| Commit message (Expand) | Author | Age | Files | Lines |
* | Added support for http_only cookies in cookie_store Added unit tests for secu... | Pelle Braendgaard | 2008-09-17 | 1 | -1/+2 |
* | Strip newlines from cookie session data | Jeremy Kemper | 2008-08-05 | 1 | -1/+1 |
* | Use "/usr/bin/env ruby" instead of "/usr/local/bin/ruby" | Tarmo Tänav | 2008-07-31 | 1 | -7/+7 |
* | Fix file permissions | Tarmo Tänav | 2008-07-31 | 1 | -0/+0 |
* | Merge docrails. | Pratik Naik | 2008-05-25 | 1 | -1/+1 |
* | Don't double-escape cookie store data. Don't split cookie values with newline... | Rich Cavanaugh | 2008-05-12 | 1 | -3/+6 |
* | Merge docrails: | Pratik Naik | 2008-05-09 | 1 | -8/+13 |
* | Improve documentation coverage and markup | Xavier Noria | 2008-05-02 | 1 | -13/+13 |
* | Ruby 1.9 compat: cookie store delete sets nil value instead of empty string | Jeremy Kemper | 2008-01-07 | 1 | -1/+1 |
* | Ruby 1.9 compat: move from the deprecated Base64 module to ActiveSupport::Bas... | Jeremy Kemper | 2007-12-18 | 2 | -11/+9 |
* | Fix doc (closes #10526) | David Heinemeier Hansson | 2007-12-16 | 1 | -1/+1 |
* | Introduce (in /Users/jeremy/rails/git/trunk) to output a crytographically sec... | Jeremy Kemper | 2007-12-15 | 1 | -0/+3 |
* | Improve error messages when providing a secret that is too short. Closes #10... | Michael Koziarski | 2007-11-24 | 1 | -4/+5 |
* | Make sure that cookie sessions use a secret that is at least 30 chars in leng... | Michael Koziarski | 2007-11-21 | 1 | -3/+17 |
* | Emphasize the importance of a dictionary attack-proof secret for the cookie s... | David Heinemeier Hansson | 2007-11-21 | 1 | -1/+4 |
* | Memcached sessions: add session data on initialization; don't silently discar... | Jeremy Kemper | 2007-10-14 | 1 | -15/+8 |
* | Use #require_library_or_gem to load the memcache library for the MemCache ses... | Rick Olson | 2007-10-03 | 1 | -1/+1 |
* | Random hits from the style nazi | David Heinemeier Hansson | 2007-09-09 | 1 | -1/+1 |
* | Fix failing active record store tests | Michael Koziarski | 2007-08-14 | 1 | -1/+2 |
* | Cookie session store: ensure that new sessions doesn't reuse data from a dele... | Jeremy Kemper | 2007-03-14 | 1 | -0/+6 |
* | Cookie session store: raise ArgumentError when :session_key is blank. | Jeremy Kemper | 2007-03-13 | 1 | -1/+6 |
* | Add a #dbman attr_reader for CGI::Session and make CGI::Session::CookieStore#... | Rick Olson | 2007-03-06 | 1 | -6/+6 |
* | Cookie store: use OpenSSL::HMAC instead of basic hash. Introduce :secret bloc... | Jeremy Kemper | 2007-03-03 | 1 | -13/+28 |
* | Cookie store: test that >4K raises CookieOverflow and that unverifiable cooki... | Jeremy Kemper | 2007-03-03 | 1 | -1/+4 |
* | Cookie session store: empty and unchanged sessions don't write a cookie. | Jeremy Kemper | 2007-02-25 | 1 | -1/+2 |
* | CGI escape the session cookie. | Jeremy Kemper | 2007-02-22 | 1 | -2/+2 |
* | Introduce a cookie-based session store as the Rails default. Sessions typical... | Jeremy Kemper | 2007-02-21 | 1 | -0/+113 |
* | ARStore needs a data reader method. Closes #4795. | Jeremy Kemper | 2006-11-15 | 1 | -0/+2 |
* | Always clear model associations from session. Closes #4795. | Jeremy Kemper | 2006-11-13 | 2 | -0/+8 |
* | Fix problem with unloaded ARStore sessions being loaded when they are garbage... | Jamis Buck | 2006-03-08 | 1 | -9/+14 |
* | Major components cleanup and speedup. Closes #3527. | Jeremy Kemper | 2006-02-09 | 1 | -1/+3 |
* | Further improvements to reloading code | Nicholas Seckar | 2006-02-02 | 1 | -5/+0 |
* | If included_modules doesnt take a parameter, we shouldnt either | David Heinemeier Hansson | 2006-02-01 | 1 | -1/+1 |
* | Fix Syntax problems which were preventing webrick from starting | Michael Koziarski | 2006-02-01 | 1 | -1/+1 |
* | ActiveRecordStore::Session shouldnt be reloadable | David Heinemeier Hansson | 2006-02-01 | 1 | -0/+5 |
* | Added the possibility to specify atomatic expiration for the memcachd session... | David Heinemeier Hansson | 2006-01-22 | 1 | -12/+18 |
* | Add session ID to default logging, but remove the verbose description of ever... | David Heinemeier Hansson | 2005-12-22 | 1 | -15/+0 |
* | Make data writer private. Marshal/unmarshal handle nil. | Jeremy Kemper | 2005-11-20 | 1 | -8/+8 |
* | Log ActiveRecordStore debugging. | Jeremy Kemper | 2005-11-20 | 1 | -0/+19 |
* | r3173@asus: jeremy | 2005-11-18 23:34:41 -0800 | Jeremy Kemper | 2005-11-20 | 1 | -9/+4 |
* | CGI::Session::ActiveRecordStore.data_column_name = 'foobar' to use a differen... | Jeremy Kemper | 2005-11-09 | 1 | -40/+51 |
* | Remove fingerprinting from AR session store; fix bug in store. Closes #2612 | Nicholas Seckar | 2005-10-26 | 1 | -29/+18 |
* | Expose the session model backing CGI::Session | Jeremy Kemper | 2005-10-20 | 1 | -0/+15 |
* | Use the more appropriate columns_hash to get the session data column size limit. | Marcel Molina | 2005-10-17 | 1 | -1/+1 |
* | Allow ARStore::Session to indicate that it should not be reloaded in dev mode | Jamis Buck | 2005-10-15 | 1 | -0/+5 |
* | Raise an exception if an attempt is made to insert more session data into the... | Marcel Molina | 2005-10-15 | 1 | -4/+28 |
* | Added small note about how longtext might be needed for large session data | David Heinemeier Hansson | 2005-09-20 | 1 | -2/+3 |
* | Use session_id instead of deprecated sessid | David Heinemeier Hansson | 2005-09-12 | 1 | -1/+0 |
* | r2932@asus: jeremy | 2005-07-08 14:21:36 -0700 | Jeremy Kemper | 2005-07-08 | 1 | -4/+4 |
* | r2866@asus: jeremy | 2005-07-05 13:23:10 -0700 | Jeremy Kemper | 2005-07-05 | 1 | -4/+7 |