aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/http
Commit message (Expand)AuthorAgeFilesLines
* Use request object for context if there's no controllerAndrew White2018-10-221-1/+2
* Apply mapping to symbols returned from dynamic CSP sourcesAndrew White2018-10-221-1/+2
* Remove invalid magic comment [ci skip]Yoshiyuki Kinjo2018-10-111-2/+0
* Deprecate ActionDispatch::Http::ParameterFilter in favor of ActiveSupport::Pa...Yoshiyuki Kinjo2018-10-082-84/+9
* Add `Style/RedundantFreeze` to remove redudant `.freeze`Yasuo Honda2018-09-298-38/+38
* Merge pull request #33829 from mtsmfm/encode-filenameKasper Timm Hansen2018-09-231-0/+45
|\
| * Encode Content-Disposition filenames on send_data and send_fileFumiaki MATSUSHIMA2018-09-131-0/+45
* | Enable `Performance/UnfreezeString` copyuuji.yaginuma2018-09-232-2/+2
* | Merge pull request #32932 from y-yagi/fixes_32920Yuji Yaginuma2018-09-201-1/+1
|\ \
| * | Add CSP nonce to `style-src` directiveyuuji.yaginuma2018-05-191-1/+1
* | | [ci skip] Fix documentation for Response#content_typeprintercu2018-09-141-10/+10
| |/ |/|
* | Permit list usage cleanup and clearer documentationKevin Deisz2018-08-271-4/+1
* | Convert over the rest of the whitelist referencesKevin Deisz2018-08-241-1/+1
* | Update ParameterFilter to yield original parametersPeter Zhu2018-08-221-6/+6
* | Use `Array#extract!` where possiblebogdanvlviv2018-08-141-2/+3
* | Enable Start/EndWith and RegexpMatch copsBart de Water2018-07-281-1/+1
* | Add implicit to path conversion to uploaded file (#28676)Aaron Kromer2018-07-221-0/+5
* | Add support for more HTTP cache controlsDaniel Schierbeck2018-06-131-1/+5
|/
* Add support for prefetch-src directiveyuuji.yaginuma2018-05-031-0/+1
* [ci skip] Fix doc typos ActionDispatch::Http::FilterParametersAlberto Almagro2018-04-201-2/+2
* Remove unused literal introduced in #32602Andrew White2018-04-181-1/+0
* Pass nonce to CSP policy from outsideAndrew White2018-04-181-31/+24
* Output only one nonce in CSP header per requestAndrey Novikov2018-04-171-17/+30
* Add WebSocket URI support to CSP DSL mappingsStephen Solis2018-04-121-1/+3
* Add support for automatic nonce generation for Rails UJSAndrew White2018-02-191-0/+32
* Remove trailing semi-colon from CSPAndrew White2018-02-191-1/+1
* Revert "Merge pull request #32045 from eagletmt/skip-csp-header"Andrew White2018-02-191-10/+2
* Skip generating empty CSP header when no policy is configuredKohei Suzuki2018-02-181-2/+10
* Partly revert 1e526788e6b1d3f42f4d8fdca20e588d42838c80bogdanvlviv2018-02-171-1/+4
* Rails 6 requires Ruby 2.3+Jeremy Daer2018-02-171-6/+1
* Enable autocorrect for `Lint/EndAlignment` copKoichi ITO2018-01-181-1/+1
* Merge pull request #31289 from witlessbird/fips-compatibilityEileen M. Uchitelle2017-12-141-1/+1
|\
| * Introduced `ActiveSupport::Digest` that allows to specify hash function imple...Dmitri Dolguikh2017-12-121-1/+1
* | Add missing requireyuuji.yaginuma2017-12-051-0/+2
* | Fix CSP copy boolean directives (#31326)Simon Dawson2017-12-051-5/+1
|/
* Fix typo in mime type registeringGuillermo Iguaran2017-11-291-1/+1
* Restore mpeg mime type, delete less common mime typesGuillermo Iguaran2017-11-291-9/+4
* Register "audio/mp4" mime type with :m4a symbolGuillermo Iguaran2017-11-291-1/+1
* Register most popular audio/video/font mime types supported by modern browsersGuillermo Iguaran2017-11-281-1/+19
* Add DSL for configuring Content-Security-Policy headerAndrew White2017-11-272-0/+234
* Merge pull request #31078 from aeroastro/feature/fix-typoRafael França2017-11-091-2/+2
|\
| * Fix typo on ActionDispatc::HTTP::FilterParametersTakumasa Ochi2017-11-071-2/+2
* | Edited comment from request.rbhaneru2017-11-031-1/+1
* | Remove mention of X-Post-Data-Format header [ci skip]Eugene Kenny2017-10-281-3/+0
* | Remove deprecated `ActionController::ParamsParser::ParseError`Rafael Mendonça França2017-10-231-5/+0
* | [Action Pack] require => require_relativeAkira Matsuda2017-10-214-11/+11
* | Implement H2 Early Hints for Railseileencodes2017-10-041-0/+17
|/
* Merge pull request #30367 from ptoomey3/consistent-cache-control-headersAaron Patterson2017-09-052-8/+13
|\
| * Don't touch an unused headerPatrick Toomey2017-08-231-1/+0
| * Decouple the merge/normalization and conditional cache control logicPatrick Toomey2017-08-232-5/+13