aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/request/utils.rb
Commit message (Collapse)AuthorAgeFilesLines
* rm `deep_munge`. You will live on in our hearts (and git history)Aaron Patterson2015-07-211-18/+12
| | | | | Now that we have encoding strategies, we can just walk the params hash once to encode as HWIA, and remove nils.
* push param encoding in to the utils moduleAaron Patterson2015-07-211-0/+29
| | | | we'll refactor deep munge mostly out of existence shortly
* stop keeping track of keys when "deep munging"Aaron Patterson2015-07-211-5/+3
| | | | This should have been done along with 8f8ccb9901cab457c6e1d52bdb25acf658fd5777
* Don't convert empty arrays to nils when deep munging paramsChris Sinjakli2014-12-151-4/+0
|
* Log which keys were set to nil in deep_mungeLukasz Sarnacki2014-01-281-4/+9
| | | | | | | | deep_munge solves CVE-2013-0155 security vulnerability, but its behaviour is definately confuisng. This commit adds logging to deep_munge. It logs keys for which values were set to nil. Also mentions in guides were added.
* Add configuration option to optionally disable deep_mungeBernard Potocki2013-12-051-0/+6
|
* Extract ActionDispatch::Request#deep_mungeGenadi Samokovarov2013-05-301-0/+24
ActionDispatch::Request#deep_munge was introduced as a private method, but was turned into a public one for the use of ActionDispatch::ParamsParser. I have extracted it into ActionDispatch::Request::Utils, so it does not get mixed up with the Request public methods.