aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal
Commit message (Expand)AuthorAgeFilesLines
* Update documentation to ActionController::ConditionalGetAnatoly Mikhaylov2018-09-031-0/+6
* Faster permitted_scalar_filterschneems2018-08-311-8/+20
* [ci skip] Document permitted_scalar_filterschneems2018-08-301-0/+10
* Merge pull request #33718 from kddeisz/permit-listMatthew Draper2018-08-295-12/+12
|\
| * Permit list usage cleanup and clearer documentationKevin Deisz2018-08-272-4/+4
| * Convert remaining usage of whitelist and blacklistKevin Deisz2018-08-241-2/+2
| * Convert over the rest of the whitelist referencesKevin Deisz2018-08-244-8/+8
* | Call block to #redirect_to in controller context (#33735)speckins2018-08-271-1/+1
* | Format respond_to method as code in doc [ci skip]Rob Zolkos2018-08-251-1/+1
|/
* Use string lengths instead of regexp to extract pathMatthew Draper2018-08-231-2/+1
* Fix rubocop offensesbogdanvlviv2018-08-151-1/+1
* Merge pull request #31640 from gingerlime/patch-1Richard Schneeman2018-08-101-4/+11
|\
| * fixes #27157 CSRF protection documentationgingerlime2018-01-051-4/+11
* | Merge pull request #28937 from maclover7/jm-fix-28927Rafael França2018-07-311-1/+1
|\ \
| * | Default content type for `head` is `text/html`Jon Moss2017-04-301-1/+1
* | | Raises exception when respond_to called multiple times in incompatible wayPatrick Toomey2018-07-302-0/+21
* | | Merge pull request #32381 from q-centrix/update-codeclimate-configsRichard Schneeman2018-07-251-3/+1
|\ \ \
| * | | Turn on performance based copsDillon Welch2018-07-231-3/+1
* | | | Rails guides are now served over httpsPaul McMahon2018-07-241-1/+1
|/ / /
* | | Clarify example of the test `ActionController::HttpAuthentication::Token` [ci...bogdanvlviv2018-07-211-4/+3
* | | [ci skip] Fix syntax error + make example easier to follow.Kasper Timm Hansen2018-07-201-2/+3
* | | Fix basic auth problem in ActionController::HttpAuthentication::Basic doc黄松2018-07-201-2/+2
* | | Convert hashes into parameters (#33076)Kevin Sjöberg2018-06-191-10/+8
* | | Add support for more HTTP cache controlsDaniel Schierbeck2018-06-131-1/+3
* | | Avoid unused capture in `non_xhr_javascript_response?`Ryuta Kamizono2018-05-311-1/+1
* | | Include application/javascript when checking content_typeGabriel Jaldon2018-05-271-1/+1
* | | Speed up xor_byte_strings by 70%Jeremy Evans2018-05-181-3/+8
* | | Fix documentation for ActionController::Params#fetchLinus Marton2018-05-181-1/+3
* | | Merge pull request #29286 from vinistock/create_missing_exact_template_exceptionRafael Mendonça França2018-04-202-12/+5
|\ \ \
| * | | Create MissingExactTemplate exception with separate templateVinicius Stock2018-04-202-12/+5
* | | | Fixes StrongParameters permit! to work with nested arraysSteve Hull2018-04-161-1/+1
* | | | Merge pull request #32484 from kddeisz/default-headersRafael França2018-04-101-0/+17
|\ \ \ \
| * | | | Include default headers by default in API modeKevin Deisz2018-04-061-0/+17
* | | | | Improve the null origin error messagePatrik Bóna2018-04-091-1/+1
|/ / / /
* | | | Remove superfluous `ActionController::`Francois Chagnon2018-04-041-1/+1
* | | | Merge pull request #32336 from vincedevendra/allow_mutating_dig_return_valueAaron Patterson2018-04-021-1/+2
|\ \ \ \
| * | | | Make mutating params#dig mutate underlying paramsVince DeVendra2018-03-241-1/+2
* | | | | Deprecate controller level force_sslDerek Prior2018-03-301-55/+14
|/ / / /
* | | | Remove unnecessary `Hash.method_defined?(:dig)` checkingyuuji.yaginuma2018-03-111-13/+11
* | | | Always yield a CSP policy instanceAndrew White2018-03-081-1/+5
* | | | Add the ability to disable the global CSP in a controllerAndrew White2018-03-081-1/+5
* | | | Add support for automatic nonce generation for Rails UJSAndrew White2018-02-191-0/+18
* | | | Rails 6 requires Ruby 2.4.1+Jeremy Daer2018-02-171-1/+0
* | | | Remove usage of strip_heredoc in the framework in favor of <<~Rafael Mendonça França2018-02-161-2/+1
|/ / /
* | / Fix typos, update documentationJames Lovejoy2018-01-111-2/+2
| |/ |/|
* | Add missing require for `strip_heredoc`Peter Wagenet2018-01-041-0/+1
* | Added reference to default value of `allow_other_host` [ci skip]Prathamesh Sonpatki2017-12-171-1/+1
* | [ci skip] update linkDixit Patel2017-12-151-1/+1
* | Merge pull request #30780 from JackMc/fix-chrome-referrer-invalidauthenticity...Sean Griffin2017-12-071-0/+10
|\ \
| * | Add a better error message when a "null" Origin header occursJack McCracken2017-11-031-0/+10