aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/session
Commit message (Collapse)AuthorAgeFilesLines
* Session LazyHash#inspect triggers the hash to loadJoshua Peek2009-02-071-0/+5
|
* Update bundled Rack for Ruby 1.9 spec changesJoshua Peek2009-02-072-12/+6
|
* Temporarily bundle Rack 1.0 prerelease for testingJoshua Peek2009-02-071-1/+1
|
* Ensure session id is set in session options hash [#1880 state:resolved]Joshua Peek2009-02-062-17/+9
|
* Restore stale session check and move after dispatch development cleanups ↵Joshua Peek2009-02-051-3/+22
| | | | before the request
* Session cookie header should always be set if :expire_after option is specifiedPratik Naik2009-01-282-4/+8
|
* Restore cookie store httponly default to true. Remove extraneous dup of ↵Cody Fauser2009-01-201-3/+1
| | | | | | options on initialization [#1784 state:resolved] Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Use :key instead of old :session_key in session_store.rb generator and docs ↵Cody Fauser2009-01-131-3/+3
| | | | | | [#1746 state:resovled] Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Fix reset_session with lazy cookie stores [#1601 state:resolved]Matt Bauer2008-12-202-12/+18
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* No need to dup immutable optionsJeremy Kemper2008-12-181-1/+1
|
* Be sure to call superJeremy Kemper2008-12-181-0/+1
|
* Conditionally inject session middleware instead of using session managementJoshua Peek2008-12-182-4/+30
|
* Persistent session identifier support for CookieSessionStore and API compat. ↵Lourens Naude2008-12-182-13/+39
| | | | | | with the server side stores [#1591 state:resolved] Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Clear empty nil values in session hash before savingJoshua Peek2008-12-152-23/+6
|
* Switch to Rack based session stores.Joshua Peek2008-12-156-650/+371
|
* Merge with docrailsPratik Naik2008-12-071-0/+10
|
* Move the cookie store to use the MessageVerifier class.Michael Koziarski2008-11-231-18/+14
| | | | This removes support for ancient cookie-store generated cookies which were double escaped.
* Added support for http_only cookies in cookie_store Added unit tests for ↵Pelle Braendgaard2008-09-171-1/+2
| | | | | | | secure and http_only cookies in cookie_store Signed-off-by: Michael Koziarski <michael@koziarski.com> [#1046 state:committed]
* Strip newlines from cookie session dataJeremy Kemper2008-08-051-1/+1
|
* Use "/usr/bin/env ruby" instead of "/usr/local/bin/ruby"Tarmo Tänav2008-07-311-7/+7
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Fix file permissionsTarmo Tänav2008-07-311-0/+0
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Merge docrails.Pratik Naik2008-05-251-1/+1
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Don't double-escape cookie store data. Don't split cookie values with ↵Rich Cavanaugh2008-05-121-3/+6
| | | | | | newlines into an array. [#130 state:resolved] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Merge docrails:Pratik Naik2008-05-091-8/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit e6afd8b2736364322b673bbdcca3e9b38b6d3da0 Author: Xavier Noria <fxn@hashref.com> Date: Thu May 8 23:49:36 2008 +0200 Overall documentation improvement and markup corrections. Zillion changes. commit 2fead68b3192332eee27945ed95a94a64ca73f70 Author: Austin Putman <austin@emmanuel.local> Date: Wed May 7 19:35:46 2008 -0700 Documented class methods on ActionController::Routing. These are dangerous, and mostly used for testing. commit f5b84182dbc39bea79c8ee319c688d00fa99f9d1 Author: Teflon Ted <github@rudiment.net> Date: Wed May 7 16:08:49 2008 -0400 Added explanation about errant inflections not being patched in the future in order to avoid breaking legacy applications. commit 370f4f51722cec49ace17093d29e9ce9e8f15cfb Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 14:00:59 2008 +0200 Applied list conventions in AR::Base commit 5bd18429f09d44e75191bec42a6db04bd33f3030 Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 13:53:35 2008 +0200 Renamed Options list to Attributes list whenever they weren't option hashes in AR::Base commit d912bd5672316454457ae83f6e9dda5197beeb6f Author: Yaroslav Markin <yaroslav@markin.net> Date: Wed May 7 13:50:28 2008 +0400 Add a filter_parameter_logging usage hint to generated ApplicationController. This may help to remind the developer to filter sensitive information from application logs. Closes #11578 commit b243de0db3c2605121e055079854af5090d06374 Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:39:47 2008 -0700 doc: disambiguating an example ActiveRecord class commit f81d771f0657ae8375b84a77a059812cce5d6fd9 Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:35:05 2008 -0700 doc: ActiveRecord::Reflection::AssociationReflection#through_reflection Added documentation demonstrating the use of #through_reflection for finding intervening reflection objects for HasManyThrough and HasOneThrough. commit ae6b46f00b5b8b2939c6b37ce3329c83de7e71db Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:47:41 2008 +0800 Document AttributeAssignmentError and MultiparameterAssignmentErrors. commit 8f463550b597db2156b67733f31aed13487fbc3a Author: John Barnette <jbarnette@gmail.com> Date: Tue May 6 22:46:44 2008 -0700 Killing/fixing a bunch of outdated language in the AR README. commit aca44bcd92ef783abdf484b58abdde6786db0f89 Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:34:52 2008 +0800 Make a note about ActiveResource::Timeouterror being raised when ARes calls timeout. commit 284a930a93fbee16e25d06392779dbf2f03e9e12 Author: Jonathan Dance <jd@wuputah.com> Date: Tue May 6 14:58:26 2008 -0400 improvements to the page caching docs commit 9482da621390c874da7c921c8bd6230caae7035a Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 18:13:40 2008 +0200 validates_numericality_of() "integer" option really is "only_integer" commit e9afd6790a8f530528f6597a7f59bb283be754f6 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:11:59 2008 +0200 Harmonized hash notation in AR::Base commit 67ebf14a91ffd970b582be4ff2991d691a9cf3e1 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:06:19 2008 +0200 Turned options into rdoc-lists in AR::Base commit 0ec7c0a41d889d4e5382b9dff72f1aaba89bf297 Author: Marshall Huss <mwhuss@Macbook.local> Date: Sun May 4 23:21:33 2008 -0400 Added information of how to set element_name in the case the user has a name confliction with an existing model Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Improve documentation coverage and markupXavier Noria2008-05-021-13/+13
| | | | Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
* Ruby 1.9 compat: cookie store delete sets nil value instead of empty stringJeremy Kemper2008-01-071-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8589 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Ruby 1.9 compat: move from the deprecated Base64 module to ↵Jeremy Kemper2007-12-182-11/+9
| | | | | | ActiveSupport::Base64. Closes #10554. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8433 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix doc (closes #10526)David Heinemeier Hansson2007-12-161-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8423 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Introduce (in /Users/jeremy/rails/git/trunk) to output a crytographically ↵Jeremy Kemper2007-12-151-0/+3
| | | | | | secure secret key for use with cookie sessions. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8400 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Improve error messages when providing a secret that is too short. Closes ↵Michael Koziarski2007-11-241-4/+5
| | | | | | #10238 [Henrik N] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8200 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Make sure that cookie sessions use a secret that is at least 30 chars in ↵Michael Koziarski2007-11-211-3/+17
| | | | | | length. [Koz] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8184 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Emphasize the importance of a dictionary attack-proof secret for the cookie ↵David Heinemeier Hansson2007-11-211-1/+4
| | | | | | store git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8181 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Memcached sessions: add session data on initialization; don't silently ↵Jeremy Kemper2007-10-141-15/+8
| | | | | | discard exceptions; add unit tests. Closes #9823. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7885 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Use #require_library_or_gem to load the memcache library for the MemCache ↵Rick Olson2007-10-031-1/+1
| | | | | | session and fragment cache stores. Closes #8662. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7725 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Random hits from the style naziDavid Heinemeier Hansson2007-09-091-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7438 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix failing active record store testsMichael Koziarski2007-08-141-1/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7317 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie session store: ensure that new sessions doesn't reuse data from a ↵Jeremy Kemper2007-03-141-0/+6
| | | | | | deleted session in the same request. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6424 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie session store: raise ArgumentError when :session_key is blank.Jeremy Kemper2007-03-131-1/+6
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6415 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Add a #dbman attr_reader for CGI::Session and make ↵Rick Olson2007-03-061-6/+6
| | | | | | | | CGI::Session::CookieStore#generate_digest public so it's easy to generate digests using the cookie store's secret. [Rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6342 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie store: use OpenSSL::HMAC instead of basic hash. Introduce :secret ↵Jeremy Kemper2007-03-031-13/+28
| | | | | | block and :digest option. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6296 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie store: test that >4K raises CookieOverflow and that unverifiable ↵Jeremy Kemper2007-03-031-1/+4
| | | | | | cookies are automatically deleted. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6294 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie session store: empty and unchanged sessions don't write a cookie.Jeremy Kemper2007-02-251-1/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6226 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* CGI escape the session cookie.Jeremy Kemper2007-02-221-2/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6200 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Introduce a cookie-based session store as the Rails default. Sessions ↵Jeremy Kemper2007-02-211-0/+113
| | | | | | typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure hash is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the hash). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6184 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* ARStore needs a data reader method. Closes #4795.Jeremy Kemper2006-11-151-0/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5531 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Always clear model associations from session. Closes #4795.Jeremy Kemper2006-11-132-0/+8
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5512 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Fix problem with unloaded ARStore sessions being loaded when they are ↵Jamis Buck2006-03-081-9/+14
| | | | | | garbage collected, causing problems if there were AR objects in the session. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3817 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Major components cleanup and speedup. Closes #3527.Jeremy Kemper2006-02-091-1/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3563 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Further improvements to reloading codeNicholas Seckar2006-02-021-5/+0
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3519 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* If included_modules doesnt take a parameter, we shouldnt eitherDavid Heinemeier Hansson2006-02-011-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3509 5ecf4fe2-1ee6-0310-87b1-e25e094e27de