rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Filter sensitive query string parameters in the log [#6244 state:committed]	Prem Sichanugrist & Xavier Noria	2011-03-11	1	-4/+17
\| \| \| \| \| \|	This provides more safety to applications that put secret information in the query string, such as API keys or SSO tokens. Signed-off-by: Xavier Noria <fxn@hashref.com>
*	Filter params that return nil for to_param and allow through false values	Andrew White	2011-03-09	1	-1/+1
\|
*	Add missing deprecation require	Carlos Antonio da Silva	2011-02-11	1	-0/+1
\| \| \| \|	Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
*	Change the CSRF whitelisting to only apply to get requests	Michael Koziarski	2011-02-08	1	-1/+2
\| \| \| \| \| \| \| \|	Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets. To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header: X-CSRF-Token: ... This fixes CVE-2011-0447
*	Use Mime::Type references.	José Valim	2011-02-08	1	-1/+5
\|
*	Protocol-relative URL support.	Stephen Celis	2011-02-02	1	-2/+5
\| \| \| \| \| \|	[#5774 state:committed] Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
*	removing more unused variables	Aaron Patterson	2011-01-17	1	-1/+1
\|
*	Merge branch 'master' of git://github.com/lifo/docrails	Xavier Noria	2010-12-05	1	-2/+2
\|\
\| *	Fix mime type doc typos	Carlos Antonio da Silva	2010-12-04	1	-2/+2
\| \|
* \|	Wrap everything in class << self.	José Valim	2010-12-03	1	-42/+37
\| \|
* \|	Merge remote branch 'joshk/redirect_routing'	José Valim	2010-12-03	1	-0/+52
\|\ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Conflicts: actionpack/CHANGELOG actionpack/lib/action_controller/metal/mime_responds.rb Signed-off-by: José Valim <jose.valim@gmail.com>
\| * \|	The redirect routing method now allows for a hash of options which only ↵	Josh Kalderimis	2010-11-30	1	-0/+52
\| \|/ \| \| \| \| \| \|	changes the relevant parts of the url, or an object which responds to call can be supplied so common redirect rules can be easily reused. This commit includes a change where url generation from parts has been moved to AD::Http::URL as a class method.
* \|	Fix tests on 1.9.2.	José Valim	2010-11-28	1	-6/+9
\| \|
* \|	trailing star mimes should respect the order in which mime types are defined.	José Valim	2010-11-28	1	-7/+11
\|/
*	process text/* if it appears in the middle of	Neeraj Singh	2010-11-25	1	-1/+5
\| \| \| \|	HTTP_ACCEPT parameter
*	processing image/* is an odditity because there is	Neeraj Singh	2010-11-25	1	-1/+1
\| \| \| \| \| \|	a test case which expects image/* to not to be expanded. So I am leaving image/* as it is and process only text/* and application/*
*	unregister method implementation and test	Neeraj Singh	2010-11-25	1	-0/+12
\|
*	port_string bought back to life as it is part of the public api	Josh Kalderimis	2010-11-24	1	-3/+8
\| \| \| \|	Signed-off-by: José Valim <jose.valim@gmail.com>
*	:subdomain, :domain and :tld_length options can now be used in url_for, ↵	Josh Kalderimis	2010-11-23	1	-20/+39
\| \| \| \| \| \|	allowing for easy manipulation of the host during link generation. Signed-off-by: José Valim <jose.valim@gmail.com>
*	remove select, collect and then inject with	Neeraj Singh	2010-11-22	1	-1/+1
\| \| \| \| \| \|	something better Signed-off-by: José Valim <jose.valim@gmail.com>
*	string include method is 10x faster than creating	Neeraj Singh	2010-11-22	1	-1/+1
\| \| \| \| \| \|	a new regex object every single time Signed-off-by: José Valim <jose.valim@gmail.com>
*	Compile regex only once	Neeraj Singh	2010-11-22	1	-3/+5
\| \| \| \|	Signed-off-by: José Valim <jose.valim@gmail.com>
*	implement code that handles text/, appplication/,	Neeraj Singh	2010-11-22	1	-1/+16
\| \| \| \| \| \|	and image/* Signed-off-by: José Valim <jose.valim@gmail.com>
*	declare regex as a constant	Neeraj Singh	2010-11-22	1	-1/+3
\| \| \| \|	Signed-off-by: José Valim <jose.valim@gmail.com>
*	do not assume that there is no space between	Neeraj Singh	2010-11-22	1	-1/+1
\| \| \| \| \| \|	leading / and comma Signed-off-by: José Valim <jose.valim@gmail.com>
*	current code ignores http header "Accept" if it	Neeraj Singh	2010-11-22	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \|	has ....,/ . It is possible to a device to send request such that / appear at the beginning of the "Accept" header. This patch ensures that "Accept" header is ignored for such cases too. Signed-off-by: José Valim <jose.valim@gmail.com>
*	use_accept_header is no longer supported	Neeraj Singh	2010-11-21	1	-1/+1
\|
*	delegating path and open to internal tempfile	Aaron Patterson	2010-11-18	1	-2/+8
\|
*	Brought the domain method in AD http url inline with subdomain where ↵	Josh Kalderimis	2010-11-16	1	-1/+2
\| \| \| \|	@@tld_length is used by default. Also set the default value of @@tld_length to 1.
*	Add additional HTTP request methods from the following RFCs:	Andrew White	2010-11-02	1	-2/+19
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Hypertext Transfer Protocol -- HTTP/1.1 http://www.ietf.org/rfc/rfc2616.txt) * HTTP Extensions for Distributed Authoring -- WEBDAV http://www.ietf.org/rfc/rfc2518.txt * Versioning Extensions to WebDAV http://www.ietf.org/rfc/rfc3253.txt * Ordered Collections Protocol (WebDAV) http://www.ietf.org/rfc/rfc3648.txt * Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol http://www.ietf.org/rfc/rfc3744.txt * Web Distributed Authoring and Versioning (WebDAV) SEARCH http://www.ietf.org/rfc/rfc5323.txt * PATCH Method for HTTP http://www.ietf.org/rfc/rfc5789.txt [#2809 state:resolved] [#5895 state:resolved]
*	Fix loop introduced by rack:dda892d	Jeremy Kemper	2010-10-26	1	-6/+1
\|
*	Remove rack-cache-purge.	José Valim	2010-10-26	1	-9/+0
\|
*	Fix status initialization when custom status provided	Krekoten' Marjan	2010-10-18	1	-2/+2
\| \| \| \|	Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
*	Change def to attr_reader + alias	Krekoten' Marjan	2010-10-18	1	-10/+3
\| \| \| \|	Signed-off-by: José Valim <jose.valim@gmail.com>
*	make sure request parameters are accessible after rack throws an exception ↵	Miles Egan	2010-10-12	1	-2/+2
\| \| \| \| \| \|	parsing the query string [#3030 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
*	only forwarding enough methods to work. People should grab the delegate ↵	Aaron Patterson	2010-10-04	1	-5/+8
\| \| \| \|	tempfile if they really need to do hard work
*	making sure respond_to? works properly	Aaron Patterson	2010-10-04	1	-0/+5
\|
*	raising an argument error if tempfile is not provided	Aaron Patterson	2010-10-04	1	-0/+1
\|
*	delegate to the @tempfile instance variable	Aaron Patterson	2010-10-04	1	-13/+5
\|
*	Solve some warnings and a failing test.	José Valim	2010-10-03	1	-1/+1
\|
*	Move ETag and ConditionalGet logic from AD::Response to the middleware stack.	José Valim	2010-10-03	2	-22/+2
\|
*	Rely on Rack::Session stores API for more compatibility across the Ruby world.	José Valim	2010-10-03	1	-5/+0
\|
*	dry up method checking in the request object	Aaron Patterson	2010-09-29	1	-10/+9
\|
*	@_etag is not used anywhere.	José Valim	2010-09-29	1	-2/+0
\|
*	Merge remote branch 'miloops/warnings'	José Valim	2010-09-27	1	-0/+1
\|\ \| \| \| \| \| \| \| \|	Conflicts: actionpack/lib/action_controller/metal/url_for.rb
\| *	Initialize @_etag.	Emilio Tagua	2010-09-27	1	-0/+1
\| \|
* \|	Cache 2 of Request's commonly called methods.	thedarkone	2010-09-27	1	-2/+2
\|/
*	Improve performance of applications using file uploads by not busting the ↵	Carl Lerche	2010-09-22	1	-29/+20
\| \| \| \|	method cache on every request containing a file upload.
*	First pass at Rack::Cache	wycats	2010-09-13	1	-0/+67
\|
*	removes /i from the TRUSTED_PROXIES regexp, adds /x and comments for ↵	Xavier Noria	2010-09-12	1	-2/+10
\| \| \| \|	readability, adds a pointer to a Wikipedia section that documents the matched IPs