Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Catch invalid UTF-8 querystring values and respond with BadRequest | Grey Baker | 2015-10-23 | 1 | -0/+15 |
| | |||||
* | stop using deprecated Abstract::ID class | Aaron Patterson | 2015-09-04 | 1 | -1/+1 |
| | |||||
* | stop inheriting from Rack::Request | Aaron Patterson | 2015-09-04 | 2 | -2/+2 |
| | | | | | | Just include the modules necessary in the Request object to implement the things we need. This should make it easier to build delegate request objects because the API is smaller | ||||
* | use a request object in the session middleware | Aaron Patterson | 2015-08-22 | 1 | -22/+22 |
| | | | | | This commit allows us to use one request object rather than allocating multiple request objects to deal with the session. | ||||
* | point at rack master | Aaron Patterson | 2015-08-20 | 1 | -2/+2 |
| | |||||
* | rm `deep_munge`. You will live on in our hearts (and git history) | Aaron Patterson | 2015-07-21 | 1 | -18/+12 |
| | | | | | Now that we have encoding strategies, we can just walk the params hash once to encode as HWIA, and remove nils. | ||||
* | push param encoding in to the utils module | Aaron Patterson | 2015-07-21 | 1 | -0/+29 |
| | | | | we'll refactor deep munge mostly out of existence shortly | ||||
* | stop keeping track of keys when "deep munging" | Aaron Patterson | 2015-07-21 | 1 | -5/+3 |
| | | | | This should have been done along with 8f8ccb9901cab457c6e1d52bdb25acf658fd5777 | ||||
* | don't hold a reference to `env` in the options object | Aaron Patterson | 2015-06-13 | 1 | -13/+11 |
| | | | | | I want to decouple Rails from the rack ENV as much as possible. We should try to keep as few references to the env as possible | ||||
* | Add missing documentation for ActionDispatch::Request::Session [ci skip] | Mehmet Emin İNAÇ | 2015-06-07 | 1 | -0/+33 |
| | |||||
* | remove new line between doc and method | Bruce Park | 2015-04-07 | 1 | -1/+0 |
| | |||||
* | added docs for ActionDispatch::Request::Session#create | Bruce Park | 2015-04-07 | 1 | -1/+3 |
| | |||||
* | Don't convert empty arrays to nils when deep munging params | Chris Sinjakli | 2014-12-15 | 1 | -4/+0 |
| | |||||
* | Log which keys were set to nil in deep_munge | Lukasz Sarnacki | 2014-01-28 | 1 | -4/+9 |
| | | | | | | | | deep_munge solves CVE-2013-0155 security vulnerability, but its behaviour is definately confuisng. This commit adds logging to deep_munge. It logs keys for which values were set to nil. Also mentions in guides were added. | ||||
* | Merge pull request #13188 from imanel/skip_deep_munge | Jeremy Kemper | 2013-12-19 | 1 | -0/+6 |
|\ | | | | | | | | | | | | | Add configuration option to optionally disable deep_munge Conflicts: actionpack/CHANGELOG.md | ||||
| * | Add configuration option to optionally disable deep_munge | Bernard Potocki | 2013-12-05 | 1 | -0/+6 |
| | | |||||
* | | Make ActionDispatch::Request::Session#fetch behave like Hash#fetch | Trent Ogren | 2013-12-11 | 1 | -8/+8 |
|/ | | | | | | Session#fetch was mutating the session when given a default argument and/or a block. Since Session duck-types as a Hash, it should behave like one in these cases. | ||||
* | add the fetch method to sessions | Damien Mathieu | 2013-10-29 | 1 | -0/+12 |
| | |||||
* | Extract ActionDispatch::Request#deep_munge | Genadi Samokovarov | 2013-05-30 | 1 | -0/+24 |
| | | | | | | | | | ActionDispatch::Request#deep_munge was introduced as a private method, but was turned into a public one for the use of ActionDispatch::ParamsParser. I have extracted it into ActionDispatch::Request::Utils, so it does not get mixed up with the Request public methods. | ||||
* | Integrate Action Pack with Rack 1.5 | Carlos Antonio da Silva | 2013-01-25 | 1 | -0/+4 |
| | | | | | | All ActionPack and Railties tests are passing. Closes #8891. [Carlos Antonio da Silva + Santiago Pastorino] | ||||
* | Merge pull request #7495 from steveklabnik/issue_7478 | Aaron Patterson | 2012-09-01 | 1 | -2/+5 |
|\ | | | | | Properly reset the session on reset_session | ||||
| * | Force reloading of the session after destroy | Andreas Loupasakis | 2012-09-01 | 1 | -0/+3 |
| | | | | | | | | | | | | | | Use load_for_write! to ensure a refresh of the session object. This way the new session_id and the empty data will be stored properly. E.g. in the case of the session cookie store this means that a new digest will be returned to the user. | ||||
| * | Assign a new session_id to session options hash | Andreas Loupasakis | 2012-09-01 | 1 | -2/+2 |
| | | |||||
* | | Fix comment about Session. | Steve Klabnik | 2012-08-31 | 1 | -1/+1 |
|/ | | | | SessionHash isn't a thing, and tenses are wrong. | ||||
* | Added ActionDispatch::Request::Session#keys and ↵ | Philip Arndt | 2012-05-23 | 1 | -0/+8 |
| | | | | ActionDispatch::Request::Session#values | ||||
* | need to dup the default options so that mutations will not impact us | Aaron Patterson | 2012-05-04 | 1 | -1/+1 |
| | |||||
* | bread AD::Request::Session to it's own file, consolidate HASH OF DOOM lookups | Aaron Patterson | 2012-05-03 | 1 | -0/+166 |