| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Don't check authenticity tokens for any AJAX requests | Ross Kaffenburger and Bryan Helmkamp | 2009-04-15 | 1 | -5/+6 |
| * | Ruby 1.9 compat: rename deprecated assert_raises to assert_raise. | Jeremy Kemper | 2009-03-08 | 1 | -9/+9 |
| * | Change the forgery token implementation to just be a simple random string. | Michael Koziarski | 2008-11-23 | 1 | -87/+6 |
| * | Merge branch 'master' into testing | Jeremy Kemper | 2008-11-15 | 1 | -52/+66 |
| |\ |
|
| | * | Changed request forgery protection to only worry about HTML-formatted content... | Jeff Cohen | 2008-11-13 | 1 | -52/+66 |
| * | | Move controller assertions from base TestCase to AC:: and AV::TestCase | Jeremy Kemper | 2008-11-07 | 1 | -5/+5 |
| |/ |
|
| * | Merge branch 'master' of git@github.com:rails/rails | rick | 2008-05-13 | 1 | -0/+24 |
| |\ |
|
| | * | Bug: Earlier Check for Session in Forgery Protection | Peter Jones | 2008-05-11 | 1 | -0/+24 |
| * | | change ActionController::RequestForgeryProtection to use Mime::Type#verify_re... | rick | 2008-05-06 | 1 | -3/+45 |
| * | | Change the request forgery protection to go by Content-Type instead of reques... | rick | 2008-05-06 | 1 | -4/+25 |
| |/ |
|
| * | Don't append the forgery token to an ajax request if it's serializing a form,... | Michael Koziarski | 2008-01-08 | 1 | -0/+9 |
| * | require abstract_unit directly since test is in load path | Jeremy Kemper | 2008-01-05 | 1 | -1/+1 |
| * | Ruby 1.9 compat, consistent load paths | Jeremy Kemper | 2007-10-02 | 1 | -1/+1 |
| * | Better error messages if you leave out the :secret option for request forgery... | Rick Olson | 2007-09-28 | 1 | -45/+74 |
| * | Add missing require | Michael Koziarski | 2007-09-28 | 1 | -0/+1 |
| * | Allow ability to disable request forgery protection, disable it in test mode ... | Rick Olson | 2007-09-28 | 1 | -0/+38 |
| * | Protect button_to behind protect_from_forgery (closes #9675) [lifo] | David Heinemeier Hansson | 2007-09-25 | 1 | -106/+38 |
| * | Change from InvalidToken to InvalidAuthenticityToken to be more specific | David Heinemeier Hansson | 2007-09-24 | 1 | -12/+12 |
| * | Rename some RequestForgeryProtection methods. The class method is now #prote... | Rick Olson | 2007-09-23 | 1 | -12/+12 |
| * | Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model tha... | Rick Olson | 2007-09-23 | 1 | -0/+217 |
