aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware/cookies.rb
Commit message (Collapse)AuthorAgeFilesLines
...
* | Added HybridSerializer to upgrade existing marshal cookies (wip: need tests)Godfrey Chan2014-02-111-0/+14
| |
* | Renamed session_serializer option to cookies_serializerGodfrey Chan2014-02-111-15/+30
| |
* | Updated the cookie docs to use the safer JSON.{generate,parse}Godfrey Chan2014-02-081-5/+5
| | | | | | | | cc @senny
* | Rely on backticks instead of tt tags [ci skip]Robin Dupret2014-02-081-2/+2
| | | | | | | | | | Since the language in code blocks is inferred, if the code contains tt tags, the block will be parsed as XML for instance while it is Ruby.
* | docs, Cookie values are String based. Closes #12860. [ci skip]Yves Senn2014-02-081-7/+7
| |
* | Modify the session serializer implementationGuillermo Iguaran2014-01-301-3/+5
| | | | | | | | | | Rename allowed options to :marshal and :json, for custom serializers only allow the use of custom classes.
* | Allow session serializer key in config.session_storeLukasz Sarnacki2014-01-291-2/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt.
* | Update secret_key_base Docsrobertomiranda2013-12-151-8/+8
| |
* | Missing closing + in documentation [ci skip]Edho Arief2013-07-041-1/+1
| |
* | Grammar nazi at work [ci skip]Paweł Gościcki2013-06-121-1/+1
| |
* | Merge pull request #10061 from trevorturk/dummy-key-generator-renameSantiago Pastorino2013-04-021-1/+1
|\ \ | | | | | | Rename DummyKeyGenerator -> LegacyKeyGenerator
| * | Rename DummyKeyGenerator -> LegacyKeyGeneratorTrevor Turk2013-04-021-1/+1
| | |
* | | :scissors: spacing after privateTrevor Turk2013-04-021-3/+0
| | |
* | | Be consistent when talking about cookies, key -> nameTrevor Turk2013-04-021-25/+25
| | |
* | | Fix permanent cookie jar accessor typoTrevor Turk2013-04-021-1/+1
|/ /
* | Allow transparent upgrading of legacy signed cookies to encrypted cookies; ↵Trevor Turk2013-03-281-38/+77
| | | | | | | | Automatically configure cookie-based sessions to use the best cookie jar given the app's config
* | if cookie is tampered with then nil is returned [ci skip]Neeraj Singh2013-03-251-4/+2
| | | | | | | | | | | | if the given key is not found then verifier does raise `ActiveSupport::MessageVerifier::InvalidSignature` exception but this exception is resuced and finally nil is returned.
* | Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing ↵Trevor Turk2013-03-241-99/+99
| | | | | | | | signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4
* | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-02-261-1/+1
|\ \
| * | improve grammar describing ActionDispatch::Cookies::CookieJar#deleteWeston Platter2013-02-191-1/+1
| | |
| * | improve grammar describing ActionDispatch::Cookies::CookieJar#deleteWeston Platter2013-02-191-1/+1
| | |
* | | InvalidMessage is in ActiveSupport::MessageEncryptor namespaceSantiago Pastorino2013-02-191-1/+1
|/ / | | | | | | Closes #9302
* | Add missing require to APCarlos Antonio da Silva2013-02-081-0/+1
| |
* | Fix #9168 Initialize NullCookieJar with all options needed for KeyGeneratorAndrey Chernih2013-02-081-4/+8
| |
* | add fetch to CookieJarAaron Patterson2013-01-271-0/+4
| |
* | Change `Example for` to `Example of`lambda_2013-01-031-2/+2
| |
* | Define [], []=, permanent, signed and encrypted as the only allowed methods ↵Santiago Pastorino2012-12-301-9/+57
|/ | | | for the non Raw Cookie classes
* Add UpgradeSignatureToEncryptionCookieStoreSantiago Pastorino2012-11-161-2/+8
| | | | | | This allows easy upgrading from the old signed Cookie Store <= 3.2 or the deprecated one in 4.0 (the ones that doesn't use key derivation) to the new one that signs using key derivation
* Disallow ability to use EncryptedCookieJar with DummyKeyGeneratorSantiago Pastorino2012-11-031-0/+5
| | | | | Developers must set config.secret_key_base in config/initializers/secret_token.rb
* Rename secret_token_key to secret_key_baseSantiago Pastorino2012-11-031-3/+3
|
* Move ensure_secret_secure to DummyKeyGeneratorSantiago Pastorino2012-11-031-24/+0
|
* Allow users to change the default salt if they want, shouldn't be necessarySantiago Pastorino2012-11-031-11/+22
|
* Add cookie.encrypted which returns an EncryptedCookieJarSantiago Pastorino2012-11-031-0/+48
| | | | | | | | | How to use it? cookies.encrypted[:discount] = 45 => Set-Cookie: discount=ZS9ZZ1R4cG1pcUJ1bm80anhQang3dz09LS1mbDZDSU5scGdOT3ltQ2dTdlhSdWpRPT0%3D--ab54663c9f4e3bc340c790d6d2b71e92f5b60315; path=/ cookies.encrypted[:discount] => 45
* Sign cookies using key deriverSantiago Pastorino2012-11-031-15/+19
|
* 1.9 hash syntax changes to docsAvnerCohen2012-10-311-7/+7
|
* load active_support/core_ext/object/blank in active_support/railsXavier Noria2012-08-021-1/+0
|
* adds a missing require from Active SupportXavier Noria2012-07-281-0/+1
| | | | This file uses mattr_accessor.
* doc edits [ci skip]Vijay Dev2012-05-061-3/+2
|
* Merge pull request #5924 from cjolly/signed-cookies-docsVijay Dev2012-05-061-3/+5
|\ | | | | Improve signed cookies documentation
| * Improve signed cookies documentationChad Jolly2012-04-211-3/+5
| |
* | make sure the superclass matches so load order does not matterAaron Patterson2012-05-041-1/+1
| |
* | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2012-05-011-1/+1
|\ \
| * | Code-format references to config settingsMark Rushakoff2012-04-271-1/+1
| |/
* | Merge pull request #6082 from brainopia/smarter_cookie_jarJosé Valim2012-04-301-7/+10
|\ \ | | | | | | Stream cookies only if needed
| * | Dont stream back cookie value if it was set to the same valuebrainopia2012-04-301-4/+6
| | |
| * | Dont set cookie header for deletion of unexisting databrainopia2012-04-301-1/+2
| | |
| * | Simplify matching with array of possible domainsbrainopia2012-04-301-1/+1
| | |
| * | Use more appropriate one-liner for class declarationbrainopia2012-04-301-1/+1
| | |
* | | Merge pull request #6083 from brainopia/remove_unused_closed_ivarsJosé Valim2012-04-301-1/+0
|\ \ \ | |/ / |/| | Remove a couple of unused ivars left from previous refactoring
| * | Remove unused ivars left from close checksbrainopia2012-04-301-1/+0
| |/ | | | | | | These ivars were missed in d142572567 when close checks were removed
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-22 08:49:00 +0000