aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/session
Commit message (Collapse)AuthorAgeFilesLines
* Fix randomly failing cookie store testsFrederick Cheung2008-12-261-5/+4
| | | | | Marshal.dump(Marshal.load(marshaled_hash)) is not guarenteed to be equal to marshaled_hash because of the lack of ordering of hash
* Fix reset_session with lazy cookie stores [#1601 state:resolved]Matt Bauer2008-12-202-1/+46
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Persistent session identifier support for CookieSessionStore and API compat. ↵Lourens Naude2008-12-181-2/+24
| | | | | | with the server side stores [#1591 state:resolved] Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Switch to Rack based session stores.Joshua Peek2008-12-152-402/+153
|
* Use autoload instead of explicit requires for ActionControllerJoshua Peek2008-11-232-6/+0
|
* Move the cookie store to use the MessageVerifier class.Michael Koziarski2008-11-231-11/+2
| | | | This removes support for ancient cookie-store generated cookies which were double escaped.
* Work around ruby 1.9 segfaultJeremy Kemper2008-11-071-0/+1
|
* Added support for http_only cookies in cookie_store Added unit tests for ↵Pelle Braendgaard2008-09-171-1/+52
| | | | | | | secure and http_only cookies in cookie_store Signed-off-by: Michael Koziarski <michael@koziarski.com> [#1046 state:committed]
* Fix file permissionsTarmo Tänav2008-07-311-0/+0
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Revert "Lazy load cache and session stores"David Heinemeier Hansson2008-06-121-1/+1
| | | | This reverts commit 19895f087c338d8385dff9d272d30fb87cb10330.
* Lazy load cache and session storesPratik Naik2008-06-101-1/+1
|
* Don't double-escape cookie store data. Don't split cookie values with ↵Rich Cavanaugh2008-05-121-2/+14
| | | | | | newlines into an array. [#130 state:resolved] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Implement increment/decrement on cache storage engines, using read/write by ↵Tobias Lütke2008-04-291-3/+2
| | | | default and using atomic command on memcache
* Ruby 1.9 compat: cookie store delete sets nil value instead of empty stringJeremy Kemper2008-01-071-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8589 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* require abstract_unit directly since test is in load pathJeremy Kemper2008-01-052-2/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8564 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Make sure that cookie sessions use a secret that is at least 30 chars in ↵Michael Koziarski2007-11-211-0/+19
| | | | | | length. [Koz] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8184 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Skip memcache tests unless it's installedJeremy Kemper2007-10-151-0/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7893 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Wrap test with uses_mochaJeremy Kemper2007-10-141-2/+4
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7888 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Memcached sessions: add session data on initialization; don't silently ↵Jeremy Kemper2007-10-141-0/+178
| | | | | | discard exceptions; add unit tests. Closes #9823. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7885 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Parse url-encoded and multipart requests ourselves instead of delegating to CGI.Jeremy Kemper2007-05-181-4/+3
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6764 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Shine some sunlight on the CGI extensions. Remove unused CGI#session.Jeremy Kemper2007-05-151-1/+1
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6733 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie session store: ensure that new sessions doesn't reuse data from a ↵Jeremy Kemper2007-03-141-0/+13
| | | | | | deleted session in the same request. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6424 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie session store: raise ArgumentError when :session_key is blank.Jeremy Kemper2007-03-131-0/+6
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6415 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie store: use OpenSSL::HMAC instead of basic hash. Introduce :secret ↵Jeremy Kemper2007-03-031-21/+49
| | | | | | block and :digest option. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6296 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie store: test that >4K raises CookieOverflow and that unverifiable ↵Jeremy Kemper2007-03-031-13/+43
| | | | | | cookies are automatically deleted. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6294 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Cookie session store: empty and unchanged sessions don't write a cookie.Jeremy Kemper2007-02-251-1/+15
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6226 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* CGI escape the session cookie.Jeremy Kemper2007-02-221-2/+2
| | | | git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6200 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
* Introduce a cookie-based session store as the Rails default. Sessions ↵Jeremy Kemper2007-02-211-0/+137
typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure hash is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the hash). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6184 5ecf4fe2-1ee6-0310-87b1-e25e094e27de