aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware
Commit message (Collapse)AuthorAgeFilesLines
...
* Calling exists? in the session store, without checking for stale sessions, ↵José Valim2010-06-252-10/+10
| | | | was causing the cookie store to panic because we need to unpack the whole session to get its key. This commit fixes this issue and also caches exists calls for performance improvements.
* Make sure that Rails doesn't resent session_id cookie over and over again if ↵Prem Sichanugrist2010-06-251-1/+3
| | | | | | | | it's already there [#2485 state:resolved] This apply to only Active Record store and Memcached store, as they both store only the session_id, which will be unchanged, in the cookie. Signed-off-by: José Valim <jose.valim@gmail.com>
* Just reading flash messages should not create a session if one does not ↵José Valim2010-06-251-2/+9
| | | | exist yet.
* Avoid deserializing cookies too early, which causes session objects to not ↵José Valim2010-06-242-18/+22
| | | | be available yet. Unfortunately, could not reproduce this in a test case.
* Sessions should not be created until written to and session data should be ↵Michael Lovitt2010-06-233-29/+115
| | | | | | | | destroyed on reset. [#4938] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Merge remote branch 'rails/master'Xavier Noria2010-06-202-5/+5
|\ | | | | | | | | Conflicts: actionpack/lib/abstract_controller/base.rb
| * Use Rack::Utils.bytesize when calculating content-length of exception pages. ↵Tarsoly András2010-06-201-1/+1
| | | | | | | | | | | | [#4727 state:resolved] Signed-off-by: José Valim <jose.valim@gmail.com>
| * Clear DescendantsTracker on each request.José Valim2010-06-191-4/+4
| |
* | Fix a bunch of minor spelling mistakesEvgeniy Dolzhenko2010-06-151-1/+1
|\ \ | |/ |/|
| * Fix a bunch of minor spelling mistakesEvgeniy Dolzhenko2010-06-111-1/+1
| |
* | Refactored duplication into a separate method. Dropped class variable.Rizwan Reza2010-06-111-15/+17
| |
* | Adding missing docs to delete cookies with :all which were added that way.Rizwan Reza2010-06-111-1/+2
| |
* | Took out the domain option logic to cookies.rb.Rizwan Reza2010-06-113-22/+32
| |
* | Moved Domain regexp to a constant and added comments.Rizwan Reza2010-06-111-1/+8
| |
* | The previous commit didn't work with complex domains, which is now fixed.Rizwan Reza2010-06-111-4/+4
| |
* | Add support for multi-subdomain session by setting cookie host in session ↵Rizwan Reza2010-06-112-1/+14
|/ | | | | | cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] This reverts commit 330a89072a493aafef1e07c3558964477f85adf0.
* Revert "Add support for multi-subdomain session by setting cookie host in ↵José Valim2010-06-102-14/+1
| | | | | | | | session cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved]" It does not work for domains like co.uk and com.br. This reverts commit c4d6245e875bbb276c122a5a401422d341dac4df.
* Add support for multi-subdomain session by setting cookie host in session ↵Guillermo Álvarez2010-06-102-1/+14
| | | | | | cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
* Ensure show exceptions middleware properly filters backtrace before logging.José Valim2010-06-091-1/+1
|
* Accept both regexps and strings for LOCALHOST.José Valim2010-06-081-2/+2
|
* Make sure that rails recognized the full notation of IPv6 loopback address, ↵Prem Sichanugrist2010-06-081-2/+2
| | | | | | and recognize 127.0.0.0/8 in IPv4 Signed-off-by: José Valim <jose.valim@gmail.com>
* Simplify middleware stack lazy compares using named const referencesJeremy Kemper2010-06-051-13/+5
|
* Restore flash sweepJeremy Kemper2010-06-051-1/+1
|
* Stop the flash middleware from forcibly loading sessions even if the user ↵wycats2010-06-042-6/+6
| | | | doesn't use sessions at all
* Include backtrace in failsafe log. Rescue possible exceptions in failsafe ↵Jeremy Kemper2010-06-042-2/+2
| | | | response.
* Add :only and :except to controllers MiddlewareStack. This allowsJosé Valim2010-05-301-4/+4
| | | | | | | | you to do the following: class PostsController < ApplicationController use AutheMiddleware, :except => [:index, :show] end
* Remove the laziness from the middleware stack.José Valim2010-05-291-57/+15
|
* Removing Metal from Rails 3. wycats2010-05-291-29/+0
| | | | | | | | | | | | | | | | | | | | If you have existing Metals, you have a few options: * if your metal behaves like a middleware, add it to the middleware stack via config.middleware.use. You can use methods on the middleware stack to control exactly where it should go * if it behaves like a Rack endpoint, you can link to it in the router. This will result in more optimal routing time, and allows you to remove code in your endpoint that matches specific URLs in favor of the more powerful handling in the router itself. For the future, you can use ActionController::Metal to get a very fast controller with the ability to opt-in to specific controller features without paying the penalty of the full controller stack. Since Rails 3 is closer to Rack, the Metal abstraction is no longer needed.
* Avoid creating a Rack::Response object in the cookie middleware since it may ↵José Valim2010-05-181-9/+13
| | | | stream the body.
* Cut the fat and make session stores rely on request.cookie_jar and change ↵José Valim2010-05-183-130/+55
| | | | set_session semantics to return the cookie value instead of a boolean.
* Remove deprecated methods since 2-3-stable.José Valim2010-05-181-34/+6
|
* Simplify cookie_store by simply relying on cookies.signed.José Valim2010-05-182-94/+45
|
* added convenience methods #notice and #alert to flash.nowMartin2010-05-151-0/+10
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* corrected error message in session/cookie_store [#4546 state:resolved]Josh Kalderimis2010-05-101-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Use annoted source code in Template:Error to avoid special cases in the show ↵José Valim2010-05-091-8/+4
| | | | exceptions middleware.
* Fix parsing xml input by ActionDispatch::ParamsParserLawrence Pit2010-05-061-1/+1
| | | | | | [#4437 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* RouteSet does not raise ActionController::RoutingError when no routes match ↵Carl Lerche2010-04-301-1/+11
| | | | anymore. Instead, it follows the X-Cascade convention. ShowExceptions checks for X-Cascade so that the routing error page can still be displayed.
* Some require indifferent_access addedSantiago Pastorino2010-04-211-0/+1
| | | | Signed-off-by: Xavier Noria <fxn@ubuntu.(none)>
* require without .rbSantiago Pastorino2010-04-211-1/+1
| | | | Signed-off-by: Xavier Noria <fxn@ubuntu.(none)>
* Missing require addedSantiago Pastorino2010-04-181-0/+1
|
* Use request.body IO and rewind, if possibleJeremy Kemper2010-04-071-3/+6
|
* Remove #size call on rack input ioJoshua Peek2010-04-071-8/+4
|
* Use config.filter_parameters on in-browser request dump. [#4335 state:resolved]José Valim2010-04-071-1/+1
|
* Rename config.cookie_secret to config.secret_token and pass it as ↵José Valim2010-04-052-19/+19
| | | | configuration in request.env. This is another step forward removing global configuration.
* Fix signed cookies by explicitly passing config to the cookie jarJeremy Kemper2010-04-041-23/+19
|
* Deprecate cookie_verifier_secret in favor of config.cookie_secret allowing ↵José Valim2010-03-311-3/+3
| | | | signed cookies to work again.
* Request#content_type exists in Rack::Request, and other parts of ↵wycats2010-03-281-2/+4
| | | | | | Rack::Request expect it to return a String. Split the Rails API so that Request#content_type returns a String, and Request#content_mime_type returns a Mime::Type object.
* adds missing requires for Object#blank? and Object#present?Xavier Noria2010-03-282-0/+2
|
* Merge branch 'master' into docrailswycats2010-03-261-0/+1
|\
| * Deleting and setting a cookie in the same request was brokenMathias Biilmann Christensen2010-03-171-0/+1
| | | | | | | | | | | | | | | | Made sure to remove a cookie from @deleted_cookies when set [#4211 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>