aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/request.rb
Commit message (Collapse)AuthorAgeFilesLines
* Making the IP Spoofing check in AbstractRequest#remote_ip configurable.Darren Boyd2008-12-011-1/+1
| | | | | | | | | | | | | | Certain groups of web proxies do not set these values properly. Notably, proxies for cell phones, which often do not set the remote IP information correctly (not surprisingly, since the clients do not have an IP address). Allowing this to be configurable makes it possible for developers to choose to ignore this simple spoofing check, when a significant amount of their traffic would result in false positives anyway. Signed-off-by: Michael Koziarski <michael@koziarski.com> [#1200 state:committed]
* Simplify Request#pathJeremy Kemper2008-11-301-5/+3
|
* Simplify REMOTE_ADDR parsingJeremy Kemper2008-11-301-1/+1
|
* Fix stupid typoMichael Koziarski2008-11-061-1/+1
|
* Backwards compatibility fixes for relative_url_rootMichael Koziarski2008-11-021-1/+2
| | | | | * Make the old deprecated relative_url_root still set the value as it's still used by mongrel * Set the default from the ENV value when the file is required, not at runtime.
* Added stale?/fresh? and fresh_when methods to provide a layer of abstraction ↵David Heinemeier Hansson2008-10-211-2/+12
| | | | above request.fresh? and friends [DHH]
* Remove unneeded interning.Michael Koziarski2008-09-301-3/+2
|
* Merge docrailsPratik Naik2008-09-031-32/+37
|
* Request#remote_ip handles the uncommon case that REMOTE_ADDR is a ↵Michael S. Klishin2008-08-271-3/+5
| | | | | | | | comma-separated list. [#523 state:resolved] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Make AbstractRequest.if_modified_sense return nil if the header could not be ↵Jamis Buck2008-08-191-1/+1
| | | | parsed
* Update tests for request memoizationJeremy Kemper2008-08-081-12/+13
|
* Simplifying usage of ETags and Last-Modified and conditional GET requestsJeremy Kemper2008-08-071-36/+108
|
* Fix file permissionsTarmo Tänav2008-07-311-0/+0
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* AbstractRequest.relative_url_root is no longer automatically configured by a ↵Joshua Peek2008-07-241-27/+14
| | | | HTTP header. It can now be set in your configuration environment with config.action_controller.relative_url_root
* Merge with docrails.Pratik Naik2008-07-161-3/+3
|
* Move accept header parsing shortcut to Mime::Type.parseJeremy Kemper2008-07-091-2/+0
|
* Request#accepts special-cases a single mime typeJeremy Kemper2008-07-091-4/+10
|
* Disable the Accept header by defaultMichael Koziarski2008-07-071-9/+25
| | | | | | | | The accept header is poorly implemented by browsers and causes strange errors when used on public sites where crawlers make requests too. You should use formatted urls (e.g. /people/1.xml) to support API clients. Alternatively to re-enable it you need to set: config.action_controller.use_accept_header = true A special case remains for ajax requests which will have a javascript format for the base resource (/people/1) if the X-Requested-With header is present. This lets ajax pages still use format.js despite there being no params[:format]
* Move template_format logic out to the request so it's alongside the ↵Michael Koziarski2008-07-031-0/+13
| | | | | | 'regular' request format. Use xhr? instead of the expensive trip through Request#accepts.
* Fixed Request#remote_ip to only raise hell if the HTTP_CLIENT_IP and ↵David Heinemeier Hansson2008-06-031-4/+5
| | | | HTTP_X_FORWARDED_FOR doesnt match (not just if theyre both present) [Mark Imbriaco, Bradford Folkens]
* Ruby 1.9 compat: ensure binary encoding for post body parsingJeremy Kemper2008-05-191-11/+17
|
* Improve documentation coverage and markupXavier Noria2008-05-021-9/+9
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Automatically parse posted JSON content for Mime::JSON requests. [rick]Rick Olson2008-04-081-4/+11
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9242 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Avoid remote_ip spoofingJeremy Kemper2008-03-281-13/+28
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9124 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that ActionController::Base#read_multipart would fail if boundary was ↵David Heinemeier Hansson2008-03-281-1/+0
| | | | | | exactly 10240 bytes (closes #10886) [ariejan] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9113 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix more obscure nested parameter hash parsing bug. Closes #10797 [thomas.lee]Rick Olson2008-03-131-1/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9020 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix nested parameter hash parsing bug. #10797 [thomas.lee]Rick Olson2008-03-111-0/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@9010 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Better error message for type conflicts when parsing params. Closes #7962 ↵Rick Olson2008-03-071-1/+1
| | | | | | [spicycode, matt] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8986 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix bug with setting Request#format= after the getter has cached the value. ↵Rick Olson2008-02-071-1/+1
| | | | | | Closes #10889 [cch1] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8811 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Provide a nicer way to access headers. request.headers["Content-Type"] ↵Michael Koziarski2008-01-111-1/+3
| | | | | | instead of request.headers["HTTP_CONTENT_TYPE"] [Koz] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8625 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Ruby 1.9 compat: file uploads. References #1689 [Frederick Cheung]Jeremy Kemper2007-12-271-2/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8492 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added OPTIONS to list of default accepted HTTP methods (closes #10449) [holoway]David Heinemeier Hansson2007-12-171-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8425 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Ignore illegal seeks on body rewind. Catches CGI errors depending on your ↵Jeremy Kemper2007-12-071-1/+7
| | | | | | httpd. Closes #10404 [Curtis Hawthorne] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8327 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Correct example for path parameters to use strings as keys in the hash ↵Marcel Molina2007-12-051-2/+3
| | | | | | rather than symbols. Closes #7160 [akaspick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8314 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Raise UnknownHttpMethod exception for unknown HTTP methods. Closes #10303 ↵Rick Olson2007-11-291-12/+21
| | | | | | [tarmo] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8235 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* memoize host with port and refactor the tests which depend on it changingMichael Koziarski2007-11-171-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8164 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed handling of non-domain hosts (closes #9479) [purp]David Heinemeier Hansson2007-11-071-2/+6
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8108 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* request.parameters doesn't overwrite request.request_parameters. Closes ↵Jeremy Kemper2007-10-221-1/+1
| | | | | | #9949 [nullstyle] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7992 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Use StringIO and Tempfile subclasses instead of defining singleton methods ↵Jeremy Kemper2007-10-061-47/+59
| | | | | | on each multipart field. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7759 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Rewind stdin if possible after multipart parsing.Jeremy Kemper2007-10-061-0/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7758 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Move #query_string to AbstractRequestJeremy Kemper2007-10-031-0/+9
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7727 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Ruby 1.9 compat, consistent load pathsJeremy Kemper2007-10-021-10/+13
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7719 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Added security notice to Request#remote_ip underlining the fact that its ↵David Heinemeier Hansson2007-09-171-0/+8
| | | | | | value can be spoofed (and that you should use Request#remote_addr if thats a concern for your application) [Adrian Holovaty] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7502 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that setting request.format would also affect respond_to blocks [DHH]David Heinemeier Hansson2007-09-151-3/+17
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7479 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Random hits from the style naziDavid Heinemeier Hansson2007-09-091-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7438 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fixed that file.content_type for uploaded files would include a trailing \r ↵David Heinemeier Hansson2007-07-241-1/+1
| | | | | | #9053 [bgreenlee] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7212 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Give the legacy X-POST_DATA_FORMAT header greater precedence during params ↵Jeremy Kemper2007-06-261-6/+8
| | | | | | parsing for backward compatibility. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7126 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Tolerate missing content type on multipart file uploads. Fix for Safari 3.Jeremy Kemper2007-06-121-4/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7005 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* request.remote_ip understands X-Forwarded-For addresses with nonstandard ↵Jeremy Kemper2007-05-281-1/+1
| | | | | | whitespace. Closes #7386. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6877 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Don't alias local varJeremy Kemper2007-05-241-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6829 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 03:27:09 +0000