aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib
Commit message (Expand)AuthorAgeFilesLines
...
* Merge session fixation fixes from stableMichael Koziarski2007-10-021-4/+12
* Ruby 1.9 compat, consistent load pathsJeremy Kemper2007-10-0224-128/+148
* Fixed that render template did not honor exempt_from_layout (closes #9698) [p...David Heinemeier Hansson2007-09-301-3/+3
* Fixed that a response has to be available for that exact mime type for it to ...David Heinemeier Hansson2007-09-291-1/+1
* Fixed that strip_tags blows up with invalid html (closes #9730) [lifo]David Heinemeier Hansson2007-09-291-4/+6
* Ensure request is present, as well as defined. [nzkoz]Michael Koziarski2007-09-291-4/+4
* Re-enable Routing optimisation code for _url methods, add defined?(request) t...Michael Koziarski2007-09-282-9/+5
* Better error messages if you leave out the :secret option for request forgery...Rick Olson2007-09-281-1/+5
* Allow ability to disable request forgery protection, disable it in test mode ...Rick Olson2007-09-285-9/+20
* Fixed spelling errors (closes #9706) [tarmo/rmm5t]David Heinemeier Hansson2007-09-2810-11/+11
* Fixed the layout defaults (closes #9564) [lifo]David Heinemeier Hansson2007-09-281-14/+19
* Avoid calling is_missing on LoadErrors. Closes #7460.Nicholas Seckar2007-09-271-1/+1
* Reinstate the default AR.instantiate_observers to_prepare block.Jeremy Kemper2007-09-261-0/+6
* Move Railties' Dispatcher to ActionController::Dispatcher, introduce before_ ...Jeremy Kemper2007-09-261-0/+183
* Protect button_to behind protect_from_forgery (closes #9675) [lifo]David Heinemeier Hansson2007-09-251-2/+7
* Added failing tests for iphoneDavid Heinemeier Hansson2007-09-251-4/+11
* Change from InvalidToken to InvalidAuthenticityToken to be more specificDavid Heinemeier Hansson2007-09-242-16/+21
* Stop rdoc from whiningDavid Heinemeier Hansson2007-09-242-8/+8
* Move rescue_action_with_handler from rescue_action to perform_action so it is...Jeremy Kemper2007-09-241-2/+2
* Include asset host in public path cache key. Clear cache between asset tag te...Jeremy Kemper2007-09-242-9/+17
* port over some of the csrf_killer README docsRick Olson2007-09-241-0/+13
* Beefed up docs a bitDavid Heinemeier Hansson2007-09-241-17/+27
* Cache computed public asset paths.Jeremy Kemper2007-09-241-16/+20
* Cache more file existence checks. Flip-flop escaping.Jeremy Kemper2007-09-241-9/+16
* Cache file existence checks and the list of all stylesheet sources. Manually ...Jeremy Kemper2007-09-241-7/+10
* The tag helper may bypass escaping.Jeremy Kemper2007-09-241-17/+26
* Cache asset ids.Jeremy Kemper2007-09-241-3/+12
* escape_once uses negative lookahead to avoid double-escaping instead of a sec...Jeremy Kemper2007-09-241-6/+1
* Optimized named routes respect AbstractRequest.relative_url_root. Closes #9612.Jeremy Kemper2007-09-231-0/+2
* Dont need all of test/unit (closes #6673) [zenspider/josh]David Heinemeier Hansson2007-09-231-1/+0
* Remove , and ; (comma and semicolon) from routing separators again. Reference...Jeremy Kemper2007-09-231-2/+2
* Fixed cache_page to use the request url instead of the routing options when p...David Heinemeier Hansson2007-09-231-8/+11
* Introduce ActionController::Base.rescue_from to declare exception-handling me...Jeremy Kemper2007-09-231-2/+51
* Rename some RequestForgeryProtection methods. The class method is now #prote...Rick Olson2007-09-235-24/+35
* move TextHelper#sanitize config options to the TextHelper module so it can be...Rick Olson2007-09-232-130/+146
* Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model tha...Rick Olson2007-09-239-22/+127
* Secure #sanitize, #strip_tags, and #strip_links helpers against xss attacks. ...Rick Olson2007-09-232-38/+227
* Roll back #7578, tests failedDavid Heinemeier Hansson2007-09-221-2/+3
* Improve the error message for assert_redirected_to (closes #7337) [sandofsky]David Heinemeier Hansson2007-09-221-3/+2
* Disable the routing optimisation code when dealing with foo_url helpers. Add...Michael Koziarski2007-09-221-3/+5
* Remove use of & logic operator. Closes #8114.Nicholas Seckar2007-09-221-1/+1
* Fixed JavaScriptHelper#escape_javascript to also escape closing tags (closes ...David Heinemeier Hansson2007-09-221-1/+1
* Fixed TextHelper#word_wrap for multiline strings with extra carrier returns (...David Heinemeier Hansson2007-09-221-1/+3
* Allow frameworks to be required by their gem name (closes #8845) [drnic]David Heinemeier Hansson2007-09-221-0/+1
* Doc fix (closes #9123) [tzaharia]David Heinemeier Hansson2007-09-221-1/+2
* Use rel="stylesheet" in lowercase as prescribed by XHTML standards (closes #8...David Heinemeier Hansson2007-09-221-22/+22
* Doc fix (closes #9414) [Henrik N]David Heinemeier Hansson2007-09-221-3/+3
* Fixed that setting the :host option in url_for would automatically turn off :...David Heinemeier Hansson2007-09-221-2/+3
* Added FormHelper#label (closes #8641) [jcoglan]David Heinemeier Hansson2007-09-221-1/+32
* Fix bufferDavid Heinemeier Hansson2007-09-221-0/+1