aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/request
Commit message (Collapse)AuthorAgeFilesLines
* Catch invalid UTF-8 querystring values and respond with BadRequestGrey Baker2015-10-231-0/+15
|
* stop using deprecated Abstract::ID classAaron Patterson2015-09-041-1/+1
|
* stop inheriting from Rack::RequestAaron Patterson2015-09-042-2/+2
| | | | | | Just include the modules necessary in the Request object to implement the things we need. This should make it easier to build delegate request objects because the API is smaller
* use a request object in the session middlewareAaron Patterson2015-08-221-22/+22
| | | | | This commit allows us to use one request object rather than allocating multiple request objects to deal with the session.
* point at rack masterAaron Patterson2015-08-201-2/+2
|
* rm `deep_munge`. You will live on in our hearts (and git history)Aaron Patterson2015-07-211-18/+12
| | | | | Now that we have encoding strategies, we can just walk the params hash once to encode as HWIA, and remove nils.
* push param encoding in to the utils moduleAaron Patterson2015-07-211-0/+29
| | | | we'll refactor deep munge mostly out of existence shortly
* stop keeping track of keys when "deep munging"Aaron Patterson2015-07-211-5/+3
| | | | This should have been done along with 8f8ccb9901cab457c6e1d52bdb25acf658fd5777
* don't hold a reference to `env` in the options objectAaron Patterson2015-06-131-13/+11
| | | | | I want to decouple Rails from the rack ENV as much as possible. We should try to keep as few references to the env as possible
* Add missing documentation for ActionDispatch::Request::Session [ci skip]Mehmet Emin İNAÇ2015-06-071-0/+33
|
* remove new line between doc and methodBruce Park2015-04-071-1/+0
|
* added docs for ActionDispatch::Request::Session#createBruce Park2015-04-071-1/+3
|
* Don't convert empty arrays to nils when deep munging paramsChris Sinjakli2014-12-151-4/+0
|
* Log which keys were set to nil in deep_mungeLukasz Sarnacki2014-01-281-4/+9
| | | | | | | | deep_munge solves CVE-2013-0155 security vulnerability, but its behaviour is definately confuisng. This commit adds logging to deep_munge. It logs keys for which values were set to nil. Also mentions in guides were added.
* Merge pull request #13188 from imanel/skip_deep_mungeJeremy Kemper2013-12-191-0/+6
|\ | | | | | | | | | | | | Add configuration option to optionally disable deep_munge Conflicts: actionpack/CHANGELOG.md
| * Add configuration option to optionally disable deep_mungeBernard Potocki2013-12-051-0/+6
| |
* | Make ActionDispatch::Request::Session#fetch behave like Hash#fetchTrent Ogren2013-12-111-8/+8
|/ | | | | | Session#fetch was mutating the session when given a default argument and/or a block. Since Session duck-types as a Hash, it should behave like one in these cases.
* add the fetch method to sessionsDamien Mathieu2013-10-291-0/+12
|
* Extract ActionDispatch::Request#deep_mungeGenadi Samokovarov2013-05-301-0/+24
| | | | | | | | | ActionDispatch::Request#deep_munge was introduced as a private method, but was turned into a public one for the use of ActionDispatch::ParamsParser. I have extracted it into ActionDispatch::Request::Utils, so it does not get mixed up with the Request public methods.
* Integrate Action Pack with Rack 1.5Carlos Antonio da Silva2013-01-251-0/+4
| | | | | | All ActionPack and Railties tests are passing. Closes #8891. [Carlos Antonio da Silva + Santiago Pastorino]
* Merge pull request #7495 from steveklabnik/issue_7478Aaron Patterson2012-09-011-2/+5
|\ | | | | Properly reset the session on reset_session
| * Force reloading of the session after destroyAndreas Loupasakis2012-09-011-0/+3
| | | | | | | | | | | | | | Use load_for_write! to ensure a refresh of the session object. This way the new session_id and the empty data will be stored properly. E.g. in the case of the session cookie store this means that a new digest will be returned to the user.
| * Assign a new session_id to session options hashAndreas Loupasakis2012-09-011-2/+2
| |
* | Fix comment about Session.Steve Klabnik2012-08-311-1/+1
|/ | | | SessionHash isn't a thing, and tenses are wrong.
* Added ActionDispatch::Request::Session#keys and ↵Philip Arndt2012-05-231-0/+8
| | | | ActionDispatch::Request::Session#values
* need to dup the default options so that mutations will not impact usAaron Patterson2012-05-041-1/+1
|
* bread AD::Request::Session to it's own file, consolidate HASH OF DOOM lookupsAaron Patterson2012-05-031-0/+166