| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add 'Referrer-Policy' header to default headers set | Guillermo Iguaran | 2018-01-08 | 3 | -3/+10 |
| | | |||||
| * | Added deprecations and removals notes for Action Pack [ci skip] | Prathamesh Sonpatki | 2018-01-07 | 1 | -1/+1 |
| | | |||||
| * | Add missing require for `strip_heredoc` | Peter Wagenet | 2018-01-04 | 1 | -0/+1 |
| | | |||||
| * | Merge pull request #31594 from yuki24/refactor-request-test | Eileen M. Uchitelle | 2018-01-04 | 1 | -89/+75 |
| |\ | | | | | Refactor tests for request parameters to use more realistic setup | ||||
| | * | Use more realistic setup rather than stubbing | Yuki Nishijima | 2017-12-29 | 1 | -89/+75 |
| | | | | | | | | | | | | | | | | | | | | | These assertions did matter due to the inconsistent behavior of [the #parameters method][1]. Today, it behaves consistently and they could be removed. Also, one of the methods was stubbed somewhat incorrectly, so it is better not to stub and instead, make them close to more realistic use cases. [1]: https://github.com/rails/rails/pull/13999#issuecomment-34601746 | ||||
| * | | Bump license years for 2018 | Yoshiyuki Hirano | 2017-12-31 | 3 | -3/+3 |
| | | | |||||
| * | | let drb make temprary server | Nobuyoshi Nakada | 2017-12-29 | 1 | -8/+1 |
| |/ | |||||
| * | Merge pull request #31449 from PHedkvist/headless_api_doc | Eileen M. Uchitelle | 2017-12-18 | 1 | -0/+3 |
| |\ | | | | | Add headless browser support in api docs [ci skip] | ||||
| | * | Add headless browser support in api docs [ci skip] | Pierre Hedkvist | 2017-12-18 | 1 | -0/+3 |
| | | | |||||
| * | | Minor cleanup of CHANGELOG of PR #30850 [ci skip] | Prathamesh Sonpatki | 2017-12-17 | 1 | -3/+3 |
| | | | |||||
| * | | Added reference to default value of `allow_other_host` [ci skip] | Prathamesh Sonpatki | 2017-12-17 | 1 | -1/+1 |
| | | | |||||
| * | | [ci skip] update link | Dixit Patel | 2017-12-15 | 1 | -1/+1 |
| | | | |||||
| * | | Generate tmpname on its own | yuuji.yaginuma | 2017-12-15 | 1 | -1/+6 |
| | | | | | | | | | | | | | | | `make_tmpname` was removed by https://github.com/ruby/ruby/commit/25d56ea7b7b52dc81af30c92a9a0e2d2dab6ff27. In this case, we want a file name, not a `File`. So cannot use `Tempfile`. Fixes #31458 | ||||
| * | | Suppress `warning: BigDecimal.new is deprecated` | Yasuo Honda | 2017-12-15 | 1 | -1/+1 |
| |/ | | | | | | | | | | | | | | | | | | | | `BigDecimal.new` has been deprecated in BigDecimal 1.3.3 which will be a default for Ruby 2.5. Refer https://github.com/ruby/bigdecimal/commit/533737338db915b00dc7168c3602e4b462b23503 * This commit has been made as follows: ``` cd rails git grep -l BigDecimal.new | grep -v guides/source/5_0_release_notes.md | grep -v activesupport/test/xml_mini_test.rb | xargs sed -i -e "s/BigDecimal.new/BigDecimal/g" ``` - `activesupport/test/xml_mini_test.rb` Editmanually to remove `.new` and `::` - guides/source/5_0_release_notes.md This is a Rails 5.0 release notes. | ||||
| * | Merge pull request #31289 from witlessbird/fips-compatibility | Eileen M. Uchitelle | 2017-12-14 | 3 | -3/+3 |
| |\ | | | | | Initial support for running Rails on FIPS-certified systems | ||||
| | * | Introduced `ActiveSupport::Digest` that allows to specify hash function ↵ | Dmitri Dolguikh | 2017-12-12 | 3 | -3/+3 |
| | | | | | | | | | | | | | | | | | implementation and defaults to `Digest::MD5`. Replaced calls to `::Digest::MD5.hexdigest` with calls to `ActiveSupport::Digest.hexdigest`. | ||||
| * | | Enable `Layout/LeadingCommentSpace` to not allow cosmetic changes in the future | Ryuta Kamizono | 2017-12-14 | 5 | -14/+13 |
| | | | | | | | | | Follow up of #31432. | ||||
| * | | Enable `Layout/SpaceBeforeComma` rubocop rule, and fixed more | Ryuta Kamizono | 2017-12-12 | 3 | -4/+4 |
| | | | | | | | | | Follow up of #31390. | ||||
| * | | Change the system tests to set Puma as default server only when the user ↵ | Guillermo Iguaran | 2017-12-09 | 3 | -2/+24 |
| | | | | | | | | | haven't specified manually another server. | ||||
| * | | Add secure `X-Download-Options` and `X-Permitted-Cross-Domain-Policies` to ↵ | Guillermo Iguaran | 2017-12-09 | 4 | -4/+15 |
| | | | | | | | | | default headers set. | ||||
| * | | Merge pull request #30780 from ↵ | Sean Griffin | 2017-12-07 | 2 | -0/+23 |
| |\ \ | | | | | | | | | | | | | JackMc/fix-chrome-referrer-invalidauthenticitytoken Fix issue #30658 by checking explicitly for 'null' referrer | ||||
| | * | | Add a better error message when a "null" Origin header occurs | Jack McCracken | 2017-11-03 | 2 | -0/+23 |
| | | | | |||||
| * | | | Add headless firefox driver to System Tests | bogdanvlviv | 2017-12-07 | 6 | -3/+40 |
| | | | | |||||
| * | | | Correct routing test spelling mistake. | Philip Tolton | 2017-12-06 | 1 | -1/+1 |
| | | | | |||||
| * | | | Yield array from AC::Parameters#each for block with one arg | Dominic Cleal | 2017-12-06 | 2 | -1/+17 |
| | | | | | | | | | | | | | Matches Hash#each behaviour as used in Rails 4. | ||||
| * | | | Add missing require | yuuji.yaginuma | 2017-12-05 | 1 | -0/+2 |
| | | | | | | | | | | | | | | | | | | | | | | Follow up of 3c442b6df91e291ebbf17f37444414bf5f10fbe6 Without this require, it will fail when run CSP test alone. Ref: https://travis-ci.org/rails/rails/jobs/311715758#L2976 | ||||
| * | | | Fix CSP copy boolean directives (#31326) | Simon Dawson | 2017-12-05 | 2 | -5/+10 |
| | | | | | | | | | | Use Object#deep_dup to safely duplicate policy values | ||||
| * | | | Embrace the instantiation in loving parens <3 | Kasper Timm Hansen | 2017-12-03 | 1 | -1/+2 |
| | | | | |||||
| * | | | Merge pull request #31146 from ↵ | Kasper Timm Hansen | 2017-12-03 | 1 | -41/+83 |
| |\ \ \ | | | | | | | | | | | | | | | | | mikeycgto/actiondispatch-cookie-store-test-updates Update cookie_store_test to use encrypted cookies | ||||
| | * | | | Update cookie_store_test to use encrypted cookies | Michael Coyne | 2017-11-27 | 1 | -41/+83 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This now modernizes these tests to use encrypted cookies instead of using secret_token HMACs. This commit also adds a tests to ensure session cookies with :expires_after set are invalidated and no longer accepted when the time has elapsed. | ||||
| * | | | | Add changelog entry for 9d6e28 | eileencodes | 2017-11-30 | 1 | -0/+12 |
| | |_|/ |/| | | | | | | | | Since this changes a default setting a changelog entry is important. | ||||
| * | | | Make screenshots default to "simple" format | eileencodes | 2017-11-29 | 2 | -10/+13 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Not everyone uses iTerm2 and whereas Terminal.app on a mac just ignores that and outputs the path, other terminals like those on Ubuntu do not. A friendlier default is one that works by default. Closes #31159 Closes #30957 | ||||
| * | | | Fix tests: Remove ogx mime type from tests | Guillermo Iguaran | 2017-11-29 | 1 | -1/+1 |
| | | | | |||||
| * | | | Fix typo in mime type registering | Guillermo Iguaran | 2017-11-29 | 1 | -1/+1 |
| | | | | |||||
| * | | | Restore mpeg mime type, delete less common mime types | Guillermo Iguaran | 2017-11-29 | 1 | -9/+4 |
| | | | | | | | | | | | | | See discussion in #31251 | ||||
| * | | | Register "audio/mp4" mime type with :m4a symbol | Guillermo Iguaran | 2017-11-29 | 1 | -1/+1 |
| | | | | |||||
| * | | | Update send_file headers test to use mp4 as example instead of mpg | Guillermo Iguaran | 2017-11-28 | 1 | -1/+1 |
| | | | | |||||
| * | | | Register most popular audio/video/font mime types supported by modern browsers | Guillermo Iguaran | 2017-11-28 | 3 | -7/+29 |
| | | | | |||||
| * | | | Preparing for 5.2.0.beta2 release | Rafael Mendonça França | 2017-11-28 | 2 | -1/+6 |
| | | | | |||||
| * | | | Fix typos and add a few suggestions | Fatos Morina | 2017-11-28 | 1 | -3/+3 |
| | | | | |||||
| * | | | Fix optimized url helpers when using relative url root | Andrew White | 2017-11-28 | 3 | -0/+54 |
| |/ / | | | | | | | Fixes #31220. | ||||
| * | | Preparing for 5.2.0.beta1 release | Rafael Mendonça França | 2017-11-27 | 2 | -1/+3 |
| | | | |||||
| * | | Fix CHANGELOG for CSP PR #31162 [ci skip] | Prathamesh Sonpatki | 2017-11-27 | 1 | -10/+10 |
| | | | |||||
| * | | Add CHANGELOG.md entry for #31162 [ci skip] | Andrew White | 2017-11-27 | 1 | -0/+60 |
| | | | |||||
| * | | Add DSL for configuring Content-Security-Policy header | Andrew White | 2017-11-27 | 7 | -0/+622 |
| | | | | | | | | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy | ||||
| * | | Merge pull request #24510 from ↵ | Rafael Mendonça França | 2017-11-25 | 2 | -9/+6 |
| |\ \ | | | | | | | | | | | | | | | | vipulnsward/make-variable_size_secure_compare-public Make variable_size_secure_compare public | ||||
| | * | | Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, | Vipul A M | 2017-06-07 | 2 | -9/+6 |
| | | | | | | | | | | | | | | | | | | | | | | to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings. | ||||
| * | | | Merge pull request #31195 from mltsy/patch-2 | Vipul A M | 2017-11-24 | 1 | -1/+1 |
| |\ \ \ | | | | | | | | | Fix tld_length documentation in ActionDispatch::Cookies [ci skip] | ||||
| | * | | | Fix tld_length documentation | Joe Marty | 2017-11-21 | 1 | -1/+1 |
| | | | | | | | | | | | | | Change recommendation for tld_length (for sharing cookies across subdomains of a 2-token TLD), to 2 instead of 1. | ||||
| * | | | | Fix CustomUrls#direct doc formatting | T.J. Schuck | 2017-11-22 | 1 | -6/+6 |
| | | | | | | | | | | | | | | | | | | | | | Particularly, the bulleted list was getting formatted as a code block because of the extra level of indentation. Pulling it back to the left makes it render properly as a list instead. [ci skip] | ||||
 |
index : rails.git | |
| Mirror of official rails repo with custom fixes. | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |
path: root/actionpack