aboutsummaryrefslogtreecommitdiffstats
path: root/activestorage/lib/active_storage.rb
Commit message (Collapse)AuthorAgeFilesLines
* Extract content types from blob dataGeorge Claghorn2018-01-151-0/+2
|
* Extract Analyzable and Representable concernsGeorge Claghorn2018-01-101-0/+2
|
* Force content disposition to attachment for specific content typesRosa Gutierrez2018-01-051-0/+1
| | | | | | | | | | | | | | In this way we avoid HTML, XML, SVG and other files that can be rendered by the browser to be served inline by default. Depending on the origin from where these files are served, this might lead to XSS vulnerabilities, and in the best case, to more realistic phishing attacks and open redirects. We force it rather than falling back to it when other disposition is not provided. Otherwise it would be possible for someone to force inline just by passing `disposition=inline` in the URL. The list of content types to be served as attachments is configurable.
* Configure previewer/analyzer command paths centrallyGeorge Claghorn2018-01-031-0/+1
|
* Bump license years for 2018Yoshiyuki Hirano2017-12-311-1/+1
|
* Restrict variants to variable image blobsGeorge Claghorn2017-12-151-0/+1
|
* Permit configuring Active Storage's job queueGeorge Claghorn2017-11-031-0/+1
|
* Extract metadata from images and videosGeorge Claghorn2017-10-221-0/+3
|
* [Active Storage] require_relative => requireAkira Matsuda2017-10-211-1/+1
|
* Preview PDFs and videosGeorge Claghorn2017-09-281-0/+2
|
* Use frozen string literal in Active StorageKoichi ITO2017-08-121-0/+2
|
* Follow same format as action_cableDavid Heinemeier Hansson2017-08-011-1/+3
|
* Add 'activestorage/' from commit '3f4a7218a4a4923a0e7ce1b2eb0d2888ce30da58'Rafael Mendonça França2017-07-311-0/+34
git-subtree-dir: activestorage git-subtree-mainline: 0d58e7e478e79c2d6b2a39a4444d2a17a903b2a6 git-subtree-split: 3f4a7218a4a4923a0e7ce1b2eb0d2888ce30da58
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 07:17:07 +0000