| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Rack::Test::UploadedFile is a permitted scalar | Fabio Kreusch | 2013-02-21 | 1 | -1/+2 |
| * | Remove XML Parser from ActionDispatch | Prem Sichanugrist | 2013-02-20 | 1 | -131/+15 |
| * | Fix #9168 Initialize NullCookieJar with all options needed for KeyGenerator | Andrey Chernih | 2013-02-08 | 1 | -0/+35 |
| * | Missing or unneeded require extract_options | Akira Matsuda | 2013-02-01 | 2 | -0/+2 |
| * | Remove yaml Proc param parser test | Brendon Murphy | 2013-01-28 | 1 | -13/+0 |
| * | Merge pull request #9032 from firmhouse/head-breaks-csrf | Santiago Pastorino | 2013-01-28 | 1 | -0/+4 |
| |\ |
|
| | * | Added a test that shows that a HEAD request does not normally pass CSRF prote... | Michiel Sikkes | 2013-01-22 | 1 | -0/+4 |
| * | | ActionDispatch::Http::UploadedFile is a permitted scalar [Closes #9051] | Xavier Noria | 2013-01-23 | 1 | -1/+2 |
| |/ |
|
| * | Lets kepp using Ruby 1.9 syntax | Rafael Mendonça França | 2013-01-22 | 2 | -37/+37 |
| * | Restore I18n.locale after running tests | Akira Matsuda | 2013-01-22 | 1 | -1/+7 |
| * | Make sure to reset default_url_options | Akira Matsuda | 2013-01-22 | 1 | -1/+5 |
| * | Add missing assert calls | Carlos Antonio da Silva | 2013-01-20 | 1 | -2/+2 |
| * | strong parameters filters permitted scalars | Xavier Noria | 2013-01-20 | 2 | -17/+164 |
| * | Restore and adapt the implementation reverted at | Rafael Mendonça França | 2013-01-19 | 2 | -8/+8 |
| * | Added ability to raise or log on unpermitted params. | Thomas Drake-Brockman | 2013-01-20 | 2 | -0/+83 |
| * | Remove useless || operation | Carlos Antonio da Silva | 2013-01-17 | 1 | -1/+1 |
| * | Removing : warning: ambiguous first argument; | Arun Agrawal | 2013-01-17 | 1 | -4/+4 |
| * | Deprecate direct calls to AC::RecordIdentifier.dom_id and dom_class | Carlos Antonio da Silva | 2013-01-16 | 1 | -0/+34 |
| * | Remove warnings: "(...) interpreted as grouped expression" | Carlos Antonio da Silva | 2013-01-16 | 1 | -2/+2 |
| * | strong parameters exception handling | Brian Alexander | 2013-01-15 | 1 | -9/+6 |
| * | Change the behavior of route defaults | Andrew White | 2013-01-15 | 1 | -0/+31 |
| * | Ensure port is set when passed via the process method | Andrew White | 2013-01-15 | 1 | -0/+52 |
| * | Merge pull request #8821 from jamis/master | Rafael Mendonça França | 2013-01-10 | 1 | -2/+2 |
| |\ |
|
| | * | evaluate the dependency blocks at the instance level, not class level | Jamis Buck | 2013-01-08 | 1 | -2/+2 |
| * | | Remove :yaml related tests and fix other related to parsing empty arrays | Carlos Antonio da Silva | 2013-01-08 | 1 | -43/+0 |
| * | | CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. | Jeremy Kemper | 2013-01-08 | 1 | -0/+13 |
| * | | Revert "Merge branch 'master-sec'" | Jeremy Kemper | 2013-01-08 | 1 | -13/+0 |
| * | | Merge branch 'master-sec' | Aaron Patterson | 2013-01-08 | 1 | -0/+13 |
| |\ \
| |/
|/| |
|
| | * | CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. | Jeremy Kemper | 2013-01-08 | 1 | -0/+13 |
| * | | view_cache_dependency API | Jamis Buck | 2013-01-08 | 1 | -0/+18 |
| * | | Revert "unpermitted params" exception -- it's just not going to work. See the... | David Heinemeier Hansson | 2013-01-08 | 1 | -43/+0 |
| * | | Never treat action or controller as unpermitted params | David Heinemeier Hansson | 2013-01-08 | 1 | -0/+10 |
| |/ |
|
| * | Namespace HashWithIndifferentAccess | Akira Matsuda | 2013-01-07 | 1 | -3/+2 |
| * | Remove unnecessary begin..rescue..end, use only rescue | Akira Matsuda | 2013-01-06 | 2 | -14/+10 |
| * | deprecate `assert_blank` and `assert_present`. | Yves Senn | 2013-01-05 | 5 | -15/+15 |
| * | Rename the last occurrence of UnexpectedParameters | Rafael Mendonça França | 2013-01-05 | 1 | -2/+2 |
| * | Rename the configuration to raise_on_unpermitted_parameters | Rafael Mendonça França | 2013-01-05 | 1 | -4/+4 |
| * | Allow developers to enable raising of exception when unexpected params are pr... | Thomas Drake-Brockman | 2013-01-05 | 1 | -0/+33 |
| * | do not append a second slash when using | Yves Senn | 2013-01-02 | 1 | -6/+16 |
| * | Alias refute methods to assert_not and perfer assert_not on tests | Rafael Mendonça França | 2012-12-31 | 1 | -1/+1 |
| * | Do not use the same tests description | Rafael Mendonça França | 2012-12-31 | 1 | -3/+3 |
| * | Remove unneeded tests | Rafael Mendonça França | 2012-12-31 | 2 | -245/+0 |
| * | Merge pull request #8662 from senny/8661_should_not_append_charset_if_already... | Santiago Pastorino | 2012-12-31 | 1 | -1/+12 |
| |\ |
|
| | * | charset should not be appended for `head` responses | Yves Senn | 2012-12-31 | 1 | -1/+12 |
| * | | Merge pull request #8546 from hsbt/fix-testcase-strict-warning | Santiago Pastorino | 2012-12-30 | 1 | -1/+2 |
| |\ \
| |/
|/| |
|
| | * | change spy of after invoked controller action. because ruby-2.0.0 waned unus... | SHIBATA Hiroshi | 2012-12-20 | 1 | -1/+2 |
| * | | return Mime::NullType if format is unknown | Angelo Capilleri | 2012-12-22 | 1 | -1/+1 |
| * | | Move background jobs to the 'jobs' branch until fully baked. Not shipping wit... | Jeremy Kemper | 2012-12-21 | 1 | -10/+0 |
| * | | Refactoring the token_and_options method to fix bugs | Kurtis Rainbolt-Greene | 2012-12-15 | 1 | -6/+29 |
| |/ |
|
| * | Removed :if and :unless from fragment cache option in favour of | Angelo capilleri | 2012-12-14 | 1 | -16/+16 |
