aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/session/cookie_store.rb
Commit message (Expand)AuthorAgeFilesLines
* Clear empty nil values in session hash before savingJoshua Peek2008-12-151-22/+3
* Switch to Rack based session stores.Joshua Peek2008-12-151-150/+206
* Move the cookie store to use the MessageVerifier class.Michael Koziarski2008-11-231-18/+14
* Added support for http_only cookies in cookie_store Added unit tests for secu...Pelle Braendgaard2008-09-171-1/+2
* Strip newlines from cookie session dataJeremy Kemper2008-08-051-1/+1
* Merge docrails.Pratik Naik2008-05-251-1/+1
* Don't double-escape cookie store data. Don't split cookie values with newline...Rich Cavanaugh2008-05-121-3/+6
* Improve documentation coverage and markupXavier Noria2008-05-021-13/+13
* Ruby 1.9 compat: cookie store delete sets nil value instead of empty stringJeremy Kemper2008-01-071-1/+1
* Ruby 1.9 compat: move from the deprecated Base64 module to ActiveSupport::Bas...Jeremy Kemper2007-12-181-3/+2
* Fix doc (closes #10526)David Heinemeier Hansson2007-12-161-1/+1
* Introduce (in /Users/jeremy/rails/git/trunk) to output a crytographically sec...Jeremy Kemper2007-12-151-0/+3
* Improve error messages when providing a secret that is too short. Closes #10...Michael Koziarski2007-11-241-4/+5
* Make sure that cookie sessions use a secret that is at least 30 chars in leng...Michael Koziarski2007-11-211-3/+17
* Emphasize the importance of a dictionary attack-proof secret for the cookie s...David Heinemeier Hansson2007-11-211-1/+4
* Cookie session store: ensure that new sessions doesn't reuse data from a dele...Jeremy Kemper2007-03-141-0/+6
* Cookie session store: raise ArgumentError when :session_key is blank.Jeremy Kemper2007-03-131-1/+6
* Add a #dbman attr_reader for CGI::Session and make CGI::Session::CookieStore#...Rick Olson2007-03-061-6/+6
* Cookie store: use OpenSSL::HMAC instead of basic hash. Introduce :secret bloc...Jeremy Kemper2007-03-031-13/+28
* Cookie store: test that >4K raises CookieOverflow and that unverifiable cooki...Jeremy Kemper2007-03-031-1/+4
* Cookie session store: empty and unchanged sessions don't write a cookie.Jeremy Kemper2007-02-251-1/+2
* CGI escape the session cookie.Jeremy Kemper2007-02-221-2/+2
* Introduce a cookie-based session store as the Rails default. Sessions typical...Jeremy Kemper2007-02-211-0/+113