rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Merge pull request #8914 from nilbus/fix-header-bloat	Rafael Mendonça França	2013-01-15	1	-1/+3
\| \| \| \| \| \|	Remove header bloat introduced by BestStandardsSupport middleware Conflicts: actionpack/CHANGELOG.md
*	Merge pull request #8907 from rubys/master	Rafael Mendonça França	2013-01-12	1	-1/+2
\| \| \| \|	Fix regression introduced in pull 8812
*	Fix JSON params parsing regression for non-object JSON content.	Dylan Smith	2013-01-11	1	-2/+2
\| \| \| \|	Backports #8855.
*	Merge branch '3-2-sec' into 3-2-secmerge	Aaron Patterson	2013-01-08	1	-2/+2
\|\ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* 3-2-sec: bumping version CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu Avoid Rack security warning no secret provided Conflicts: actionpack/CHANGELOG.md activerecord/CHANGELOG.md activesupport/CHANGELOG.md
\| *	* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵	Aaron Patterson	2013-01-08	1	-2/+2
\| \| \| \| \| \| \| \|	dealing with empty hashes. Thanks Damien Mathieu
\| *	Avoid Rack security warning no secret provided	Santiago Pastorino	2013-01-08	1	-0/+2
\| \| \| \| \| \| \| \|	This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
* \|	Merge pull request #8812 from rubys/master	Carlos Antonio da Silva	2013-01-08	1	-1/+1
\| \| \| \| \| \| \| \|	Eliminate Rack::File headers deprecation warning
* \|	Avoid Rack security warning no secret provided	Santiago Pastorino	2013-01-08	1	-0/+2
\| \| \| \| \| \| \| \|	This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
* \|	Remove suggestion that Procs can be used as session secrets.	James Coglan	2013-01-05	1	-7/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	(cherry picked from commit 6500d7994e94af439587ba0b6088b14532940ad2) [ci skip] Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
* \|	Merge pull request #8093 from nikitug/keep_app_x_ua_compatible	Carlos Antonio da Silva	2012-11-08	1	-1/+7
\|/ \| \| \| \| \| \|	Fix #8086 (BestStandardsSupport rewrites app X-UA-Compatible header) Conflicts: actionpack/CHANGELOG.md
*	log 404 status when ActiveRecord::RecordNotFound was raised (#7646)	Yves Senn	2012-09-17	1	-2/+6
\| \| \| \| \| \|	Conflicts: actionpack/CHANGELOG.md actionpack/lib/action_controller/log_subscriber.rb
*	Dont stream back cookie value if it was set to the same value	brainopia	2012-08-10	1	-4/+6
\|
*	Revert "Revert "Merge pull request #6084 from ↵	brainopia	2012-08-10	1	-0/+7
\| \| \| \| \| \|	brainopia/support_for_magic_domain_on_all_stores"" This reverts commit a48ea6800ef712440b08c551f8041feb35de8cb4.
*	Revert "Merge pull request #6084 from ↵	Rafael Mendonça França	2012-08-05	1	-7/+0
\| \| \| \| \| \| \| \|	brainopia/support_for_magic_domain_on_all_stores" This reverts commit 393c652cf63875f2728c04d47b34b2d6ae908186. This commit was supposed to fix a bug but it add more failures.
*	Merge pull request #6084 from brainopia/support_for_magic_domain_on_all_stores	José Valim	2012-08-02	1	-0/+7
\| \| \| \|	Support cookie jar options for all cookie stores
*	adds a missing require from Active Support	Xavier Noria	2012-07-28	1	-0/+1
\| \| \| \|	This file uses mattr_accessor.
*	Revert "fix the Flash middleware loading the session on every request (very ↵	Rafael Mendonça França	2012-06-05	1	-3/+6
\| \| \| \| \| \| \| \| \|	dangerous especially with Rack::Cache), it should only be loaded when the flash method is called" This reverts commits e3069c64b2c5ddc7a5789b55b8efd4902d9e9729 and 2b2983d76fd11efc219273036a612f47cfaa5bfa. Reason: This add a non-backward compatible change in the way that flash works now (swept in every request).
*	remove unnecessary memcache equire in ActionDispatch::Session::CacheStore	Brian Durand	2012-05-26	1	-1/+0
\|
*	fix the Flash middleware loading the session on every request (very ↵	Will Bryant	2012-04-30	1	-6/+3
\| \| \| \|	dangerous especially with Rack::Cache), it should only be loaded when the flash method is called
*	Return the same session data object when setting session id	Carlos Antonio da Silva	2012-03-24	1	-1/+1
\| \| \| \| \| \| \| \|	Make sure to return the same hash object instead of returning a new one. Returning a new one causes failures on cookie store tests, where it tests for the 'Set-Cookie' header with the session signature. This is due to the hash ordering changes on Ruby 1.8.7-p358.
*	fix ArgumentError being raised in case of invalid byte sequences	Michael Reinsch	2012-03-08	1	-0/+1
\|
*	Simplify regexp	Andrew White	2012-02-17	1	-1/+1
\|
*	Fix ActionDispatch::Static to serve files with unencoded PCHAR	Andrew White	2012-02-17	1	-2/+10
\| \| \| \| \| \| \| \| \| \| \|	RFC 3986[1] allows sub-delim characters in path segments unencoded, however Rack::File requires them to be encoded so we use URI's unescape method to leave them alone and then escape them again. Also since the path gets passed to Dir[] we need to escape any glob characters in the path. [1]: http://www.ietf.org/rfc/rfc3986.txt
*	Merge pull request #4879 from kennyj/fix_4873	José Valim	2012-02-04	1	-2/+3
\| \| \| \|	Fix GH #4873. Allow swapping same class middleware.
*	Add begin/ensure block since we are returning.	José Valim	2012-01-14	1	-3/+5
\|
*	Use a BodyProxy instead of including a Module that responds to close.	Santiago Pastorino	2012-01-13	2	-14/+31
\| \| \| \|	Closes #4441 if Active Record is disabled assets are delivered correctly
*	add help text to routing error	schneems	2011-12-17	1	-8/+13
\| \| \| \| \| \|	When a newcomer hits the routing error page they are often confused about how to trouble shoot the next step. Adding a simple help text can gently remind coders where to get more help.
*	ShowExceptions should understand X-Cascade responses from exceptions app.	José Valim	2011-12-16	3	-6/+16
\|
*	Improve the specs on exceptions app.	José Valim	2011-12-16	1	-1/+6
\|
*	Extract the rendering of public exceptions pages into a Rack app.	José Valim	2011-12-16	2	-33/+48
\|
*	Get rid of the close checks since we cannot reliably close the session anyway.	José Valim	2011-12-16	4	-27/+0
\|
*	Close the response body on cascade pass, closes #3975.	José Valim	2011-12-14	1	-0/+2
\|
*	log exception backtrace when all backtrace lines silenced	Sergey Nartimov	2011-12-13	1	-1/+4
\|
*	Allow reloader to be configured.	José Valim	2011-12-12	1	-14/+38
\|
*	Fix failing cascade exception.	José Valim	2011-12-03	2	-2/+3
\|
*	Try to play nice with plugins doing monkey patches.	José Valim	2011-12-02	1	-0/+5
\|
*	Split and improve show and debug exceptions middlewares.	José Valim	2011-12-01	1	-11/+11
\|
*	Split ShowExceptions responsibilities in two middlewares.	José Valim	2011-12-01	3	-82/+106
\|
*	Add a deprecation to old show exceptions API (even though it was not public).	José Valim	2011-12-01	1	-0/+14
\|
*	Add an ExceptionWrapper that wraps an exception and provide convenience helpers.	José Valim	2011-12-01	2	-74/+100
\|
*	Allow rescue responses to be configured through a railtie.	José Valim	2011-12-01	1	-8/+4
\|
*	put backtrace_cleaner to env	lest	2011-11-28	1	-13/+13
\|
*	middlewares should use logger from env	lest	2011-11-25	2	-9/+13
\|
*	configuration option to always write cookie	lest	2011-11-23	1	-1/+4
\|
*	Remove unreachable code, and add additional testcases.	kennyj	2011-11-24	1	-6/+1
\|
*	deprecation warning, changelog entry	lest	2011-11-22	1	-1/+3
\|
*	add ActionController::Metal#show_detailed_exceptions?	lest	2011-11-22	1	-9/+7
\|
*	It should be @calculated_ip not @calculate_ip	Arun Agrawal	2011-11-17	1	-1/+1
\| \| \| \|	We are using @calculated_ip. @calculate_ip is no where used
*	Initialize our instance variables.	Aaron Patterson	2011-11-16	1	-1/+3
\|
*	Merge pull request #3649 from indirect/remote_ip	Aaron Patterson	2011-11-16	1	-3/+6
\|\ \| \| \| \|	Fixes for Request#remote_ip (no middleware, all proxies)