aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware
Commit message (Collapse)AuthorAgeFilesLines
...
* | Adding missing docs to delete cookies with :all which were added that way.Rizwan Reza2010-06-111-1/+2
| |
* | Took out the domain option logic to cookies.rb.Rizwan Reza2010-06-113-22/+32
| |
* | Moved Domain regexp to a constant and added comments.Rizwan Reza2010-06-111-1/+8
| |
* | The previous commit didn't work with complex domains, which is now fixed.Rizwan Reza2010-06-111-4/+4
| |
* | Add support for multi-subdomain session by setting cookie host in session ↵Rizwan Reza2010-06-112-1/+14
|/ | | | | | cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] This reverts commit 330a89072a493aafef1e07c3558964477f85adf0.
* Revert "Add support for multi-subdomain session by setting cookie host in ↵José Valim2010-06-102-14/+1
| | | | | | | | session cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved]" It does not work for domains like co.uk and com.br. This reverts commit c4d6245e875bbb276c122a5a401422d341dac4df.
* Add support for multi-subdomain session by setting cookie host in session ↵Guillermo Álvarez2010-06-102-1/+14
| | | | | | cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
* Ensure show exceptions middleware properly filters backtrace before logging.José Valim2010-06-091-1/+1
|
* Accept both regexps and strings for LOCALHOST.José Valim2010-06-081-2/+2
|
* Make sure that rails recognized the full notation of IPv6 loopback address, ↵Prem Sichanugrist2010-06-081-2/+2
| | | | | | and recognize 127.0.0.0/8 in IPv4 Signed-off-by: José Valim <jose.valim@gmail.com>
* Simplify middleware stack lazy compares using named const referencesJeremy Kemper2010-06-051-13/+5
|
* Restore flash sweepJeremy Kemper2010-06-051-1/+1
|
* Stop the flash middleware from forcibly loading sessions even if the user ↵wycats2010-06-042-6/+6
| | | | doesn't use sessions at all
* Include backtrace in failsafe log. Rescue possible exceptions in failsafe ↵Jeremy Kemper2010-06-042-2/+2
| | | | response.
* Add :only and :except to controllers MiddlewareStack. This allowsJosé Valim2010-05-301-4/+4
| | | | | | | | you to do the following: class PostsController < ApplicationController use AutheMiddleware, :except => [:index, :show] end
* Remove the laziness from the middleware stack.José Valim2010-05-291-57/+15
|
* Removing Metal from Rails 3. wycats2010-05-291-29/+0
| | | | | | | | | | | | | | | | | | | | If you have existing Metals, you have a few options: * if your metal behaves like a middleware, add it to the middleware stack via config.middleware.use. You can use methods on the middleware stack to control exactly where it should go * if it behaves like a Rack endpoint, you can link to it in the router. This will result in more optimal routing time, and allows you to remove code in your endpoint that matches specific URLs in favor of the more powerful handling in the router itself. For the future, you can use ActionController::Metal to get a very fast controller with the ability to opt-in to specific controller features without paying the penalty of the full controller stack. Since Rails 3 is closer to Rack, the Metal abstraction is no longer needed.
* Avoid creating a Rack::Response object in the cookie middleware since it may ↵José Valim2010-05-181-9/+13
| | | | stream the body.
* Cut the fat and make session stores rely on request.cookie_jar and change ↵José Valim2010-05-183-130/+55
| | | | set_session semantics to return the cookie value instead of a boolean.
* Remove deprecated methods since 2-3-stable.José Valim2010-05-181-34/+6
|
* Simplify cookie_store by simply relying on cookies.signed.José Valim2010-05-182-94/+45
|
* added convenience methods #notice and #alert to flash.nowMartin2010-05-151-0/+10
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* corrected error message in session/cookie_store [#4546 state:resolved]Josh Kalderimis2010-05-101-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Use annoted source code in Template:Error to avoid special cases in the show ↵José Valim2010-05-091-8/+4
| | | | exceptions middleware.
* Fix parsing xml input by ActionDispatch::ParamsParserLawrence Pit2010-05-061-1/+1
| | | | | | [#4437 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* RouteSet does not raise ActionController::RoutingError when no routes match ↵Carl Lerche2010-04-301-1/+11
| | | | anymore. Instead, it follows the X-Cascade convention. ShowExceptions checks for X-Cascade so that the routing error page can still be displayed.
* Some require indifferent_access addedSantiago Pastorino2010-04-211-0/+1
| | | | Signed-off-by: Xavier Noria <fxn@ubuntu.(none)>
* require without .rbSantiago Pastorino2010-04-211-1/+1
| | | | Signed-off-by: Xavier Noria <fxn@ubuntu.(none)>
* Missing require addedSantiago Pastorino2010-04-181-0/+1
|
* Use request.body IO and rewind, if possibleJeremy Kemper2010-04-071-3/+6
|
* Remove #size call on rack input ioJoshua Peek2010-04-071-8/+4
|
* Use config.filter_parameters on in-browser request dump. [#4335 state:resolved]José Valim2010-04-071-1/+1
|
* Rename config.cookie_secret to config.secret_token and pass it as ↵José Valim2010-04-052-19/+19
| | | | configuration in request.env. This is another step forward removing global configuration.
* Fix signed cookies by explicitly passing config to the cookie jarJeremy Kemper2010-04-041-23/+19
|
* Deprecate cookie_verifier_secret in favor of config.cookie_secret allowing ↵José Valim2010-03-311-3/+3
| | | | signed cookies to work again.
* Request#content_type exists in Rack::Request, and other parts of ↵wycats2010-03-281-2/+4
| | | | | | Rack::Request expect it to return a String. Split the Rails API so that Request#content_type returns a String, and Request#content_mime_type returns a Mime::Type object.
* adds missing requires for Object#blank? and Object#present?Xavier Noria2010-03-282-0/+2
|
* Merge branch 'master' into docrailswycats2010-03-261-0/+1
|\
| * Deleting and setting a cookie in the same request was brokenMathias Biilmann Christensen2010-03-171-0/+1
| | | | | | | | | | | | | | | | Made sure to remove a cookie from @deleted_cookies when set [#4211 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* | Merge remote branch 'mainstream/master'Pratik Naik2010-03-125-12/+63
|\| | | | | | | | | | | | | Conflicts: activerecord/lib/active_record/base.rb railties/lib/rails/configuration.rb railties/lib/rails/log_subscriber.rb
| * Simplify the action endpoint:Carlhuda2010-03-081-1/+5
| | | | | | | | | | | | | | * Remove ActionEndpoint in favor of passing a block to MiddlewareStack * Always create a Request; the performance win of RackDelegation is around the response; the Request object hit is limited to a single object allocation * #dispatch takes a Request
| * Make many parts of Rails lazy. In order to facilitate this,wycats2010-03-073-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | add lazy_load_hooks.rb, which allows us to declare code that should be run at some later time. For instance, this allows us to defer requiring ActiveRecord::Base at boot time purely to apply configuration. Instead, we register a hook that should apply configuration once ActiveRecord::Base is loaded. With these changes, brings down total boot time of a new app to 300ms in production and 400ms in dev. TODO: rename base_hook
| * Deprecated ActionController::Base.session_options= and ↵Carlhuda2010-03-041-7/+5
| | | | | | | | ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings.
| * Move remote_ip to a middleware:Carlhuda2010-03-032-25/+51
| | | | | | | | | | * ActionController::Base.ip_spoofing_check deprecated => config.action_dispatch.ip_spoofing_check * ActionController::Base.trusted_proxies deprecated => config.action_dispatch.trusted_proxies
| * Add a BlockUntrustedIps middlewareCarl Lerche2010-03-031-0/+25
| |
| * Revert behavior from a5684dfa3c16472bfa5d5d861ba78cb6dbadcb59 and ensure ↵José Valim2010-02-191-1/+1
| | | | | | | | after_initializer is executed after to_prepare callbacks.
* | Remove outdated docs.José Valim2010-02-091-14/+0
|/
* As first step setup the load path and lazy compare middlewares.José Valim2010-01-251-1/+13
|
* Extract routes reloading responsibilities from application and load them ↵José Valim2010-01-231-1/+1
| | | | just upon a request.
* Default to sync instrumentation.José Valim2010-01-211-32/+0
|