aboutsummaryrefslogtreecommitdiffstats
path: root/activesupport/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Insert a deprecation warn notice when using AS::DeprecatedCallbacks.Joshua Peek2009-10-121-0/+2
| | | | | We are still using DeprecatedCallbacks in AS and AR. This is meant to annoy the shit out of Rails core until we fix it.
* Callbacks, DeprecatedCallbacks = NewCallbacks, CallbacksJoshua Peek2009-10-125-738/+736
|
* Use "run_callbacks :foo" since it is the public api for callbacks [#3329Joshua Peek2009-10-121-15/+15
| | | | state:resolved]
* Kill unused SafelyMemoizable [#3323 state:resolved]Joshua Peek2009-10-121-13/+0
|
* To unmarshal MissingSourceFile from childJeremy Kemper2009-10-091-1/+3
|
* Mute log info coming from the local_cache strategyPratik Naik2009-10-093-5/+14
|
* Ensure MessageVerifier raises appropriate exception on tampered dataPratik Naik2009-10-091-1/+1
|
* Switch to on-by-default XSS escaping for rails.Michael Koziarski2009-10-082-1/+45
| | | | | | | | | | | | This consists of: * String#html_safe! a method to mark a string as 'safe' * ActionView::SafeBuffer a string subclass which escapes anything unsafe which is concatenated to it * Calls to String#html_safe! throughout the rails helpers * a 'raw' helper which lets you concatenate trusted HTML from non-safety-aware sources (e.g. presantized strings in the DB) * New ERB implementation based on erubis which uses a SafeBuffer instead of a String Hat tip to Django for the inspiration.
* MessageVerifier#verify raises InvalidSignature if the signature is blankJeffrey Hardy2009-10-051-0/+2
| | | | Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Fix the broken railties isolation testsCarl Lerche2009-09-291-4/+9
|
* Escaping symbol passed into Memoizable's flush_cache for query methods to ↵Jay Pignata2009-09-281-2/+2
| | | | | | | | allow them to be cleared Signed-off-by: Michael Koziarski <michael@koziarski.com> [#3138 state:committed]
* Use OpenSSL::Digest.const(...).new instead of OpenSSL::Digest::Digest.new(...)Jeremy Kemper2009-09-241-1/+1
|
* Explicitly require String#bytesize extensionJeremy Kemper2009-09-241-0/+2
|
* Check if the lib is in the load path and requirable before attempting to ↵Joshua Peek2009-09-241-9/+12
| | | | activate the gem version
* Skip addition to load path if an externally-provided lib is already in ↵Jeremy Kemper2009-09-241-2/+5
| | | | place. Just to keep the path shorter.
* Restore split between require-time and runtime load path mungery. Simplifies ↵Jeremy Kemper2009-09-2411-34/+17
| | | | vendor requires.
* Convert the other vendored libs to avoid pulling in old gems. Works even if ↵Jeremy Kemper2009-09-246-32/+16
| | | | rubygems isn't loaded.
* Avoid inadvertently loading an old tzinfo gemJeremy Kemper2009-09-242-9/+5
|
* Fixes Sam Ruby tests suite.José Valim2009-09-211-46/+109
| | | | Signed-off-by: Yehuda Katz <wycats@gmail.com>
* Instrumenting cache stores.José Valim2009-09-204-78/+84
|
* Use NewCallbacks on ActionDispatch::Callbacks.José Valim2009-09-201-2/+2
|
* Added Orchestra.José Valim2009-09-202-0/+104
|
* making nokogiri to hash less clever, more fast O_oAaron Patterson2009-09-171-20/+12
| | | | | | [#2243 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Allow Nokogiri XmlMini backend to process cdata elementsDeveloper2009-09-171-1/+1
| | | | | | [#3219 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Remove premature active_support/miniJeremy Kemper2009-09-141-9/+0
|
* Forgot to update load path dir for vendored memcacheJoshua Peek2009-09-142-2/+1
|
* Bump vendored memcache to 1.7.5Joshua Peek2009-09-131-93/+292
|
* Rollback AS bundler work and improve activation of vendored dependenciesJoshua Peek2009-09-1311-35/+49
|
* Callbacks need to require reportingJoshua Peek2009-09-131-0/+1
|
* Restore AS vendor file until we get things sorted out in railtiesJoshua Peek2009-09-132-0/+28
|
* Load vendored i18n if its not found since its a real requirementJoshua Peek2009-09-131-1/+7
|
* Move AS vendor support into bundler.Joshua Peek2009-09-13151-31/+1
| | | Run `rake bundle` before running tests.
* require reporting before attempting to "shush"Joshua Peek2009-09-132-0/+3
|
* Shush, new_callbacksJeremy Kemper2009-09-131-2/+4
|
* Shush, rexmlJeremy Kemper2009-09-132-3/+3
|
* Prefer not to shadow a localJeremy Kemper2009-09-131-1/+1
|
* Clean up spurious JSON decoding test failureJeremy Kemper2009-09-133-8/+5
|
* Use Encoding.default_external, not _internalJeremy Kemper2009-09-131-2/+2
|
* making secure_compare fasterAaron Patterson2009-09-131-28/+8
| | | | | | [#3195 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Dup the arguments to string compare so we can use force_encoding.Michael Koziarski2009-09-131-2/+2
|
* Revert "ruby 1.9 friendly secure_compare" because it breaks CI and Sam ↵Yehuda Katz2009-09-121-6/+9
| | | | | | Ruby's suite This reverts commit 5de75398c495f109772b622291362a98bc6c21d1.
* Revert "Allow frameworks to be required by their gem name"Jeremy Kemper2009-09-121-1/+0
| | | | | | | This has just been confusing. Better to educate than band-aid. This reverts commit 18a24274ec823ded4ffa29bf33fd3d76816aab7e. Originally from http://dev.rubyonrails.org/ticket/8845 [drnic]
* ruby 1.9 friendly secure_compareJakub Kuźma2009-09-121-9/+6
| | | | Signed-off-by: Michael Koziarski <michael@koziarski.com>
* Remove redundant checks for valid character regexp in ↵Beau Harrington2009-09-101-2/+2
| | | | | | | | ActiveSupport::Multibyte#clean and #verify. [#3181 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Refactor new callbacks and AR implementation.José Valim2009-09-081-56/+58
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Changed ActiveRecord to use new callbacks and speed up observers by only ↵José Valim2009-09-081-46/+53
| | | | | | notifying events that are actually being consumed. Signed-off-by: Joshua Peek <josh@joshpeek.com>
* Ruby 1.9: fix MessageVerifier#secure_compareJeremy Kemper2009-09-081-9/+27
|
* Fix a messed up merge commitMichael Koziarski2009-09-041-4/+0
|
* Add verify and clean methods to ActiveSupport::Multibyte.Michael Koziarski2009-09-043-18/+98
| | | | | | | | | | | | When accepting character input from outside of your application you can't blindly trust that all strings are properly encoded. With these methods you can check incoming strings and clean them up if necessary. Signed-off-by: Michael Koziarski <michael@koziarski.com> Conflicts: activesupport/lib/active_support/multibyte.rb
* Fix timing attack vulnerability in ActiveSupport::MessageVerifier.Coda Hale2009-09-041-3/+16
| | | | | | Use a constant-time comparison algorithm to compare the candidate HMAC with the calculated HMAC to prevent leaking information about the calculated HMAC. Signed-off-by: Michael Koziarski <michael@koziarski.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 23:27:10 +0000