
* | adds some details to the rationale of converted_arrays [ci skip]Xavier Noria2014-06-071-0/+4
* | Revert "Convert StrongParameters cache to a hash. This fixes an unbounded"Xavier Noria2014-06-071-6/+6
* | [ci skip] Fix capitalizationAkshay Vishnoi2014-06-071-1/+1
* | eliminate wasteful AS::SafeBuffer allocationAaron Patterson2014-06-061-1/+1
* | Avoid misuse of underscore argumentCorey Ward2014-06-051-2/+2
* | Convert StrongParameters cache to a hash. This fixes an unboundedRyan Davis2014-06-031-6/+6
* | Fix docs for ActionController::Renderers.addGuillermo Iguaran2014-05-261-1/+1
* | use symbol keys for path_parametersAaron Patterson2014-05-221-1/+1
* | we can just use Ruby hereAaron Patterson2014-05-211-2/+2
* | fix formatting and text for ActionController::Redirecting docLaurel Fan2014-05-211-4/+8
* | Merge pull request #11346 from tomykaira/fix_10257Rafael Mendonça França2014-05-201-2/+14
|\ \
| * | Run login_procedure only when the auth_scheme is validtomykaira2013-07-081-7/+14