aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware/session
Commit message (Collapse)AuthorAgeFilesLines
* Fix renew feature on cookies.José Valim2011-05-041-1/+1
|
* generated session ids should be encoded as UTF-8Aaron Patterson2011-04-141-1/+3
|
* Initialize sid should just skip instance variables.José Valim2010-10-041-0/+7
|
* Rely on Rack::Session stores API for more compatibility across the Ruby world.José Valim2010-10-033-321/+76
|
* no need to check for nil?Neeraj Singh2010-09-301-1/+1
|
* Remove more warnings on AP.Emilio Tagua2010-09-281-2/+2
|
* Only send secure cookies over SSL.W. Andrew Loe III2010-09-131-1/+4
|
* Revert "Avoid uneeded queries in session stores if sid is not given."José Valim2010-07-292-5/+3
| | | | | | First step to merge Rails and Rack session stores. Rack always expects to receive the SID since it may have different behavior if the SID is nil. This reverts commit e210895ba95e498b9debbf43a3e5ae588bca81f0.
* Set session options id to nil is respected and cancels lazy loading.José Valim2010-07-181-2/+2
|
* Avoid uneeded queries in session stores if sid is not given.José Valim2010-07-182-3/+5
|
* Fixed many references to the old config/environment.rb and Rails::InitializerBenjamin Quorning2010-07-131-1/+1
|
* porting session.clear fix to master branch. [#5030 state:resolved]Aaron Patterson2010-07-011-0/+5
| | | | Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Fixed that an ArgumentError is thrown when request.session_options[:id] is ↵Michael Lovitt2010-06-272-36/+38
| | | | | | | | read in the following scenario: when the cookie store is used, and the session contains a serialized object of an unloaded class, and no session data accesses have occurred yet. Pushed the stale_session_check responsibility out of the SessionHash and down into the session store, closer to where the deserialization actually occurs. Added some test coverage for this case and others related to deserialization of unloaded types. [#4938] Signed-off-by: José Valim <jose.valim@gmail.com>
* Do not mark the session as loaded if an error happened while doing it.José Valim2010-06-251-2/+1
|
* Calling exists? in the session store, without checking for stale sessions, ↵José Valim2010-06-252-10/+10
| | | | was causing the cookie store to panic because we need to unpack the whole session to get its key. This commit fixes this issue and also caches exists calls for performance improvements.
* Make sure that Rails doesn't resent session_id cookie over and over again if ↵Prem Sichanugrist2010-06-251-1/+3
| | | | | | | | it's already there [#2485 state:resolved] This apply to only Active Record store and Memcached store, as they both store only the session_id, which will be unchanged, in the cookie. Signed-off-by: José Valim <jose.valim@gmail.com>
* Avoid deserializing cookies too early, which causes session objects to not ↵José Valim2010-06-242-18/+22
| | | | be available yet. Unfortunately, could not reproduce this in a test case.
* Sessions should not be created until written to and session data should be ↵Michael Lovitt2010-06-233-29/+115
| | | | | | | | destroyed on reset. [#4938] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Took out the domain option logic to cookies.rb.Rizwan Reza2010-06-112-20/+0
|
* Moved Domain regexp to a constant and added comments.Rizwan Reza2010-06-111-1/+8
|
* The previous commit didn't work with complex domains, which is now fixed.Rizwan Reza2010-06-111-4/+4
|
* Add support for multi-subdomain session by setting cookie host in session ↵Rizwan Reza2010-06-112-1/+14
| | | | | | cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] This reverts commit 330a89072a493aafef1e07c3558964477f85adf0.
* Stop the flash middleware from forcibly loading sessions even if the user ↵wycats2010-06-041-4/+4
| | | | doesn't use sessions at all
* Cut the fat and make session stores rely on request.cookie_jar and change ↵José Valim2010-05-183-130/+55
| | | | set_session semantics to return the cookie value instead of a boolean.
* Remove deprecated methods since 2-3-stable.José Valim2010-05-181-34/+6
|
* Simplify cookie_store by simply relying on cookies.signed.José Valim2010-05-181-93/+14
|
* corrected error message in session/cookie_store [#4546 state:resolved]Josh Kalderimis2010-05-101-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Rename config.cookie_secret to config.secret_token and pass it as ↵José Valim2010-04-051-1/+1
| | | | configuration in request.env. This is another step forward removing global configuration.
* adds missing requires for Object#blank? and Object#present?Xavier Noria2010-03-282-0/+2
|
* Make many parts of Rails lazy. In order to facilitate this,wycats2010-03-071-1/+0
| | | | | | | | | | | | add lazy_load_hooks.rb, which allows us to declare code that should be run at some later time. For instance, this allows us to defer requiring ActiveRecord::Base at boot time purely to apply configuration. Instead, we register a hook that should apply configuration once ActiveRecord::Base is loaded. With these changes, brings down total boot time of a new app to 300ms in production and 400ms in dev. TODO: rename base_hook
* Deprecated ActionController::Base.session_options= and ↵Carlhuda2010-03-041-7/+5
| | | | ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings.
* Fix const reference for SessionRestoreErrorJoshua Peek2010-01-151-1/+1
|
* fixed missing or incorrect session data error messageStefan Penner2010-01-021-1/+1
|
* All AD modules are "deferrable"Joshua Peek2009-12-222-4/+6
|
* SessionRestoreError belongs in ADJoshua Peek2009-09-231-3/+6
|
* Lazy require memcache for session middlewareJoshua Peek2009-09-131-40/+35
|
* CookieStore should not be derived from Hash - reverting [#2268 state:resolved]Jay Pignata2009-09-031-1/+1
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* If session_options[:id] is requested when using CookieStore, unmarshal the ↵Jay Pignata2009-09-031-3/+14
| | | | | | session to access it [#2268 state:resolved] Signed-off-by: Joshua Peek <josh@joshpeek.com>
* SessionHash#update and SessionHash#delete are missing a call to load! [#3056 ↵Joshua Peek2009-08-311-0/+2
| | | | state:resolved]
* Require necessary active_support files in cookie storeCarl Lerche2009-08-261-0/+2
|
* ActionPack components should no longer have undeclared dependencies.Yehuda Katz + Carl Lerche2009-06-081-0/+1
| | | | | | | * Tests can be run in isolation * Dependencies added * A few tests modified to avoid depending on AS deps not depended on my files they were testing
* Revert "Only save the session if we're actually writing to it [#2703 ↵Joshua Peek2009-05-301-10/+1
| | | | | | state:resolved]" This reverts commit dd98280e38d640f5724887cf8a715b79f0439d2d.
* Only save the session if we're actually writing to it [#2703 state:resolved]Johan Sörensen2009-05-281-1/+10
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Inherit TestSession from Session::AbstractStore and add indifferent access ↵Joshua Peek2009-04-262-6/+29
| | | | to Session::AbstractStore.
* Fix typo in stale session check [#2404 state:resolved]Joshua Peek2009-04-261-1/+1
|
* Bring abstract_controller up to date with rails/masterCarl Lerche & Yehuda Katz2009-04-132-32/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resolved all the conflicts since 2.3.0 -> HEAD. Following is a list of commits that could not be applied cleanly or are obviated with the abstract_controller refactor. They all need to be revisited to ensure that fixes made in 2.3 do not reappear in 3.0: 2259ecf368e6a6715966f69216e3ee86bf1a82a7 AR not available * This will be reimplemented with ActionORM or equivalent 06182ea02e92afad579998aa80144588e8865ac3 implicitly rendering a js response should not use the default layout [#1844 state:resolved] * This will be handled generically 893e9eb99504705419ad6edac14d00e71cef5f12 Improve view rendering performance in development mode and reinstate template recompiling in production [#1909 state:resolved] * We will need to reimplement rails-dev-boost on top of the refactor; the changes here are very implementation specific and cannot be cleanly applied. The following commits are implicated: 199e750d46c04970b5e7684998d09405648ecbd4 3942cb406e1d5db0ac00e03153809cc8dc4cc4db f8ea9f85d4f1e3e6f3b5d895bef6b013aa4b0690 e3b166aab37ddc2fbab030b146eb61713b91bf55 ae9f258e03c9fd5088da12c1c6cd216cc89a01f7 44423126c6f6133a1d9cf1d0832b527e8711d40f 0cb020b4d6d838025859bd60fb8151c8e21b8e84 workaround for picking layouts based on wrong view_paths [#1974 state:resolved] * The specifics of this commit no longer apply. Since it is a two-line commit, we will reimplement this change. 8c5cc66a831aadb159f3daaffa4208064c30af0e make action_controller/layouts pick templates from the current instance's view_paths instead of the class view_paths [#1974 state:resolved] * This does not apply at all. It should be trivial to apply the feature to the reimplemented ActionController::Base. 87e8b162463f13bd50d27398f020769460a770e3 fix HTML fallback for explicit templates [#2052 state:resolved] * There were a number of patches related to this that simply compounded each other. Basically none of them apply cleanly, and the underlying issue needs to be revisited. After discussing the underlying problem with Koz, we will defer these fixes for further discussion.
* Merge commit 'rails/3-0-unstable'Yehuda Katz2009-01-302-4/+8
| | | | | | | | | | | | | Conflicts: actionpack/lib/action_controller/base.rb actionpack/lib/action_dispatch/http/mime_type.rb actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_view/base.rb actionpack/lib/action_view/paths.rb actionpack/test/controller/session/cookie_store_test.rb actionpack/test/dispatch/rack_test.rb actionpack/test/dispatch/request_test.rb
* Move HTTP libs and middleware into ActionDispatch componentJoshua Peek2009-01-273-0/+439