rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Allow session serializer key in config.session_store	Lukasz Sarnacki	2014-01-29	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \|	MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt.
*	Use `Base.strict_decode64` instead of `Base.decode64` just as we do in encoding;	Vipul A M	2013-05-16	1	-3/+3
\| \| \| \|	Also reduce extra object allocation by creating string directly instead of join on Array
*	Merge pull request #9980 from stouset/patch-1	Andrew White	2013-04-26	1	-4/+5
\|\ \| \| \| \| \| \| \| \|	Improve poor security recommendation in docs [ci skip]
\| *	Improve poor security recommendation in docs	Stephen Touset	2013-03-28	1	-4/+5
\| \| \| \| \| \| \| \| \| \|	As reported in #9960, the current documentation recommends an insecure practice for key generation from a password (a single round of SHA-256). The modified documentation uses ActiveSupport::KeyGenerator to perform proper key stretching.
* \|	Reorganize MessageEncryptor	jgls	2013-04-19	1	-5/+4
\|/ \| \| \| \| \| \| \| \|	1) According to OpenSSL's documentation, cipher.random_iv must be called after cipher.encrypt and already sets the generated IV on the cipher. 2) OpenSSL::CipherError was moved to OpenSSL::Cipher::CipherError in Ruby 1.8.7. Since Rails 4 requires at least Ruby 1.9.3, support for the old location can be dropped.
*	Missing require extract_options	Akira Matsuda	2013-01-31	1	-0/+1
\|
*	Replace comments' non-breaking spaces with spaces	claudiob	2012-12-04	1	-2/+2
\| \| \| \| \| \| \| \| \| \|	Sometimes, on Mac OS X, programmers accidentally press Option+Space rather than just Space and don’t see the difference. The problem is that Option+Space writes a non-breaking space (0XA0) rather than a normal space (0x20). This commit removes all the non-breaking spaces inadvertently introduced in the comments of the code.
*	Add cookie.encrypted which returns an EncryptedCookieJar	Santiago Pastorino	2012-11-03	1	-2/+5
\| \| \| \| \| \| \| \| \|	How to use it? cookies.encrypted[:discount] = 45 => Set-Cookie: discount=ZS9ZZ1R4cG1pcUJ1bm80anhQang3dz09LS1mbDZDSU5scGdOT3ltQ2dTdlhSdWpRPT0%3D--ab54663c9f4e3bc340c790d6d2b71e92f5b60315; path=/ cookies.encrypted[:discount] => 45
*	update AS docs [ci skip]	Francesco Rodriguez	2012-09-17	1	-20/+22
\|
*	[ci skip] More docs for ActiveSupport::MessageEncryptor	Daniel Fone	2012-01-26	1	-0/+14
\|
*	remove ActiveSupport::Base64 in favor of ::Base64	Sergey Nartimov	2012-01-02	1	-3/+3
\|
*	deprecate Base64.encode64s from AS. Use Base64.strict_encode64 instead	Vasiliy Ermolovich	2011-12-27	1	-1/+1
\|
*	Remove deprecations from Active Support.	José Valim	2011-12-20	1	-17/+0
\|
*	Don't marshal dump twice when using encryptor.	José Valim	2011-11-09	1	-1/+12
\|
*	Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt.	José Valim	2011-11-09	1	-17/+32
\|
*	Fix typo in deprecation warning.	Peter Suschlik	2011-09-16	1	-1/+1
\|
*	Use an options hash to specify digest/cipher algorithm and a serializer for ↵	Willem van Bergen	2011-09-15	1	-7/+10
\| \| \| \|	MessageVerifier and MessageEncryptor.
*	Implement API suggestions of pull request.	Willem van Bergen	2011-09-15	1	-6/+5
\|
*	Custom serializers and deserializers in MessageVerifier and MessageEncryptor.	Willem van Bergen	2011-09-15	1	-2/+6
\| \| \| \| \|	By default, these classes use Marshal for serializing and deserializing messages. Unfortunately, the Marshal format is closely associated with Ruby internals and even changes between different interpreters. This makes the resulting message very hard to impossible to unserialize messages generated by these classes in other environments like node.js. This patch solves this by allowing you to set your own custom serializer and deserializer lambda functions. By default, it still uses Marshal to be backwards compatible.
*	Some style changes	suchasurge	2011-03-06	1	-1/+1
\|
*	Deletes trailing whitespaces (over text files only find * -type f -exec sed ↵	Santiago Pastorino	2010-08-14	1	-17/+17
\| \| \| \|	's/[ \t]*$//' -i {} \;)
*	message_encriptor.rb needs active_support/base64	Xavier Noria	2010-01-01	1	-0/+1
\|
*	Rescue OpenSSL::Cipher::CipherError or OpenSSL::CipherError depending on ↵	Jeremy Kemper	2008-11-25	1	-3/+4
\| \| \| \|	which is present
*	Add a MessageEncryptor, just like MessageVerifier but using symmetric key ↵	Michael Koziarski	2008-11-25	1	-0/+69
	encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store.