aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware/ssl.rb
Commit message (Expand)AuthorAgeFilesLines
* Reduce some more Hash#fetch + default object allocationsAkira Matsuda2019-07-311-1/+1
* Use match? where we don't need MatchDataAkira Matsuda2019-07-291-1/+1
* Add `Style/RedundantFreeze` to remove redudant `.freeze`Yasuo Honda2018-09-291-5/+5
* Enable `Performance/UnfreezeString` copyuuji.yaginuma2018-09-231-2/+2
* Enable Start/EndWith and RegexpMatch copsBart de Water2018-07-281-1/+1
* Check exclude before flagging cookies as secure in ActionDispatch::SSL (#32262)Catherine Khuu2018-03-151-1/+3
* Update default HSTS max-age value to 1 yearGrant Bourque2018-01-161-5/+4
* Don't use Active Support where it is not needed.yuuji.yaginuma2017-09-301-1/+1
* Fix formatting in ActionDispatch::SSL middleware docsT.J. Schuck2017-09-271-33/+38
* Update links to use https link instead of http [ci skip]Yoshiyuki Hirano2017-08-221-1/+1
* [Action Pack] `rubocop -a --only Layout/EmptyLineAfterMagicComment`Koichi ITO2017-07-111-0/+1
* Prepare AP and AR to be frozen string friendlyKir Shatrov2017-07-061-2/+3
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-021-1/+0
* Enforce frozen string in RubocopKir Shatrov2017-07-011-0/+1
* HSTS subdomains is now true, so let's fix documentation [ci skip] (#26870)प्रथमेश Sonpatki2016-10-231-1/+1
* Remove deprecated code in ssl middlewareRafael Mendonça França2016-10-101-21/+3
* Return 307 status instead of 301 when rerouting POST requests to SSLChirag Singhal2016-08-221-1/+9
* applies new string literal convention in actionpack/libXavier Noria2016-08-061-5/+5
* [ci skip] Correct defaults in documentation for ActionDispatch::SSLTim Rogers2016-07-061-4/+5
* [ci skip] Fix constrain_to documentation.Kasper Timm Hansen2016-03-031-1/+1
* Rename constrain_to to exclude.Kasper Timm Hansen2016-03-031-3/+4
* add `constraint_to` option to SSL middlewareGreg Molnar2016-02-281-2/+6
* :nail_care:Rafael Mendonça França2016-02-251-2/+2
* Update documentation and deprecation messagePrathamesh Sonpatki2016-02-251-3/+3
* Added deprecation for older appsPrathamesh Sonpatki2016-02-251-1/+12
* HSTS without IncludeSubdomains is often uselessEgor Homakov2016-02-251-1/+1
* Flexible configuration for ActionDispatch::SSLTim Rogers2015-12-291-8/+12
* Improve RDoc documentation of ActionDispatch::SSLTim Rogers2015-12-241-12/+14
* Fix HSTS default expire in ActionDispatch::SSL docs.Pedro Nascimento2015-09-141-1/+2
* Make `config.force_ssl` less dangerous to try and easier to disableJeremy Daer2015-09-071-36/+92
* ActionDispatch::SSL should keep original header's behaviorFumiaki MATSUSHIMA2015-06-141-1/+1
* Avoid URI parsingAndriel Nuernberg2014-04-091-5/+8
* Space is not required for Set-Cookie headerYamagishi Kazutoshi2013-07-051-1/+1
* Merge pull request #11069 from ykzts/actiondispatch-ssl-secure-flag-igonore-caseGuillermo Iguaran2013-06-241-1/+1
|\
| * Flag cookies as secure with ignore case in ActionDispatch::SSLYamagishi Kazutoshi2013-06-241-1/+1
* | ActionDispatch:SSL: don't include STS header in non-https responsesGeoff Buesing2013-06-231-2/+1
|/
* Allow use of durations for ActionDispatch::SSL configurationAndrew White2013-01-041-1/+1
* Fix secure cookies when there are more than one space before the secureRafael Mendonça França2012-03-191-1/+1
* Remove exclude option from ActionDispatch::SSLRafael Mendonça França2012-03-191-7/+0
* Some refactoring and update ActionDispatch::SSL code to use the Rack 1.4.xRafael Mendonça França2012-03-171-23/+13
* Rack::SSL -> ActionDispatch::SSLRafael Mendonça França2012-03-171-0/+87