Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Revert "Merge pull request #3640 from indirect/remote_ip" | Jon Leighton | 2011-11-15 | 1 | -2/+3 |
| | | | | | | | | This reverts commit 6491aadc525b8703708e0fd0fbf05bd436a47801, reversing changes made to 83bf0b626cf2134260903e57d74f67de57384073. See https://github.com/rails/rails/pull/3640#issuecomment-2752761 for explanation. | ||||
* | GetIp#to_s should never return nil. That's icky. | Andre Arko | 2011-11-14 | 1 | -3/+2 |
| | |||||
* | Return the calculated remote_ip or ip | Andre Arko | 2011-11-14 | 1 | -1/+2 |
| | | | This was an especially nasty bug introduced in 317f4e2, by the way that an instance of GetIp is not nil, but GetIp#to_s could sometimes return nil. Gross, huh? | ||||
* | Merge pull request #3617 from indirect/remote_ip | José Valim | 2011-11-13 | 1 | -18/+1 |
|\ | | | | | refactor RemoteIp middleware | ||||
| * | refactor RemoteIp middleware | Andre Arko | 2011-11-11 | 1 | -18/+1 |
| | | | | | | | | | | | | | | | | | | | | | | - return the last forwarded IP before REMOTE_ADDR to handle proxies - remove completely superfluous RemoteIpGetter class - remove duplication of trusted proxies regexp - remove unused constant from Request - move comments from Request to where they are actually relevant - edit comments for clarity of purpose The original code (confusingly) tried to return REMOTE_ADDR both at the beginning and the end of the chain of options. Since REMOTE_ADDR is _always_ set, this is kind of silly. This change leaves REMOTE_ADDR as the last option, so that proxied requests will be assigned the correct remote IP address. | ||||
* | | Unneeded require memoizable | Akira Matsuda | 2011-11-12 | 1 | -2/+0 |
|/ | |||||
* | Fix trouble using :subdomain in development environment when using ↵ | Bradford Folkens | 2011-11-08 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | numeric addresses. See-also pull request #3561 from 3-1-stable Otherwise the following occurs: TypeError: can't convert nil into String /Users/bfolkens/dev/bfolkens-rails-core/actionpack/lib/action_dispatch/http/url.rb:75:in host_or_subdomain_and_domain' /Users/bfolkens/dev/bfolkens-rails-core/actionpack/lib/action_dispatch/http/url.rb:37:in url_for' /Users/bfolkens/dev/bfolkens-rails-core/actionpack/lib/action_dispatch/routing/url_for.rb:147:in test_subdomain_may_be_accepted_with_numeric_host' /Users/bfolkens/dev/bfolkens-rails-core/activesupport/lib/active_support/testing/setup_and_teardown.rb:67:in run' /Users/bfolkens/dev/bfolkens-rails-core/activesupport/lib/active_support/callbacks.rb:426:in send' /Users/bfolkens/dev/bfolkens-rails-core/activesupport/lib/active_support/callbacks.rb:81:in run' | ||||
* | Added X-Request-Id tracking and TaggedLogging to easily log that and other ↵ | David Heinemeier Hansson | 2011-10-19 | 1 | -0/+10 |
| | | | | production concerns | ||||
* | / is allowed in URI fragments | Jeremy Kemper | 2011-10-13 | 1 | -1/+1 |
| | |||||
* | Clean up subdomain code a bit. | José Valim | 2011-10-04 | 1 | -2/+2 |
| | |||||
* | :subdomain can now be specified with a value of false in url_for, allowing ↵ | Kamil Sobieraj | 2011-10-04 | 1 | -3/+5 |
| | | | | for subdomain(s) removal from the host during link generation. Closes #2025 | ||||
* | Implement Mime::Type#respond_to? (consistently with #method_missing) | Evgeniy Dolzhenko | 2011-09-25 | 1 | -0/+4 |
| | |||||
* | removing backwards compatibility module | Aaron Patterson | 2011-09-12 | 1 | -1/+1 |
| | |||||
* | Refactor ActionDispatch::Http::UploadedFile | Daniel Schierbeck | 2011-08-28 | 1 | -14/+3 |
| | |||||
* | document meta method | Vijay Dev | 2011-08-04 | 1 | -3/+3 |
| | |||||
* | Check Accept and Content-Type headers before evaluating them in xhr ↵ | ogeidix | 2011-07-19 | 1 | -1/+2 |
| | | | | | | requests. Closes #2119 An xhr request must have an "Accept" or "Content-type" header in order to be considered a request with valid_accept_header. | ||||
* | TODO fix explicitly loading exceptations, autoload removed | Vishnu Atrai | 2011-07-11 | 1 | -0/+1 |
| | |||||
* | Fix test to use Mime::Zip | Arun Agrawal | 2011-06-28 | 1 | -3/+3 |
| | |||||
* | Register some commonly used mime types (png, jpeg, pdf, zip etc.) per default | Esad Hajdarevic | 2011-06-28 | 1 | -0/+12 |
| | |||||
* | Remove usage of memoizable from ActionPack. | José Valim | 2011-06-16 | 1 | -3/+3 |
| | |||||
* | all requests are utf-8. Don't use the external encoding. | Damien Mathieu | 2011-06-14 | 1 | -3/+2 |
| | |||||
* | encode the uploaded file's name in the default external encoding - Closes #869 | Damien Mathieu | 2011-06-14 | 1 | -1/+12 |
| | |||||
* | Merge branch 'master' of git://github.com/lifo/docrails | Xavier Noria | 2011-05-25 | 2 | -5/+5 |
|\ | | | | | | | | | | | Conflicts: actionmailer/lib/action_mailer/base.rb activesupport/lib/active_support/core_ext/kernel/requires.rb | ||||
| * | Remove extra white spaces on ActionPack docs. | Sebastian Martinez | 2011-05-23 | 2 | -5/+5 |
| | | |||||
* | | removed deprecated methods, and related tests, from ActionPack | Josh Kalderimis | 2011-05-24 | 2 | -30/+1 |
| | | |||||
* | | Make :status an attr_reader to avoid unnecessary warning when replacing status= | wycats | 2011-05-22 | 1 | -1/+2 |
|/ | |||||
* | Dump and load rack-cache stuff. | José Valim | 2011-05-17 | 1 | -2/+6 |
| | |||||
* | Merge branch 'master' of git://github.com/lifo/docrails | Xavier Noria | 2011-05-14 | 1 | -1/+1 |
|\ | | | | | | | | | | | Conflicts: actionpack/lib/action_view/helpers/date_helper.rb railties/lib/rails/generators/rails/app/templates/config/initializers/wrap_parameters.rb.tt | ||||
| * | minor correction to the ActionDispatch::Http::URL subdomain docs | Josh Kalderimis | 2011-05-04 | 1 | -1/+1 |
| | | |||||
* | | Fix previous commit by allowing a proc to be given as response_body. This is ↵ | José Valim | 2011-05-10 | 2 | -29/+53 |
| | | | | | | | | deprecated and is going to be removed in future releases. | ||||
* | | Only show dump of regular env methods on exception screen (not all the rack ↵ | David Heinemeier Hansson | 2011-05-04 | 1 | -4/+5 |
|/ | | | | crap) [DHH] | ||||
* | Fix .subdomain regression. | José Valim | 2011-05-04 | 1 | -1/+1 |
| | |||||
* | More performance optimizations. | José Valim | 2011-05-03 | 1 | -5/+0 |
| | |||||
* | Improve performance for filtered parameters and add tests. | José Valim | 2011-05-03 | 1 | -0/+5 |
| | |||||
* | Add ignore_accept_header config to AD::Request. | José Valim | 2011-05-02 | 1 | -5/+22 |
| | |||||
* | Fix tests on 1.8 by explicitly checking for strings (which also improves ↵ | José Valim | 2011-04-20 | 1 | -1/+9 |
| | | | | performance). | ||||
* | Do not inherit from Rack::Response, remove a shit-ton of unused code. | José Valim | 2011-04-19 | 1 | -53/+48 |
| | |||||
* | Filter sensitive query string parameters in the log [#6244 state:committed] | Prem Sichanugrist & Xavier Noria | 2011-03-11 | 1 | -4/+17 |
| | | | | | | This provides more safety to applications that put secret information in the query string, such as API keys or SSO tokens. Signed-off-by: Xavier Noria <fxn@hashref.com> | ||||
* | Filter params that return nil for to_param and allow through false values | Andrew White | 2011-03-09 | 1 | -1/+1 |
| | |||||
* | Add missing deprecation require | Carlos Antonio da Silva | 2011-02-11 | 1 | -0/+1 |
| | | | | Signed-off-by: Santiago Pastorino <santiago@wyeworks.com> | ||||
* | Change the CSRF whitelisting to only apply to get requests | Michael Koziarski | 2011-02-08 | 1 | -1/+2 |
| | | | | | | | | Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets. To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header: X-CSRF-Token: ... This fixes CVE-2011-0447 | ||||
* | Use Mime::Type references. | José Valim | 2011-02-08 | 1 | -1/+5 |
| | |||||
* | Protocol-relative URL support. | Stephen Celis | 2011-02-02 | 1 | -2/+5 |
| | | | | | | [#5774 state:committed] Signed-off-by: Santiago Pastorino <santiago@wyeworks.com> | ||||
* | removing more unused variables | Aaron Patterson | 2011-01-17 | 1 | -1/+1 |
| | |||||
* | Merge branch 'master' of git://github.com/lifo/docrails | Xavier Noria | 2010-12-05 | 1 | -2/+2 |
|\ | |||||
| * | Fix mime type doc typos | Carlos Antonio da Silva | 2010-12-04 | 1 | -2/+2 |
| | | |||||
* | | Wrap everything in class << self. | José Valim | 2010-12-03 | 1 | -42/+37 |
| | | |||||
* | | Merge remote branch 'joshk/redirect_routing' | José Valim | 2010-12-03 | 1 | -0/+52 |
|\ \ | | | | | | | | | | | | | | | | | | | | | | Conflicts: actionpack/CHANGELOG actionpack/lib/action_controller/metal/mime_responds.rb Signed-off-by: José Valim <jose.valim@gmail.com> | ||||
| * | | The redirect routing method now allows for a hash of options which only ↵ | Josh Kalderimis | 2010-11-30 | 1 | -0/+52 |
| |/ | | | | | | | changes the relevant parts of the url, or an object which responds to call can be supplied so common redirect rules can be easily reused. This commit includes a change where url generation from parts has been moved to AD::Http::URL as a class method. | ||||
* | | Fix tests on 1.9.2. | José Valim | 2010-11-28 | 1 | -6/+9 |
| | |