aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal
Commit message (Expand)AuthorAgeFilesLines
...
* Address CVE-2014-4671 (JSONP Flash exploit)Greg Campbell2014-07-091-1/+1
* Merge pull request #16011 from xjlu/token_and_optionsRafael Mendonça França2014-07-041-1/+1
|\
| * Improve token_and_options regex and testXinjiang Lu2014-07-011-1/+1
* | Change the JSON renderer to enforce the 'JS' Content TypeLucas Mazza2014-07-021-1/+4
|/
* Merge pull request #15933 from rafael/masterRafael Mendonça França2014-06-271-5/+20
|\
| * Improvements per code review.Rafael Chacón2014-06-271-4/+3
| * Add always_permitted_parameters as an option.Rafael Chacón2014-06-261-5/+21
* | `:nodoc: all` does not remove the constants from the API. [ci skip]Yves Senn2014-06-241-1/+1
* | [ci skip] /javascript/ ~> JavaScriptAditya Kapoor2014-06-171-3/+3
* | Merge pull request #15692 from sromano/falseClassMatthew Draper2014-06-141-1/+6
|\ \
| * | ActionController::Parameters#require now accepts FalseClass valuesSergio Romano2014-06-131-0/+1
|/ /
* | Fix parsed token value with header `Authorization token=`.Larry Lv2014-06-131-2/+2
* | Set the status before of setting the response bodyGuillermo Iguaran2014-06-131-2/+2
* | Handle client disconnect during live streamingMatthew Draper2014-06-081-0/+48
* | adds some details to the rationale of converted_arrays [ci skip]Xavier Noria2014-06-071-0/+4
* | Revert "Convert StrongParameters cache to a hash. This fixes an unbounded"Xavier Noria2014-06-071-6/+6
* | [ci skip] Fix capitalizationAkshay Vishnoi2014-06-071-1/+1
* | eliminate wasteful AS::SafeBuffer allocationAaron Patterson2014-06-061-1/+1
* | Avoid misuse of underscore argumentCorey Ward2014-06-051-2/+2
* | Convert StrongParameters cache to a hash. This fixes an unboundedRyan Davis2014-06-031-6/+6
* | Fix docs for ActionController::Renderers.addGuillermo Iguaran2014-05-261-1/+1
* | use symbol keys for path_parametersAaron Patterson2014-05-221-1/+1
* | we can just use Ruby hereAaron Patterson2014-05-211-2/+2
* | fix formatting and text for ActionController::Redirecting docLaurel Fan2014-05-211-4/+8
* | Merge pull request #11346 from tomykaira/fix_10257Rafael Mendonça França2014-05-201-2/+14
|\ \
| * | Run login_procedure only when the auth_scheme is validtomykaira2013-07-081-7/+14
| * | Check authentication scheme in Basic authtomykaira2013-07-071-1/+6
* | | Add ActionController::Renderers.remove.Zuhao Wan2014-05-201-0/+16
* | | fixes stack level too deep exception on action named 'status' returning 'head...Christiaan Van den Poel2014-05-152-2/+2
* | | Add multiple lines message support for SSE moduleayaya2014-05-121-1/+2
* | | Moved 'params[request_forgery_protection_token]' into its own method and impr...Tom Kadwill2014-05-061-1/+1
* | | do not allocate strings while creating urlsAaron Patterson2014-04-301-1/+1
* | | don't allocate string on hash accessAaron Patterson2014-04-301-1/+1
* | | ActionController::Renderers documentation fixStevie Graham2014-04-201-2/+2
* | | [ci skip] builtin -> built-inAkshay Vishnoi2014-04-201-1/+1
* | | Tiny doc fix for Strong ParametersIan C. Anderson2014-03-301-1/+1
* | | Replace trivial regexp with string or index, twice as fastKelley Reynolds2014-03-281-1/+1
* | | re-raise error if error occurs before committing in streamingKevin Casey2014-03-141-10/+11
* | | use the body proxy to freeze headersAaron Patterson2014-03-121-2/+8
* | | just ask the response for the commit status, we do not need to ask the jarAaron Patterson2014-03-121-1/+1
* | | only write the jar if the response isn't committedAaron Patterson2014-03-121-4/+8
* | | Merge pull request #14280 from joho/make_csrf_failure_logging_optionalSantiago Pastorino2014-03-081-1/+7
|\ \ \
| * | | Make CSRF failure logging optional/configurable.John Barton (joho)2014-03-051-1/+7
* | | | Do note remove `Content-Type` when `render :body`Prem Sichanugrist2014-03-052-5/+3
|/ / /
* | | use built-in exception handling in live controllersAaron Patterson2014-02-281-2/+5
* | | live controllers should have live responsesAaron Patterson2014-02-281-2/+14
* | | set the error callback to a nice default in case nobody set an error callback...Aaron Patterson2014-02-281-1/+1
* | | Fix controller test not resetting @_url_optionsTony Wooster2014-02-261-1/+0
* | | Simple Sungularize ActionController::UnpermittedParameters error in case when...Serj L2014-02-241-1/+1
* | | Update Docs in favor to use render plain instead of text optionrobertomiranda2014-02-182-7/+7