aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware
Commit message (Collapse)AuthorAgeFilesLines
...
* | if cookie is tampered with then nil is returned [ci skip]Neeraj Singh2013-03-251-4/+2
| | | | | | | | | | | | if the given key is not found then verifier does raise `ActiveSupport::MessageVerifier::InvalidSignature` exception but this exception is resuced and finally nil is returned.
* | Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing ↵Trevor Turk2013-03-241-99/+99
| | | | | | | | signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4
* | Fix some typosVipul A M2013-03-241-1/+1
|/
* Change useless tr to gsubrobertomiranda2013-03-061-2/+2
|
* change useless gsub to trrobertomiranda2013-03-052-3/+3
|
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-02-262-2/+2
|\
| * Typo fix.Carson McDonald2013-02-211-1/+1
| |
| * improve grammar describing ActionDispatch::Cookies::CookieJar#deleteWeston Platter2013-02-191-1/+1
| |
| * improve grammar describing ActionDispatch::Cookies::CookieJar#deleteWeston Platter2013-02-191-1/+1
| |
* | Remove XML Parser from ActionDispatchPrem Sichanugrist2013-02-201-23/+3
| | | | | | | | | | If you want an ability to parse XML parameters, please install `actionpack-xml_parser` gem.
* | InvalidMessage is in ActiveSupport::MessageEncryptor namespaceSantiago Pastorino2013-02-191-1/+1
| | | | | | | | Closes #9302
* | Gist URLs are now namespacedAkira Matsuda2013-02-181-1/+1
| | | | | | | | see: https://github.com/blog/1406-namespaced-gists
* | Return false on toggle on error pagesBartlomiej Kozal2013-02-172-6/+7
|/
* Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-02-151-1/+1
|\ | | | | | | | | Conflicts: guides/source/upgrading_ruby_on_rails.md
| * Fix typo.Carson McDonald2013-02-111-1/+1
| | | | | | | | [ci skip]
* | Add missing require to APCarlos Antonio da Silva2013-02-081-0/+1
| |
* | Fix #9168 Initialize NullCookieJar with all options needed for KeyGeneratorAndrey Chernih2013-02-081-4/+8
|/
* Remove BestStandardsSupport middlewareGuillermo Iguaran2013-01-291-30/+0
|
* Use Encoding::UTF_8 constant :do_not_litter:Akira Matsuda2013-01-281-1/+1
|
* add fetch to CookieJarAaron Patterson2013-01-271-0/+4
|
* In Browser Path Matching with Javascriptschneems2013-01-202-11/+99
| | | | | | | | | | | When debugging routes ,it can sometimes be difficult to understand exactly how the paths are matched. This PR adds a JS based path matching widget to the `/rails/info/routes` output. You can enter in a path, and it will tell you which of the routes that path matches, while preserving order (top match wins). The matching widget in action: ![](http://f.cl.ly/items/3A2F0v2m3m1Z1p3P3O3k/path-match.gif) Prior to this PR the only way to check matching paths is via mental math, or typing in a path in the url bar and seeing where it goes. This feature will be an invaluable debugging tool by dramatically decreasing the time needed to check a path match. ATP actionpack
* Merge pull request #8958 from balexand/strong_parameters_exception_handlingRafael Mendonça França2013-01-151-1/+2
|\ | | | | Strong parameters exception handling
| * strong parameters exception handlingBrian Alexander2013-01-151-1/+2
| |
* | Remove header bloat introduced by BestStandardsSupport middlewareEdward Anderson2013-01-151-1/+3
|/ | | | The same headers were being duplicated on every request.
* Fix regression introduced in pull request 8812Sam Ruby2013-01-111-1/+2
| | | | See https://github.com/rails/rails/pull/8812#commitcomment-2416514
* Fix json params parsing regression for non-object JSON content.Dylan Smith2013-01-111-2/+2
| | | | Fixes #8845.
* Merge pull request #8824 from mjtko/fix/cookie-store-inheritanceSantiago Pastorino2013-01-082-5/+26
|\ | | | | Modify CookieStore middleware inheritance to avoid subclassing Rack::Session::Cookie [Fix for #7372]
| * Revert cb3181e - no longer required.Mark J. Titorenko2013-01-081-2/+0
| |
| * Fix CookieStore middleware inheritance hierarchy s.t. it inherits from ↵Mark J. Titorenko2013-01-081-3/+26
| | | | | | | | Rack::Session::Abstract::ID rather than Rack::Session::Cookie.
* | remove yaml as a param parser :burn:Aaron Patterson2013-01-081-2/+0
| | | | | | | | | | If you revert this commit, I will hunt you down, I will make you regret ever terrible thing you've ever done, I will make you suffer.
* | * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-081-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* | Revert "Merge branch 'master-sec'"Jeremy Kemper2013-01-081-2/+2
| | | | | | | | | | This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing changes made to f049016cd348627bf8db0d72382d7580bf802a79.
* | Merge branch 'master-sec'Aaron Patterson2013-01-081-2/+2
|\ \ | | | | | | | | | | | | | | | * master-sec: CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
| * | * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_dispatch/http/request.rb actionpack/lib/action_dispatch/middleware/params_parser.rb activerecord/CHANGELOG.md activerecord/lib/active_record/relation/predicate_builder.rb activerecord/test/cases/relation/where_test.rb
* | | Merge branch 'master' of github.com:lifo/docrailsVijay Dev2013-01-092-9/+17
|\ \ \ | | | | | | | | | | | | | | | | Conflicts: guides/source/getting_started.md
| * | | extract alert= and notice= examples to FlashHash#now [ci skip]Francesco Rodriguez2013-01-031-17/+15
| | | |
| * | | Add examples `alert=` and `notice=`, using memeslambda_2013-01-031-0/+10
| | | |
| * | | Change `Example for` to `Example of`lambda_2013-01-031-2/+2
| | | |
* | | | Eliminate Rack::File headers deprecation warningSam Ruby2013-01-081-1/+1
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | See http://intertwingly.net/projects/AWDwR4/checkdepot/section-6.1.html rake test produces: "Rack::File headers parameter replaces cache_control after Rack 1.5." Despite what the message says, it appears that the hearders parameter change will be effective as of Rack 1.5: https://github.com/rack/rack/blob/rack-1.4/lib/rack/file.rb#L24 https://github.com/rack/rack/blob/master/lib/rack/file.rb#L24
* | | Avoid Rack security warning no secret providedSantiago Pastorino2013-01-081-0/+2
| |/ |/| | | | | This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
* | refactor ShowExceptions' #call to use def-rescue instead of begin-rescueGosha Arinich2013-01-071-7/+4
| |
* | remove begin-rescue in favor of def-rescueGosha Arinich2013-01-071-10/+9
| |
* | Fix operators precedence issueRafael Mendonça França2013-01-061-1/+1
| |
* | Merge pull request #8787 from tank-bohr/masterRafael Mendonça França2013-01-061-2/+2
|\ \ | | | | | | masgn and response variable
| * | return multiple assingment and response variabletank-bohr2013-01-071-2/+2
| | |
* | | Merge pull request #8785 from goshakkk/refactor-debug-exceptionsRafael Mendonça França2013-01-061-2/+1
|\ \ \ | |/ / |/| | Refactor DebugExceptions
| * | refactor DebugExceptions by combining two conditionals into oneGosha Arinich2013-01-071-2/+1
| | |
* | | Reduce number of Strings a bitAkira Matsuda2013-01-071-3/+3
|/ /
* | fix for rbxtank-bohr2013-01-071-2/+2
| | | | | | | | | | | | | | | | | | Rubinius returns a boolean after such assingment response = (_, headers, body = @app.call(env)) see https://github.com/rubinius/rubinius/issues/2117 get rid of a local variable
* | Rename route_wrapper partial layout to tableCarlos Antonio da Silva2013-01-061-0/+0
| | | | | | | | | | | | It is used by the table formatter only, and it's already inside a routes directory that namespaces it properly, so calling it just "table" seems simpler.