aboutsummaryrefslogtreecommitdiffstats
path: root/guides/source/security.md
Commit message (Expand)AuthorAgeFilesLines
* Update link to OWASP XSS cheat sheet [ci skip]Aaron Suarez2019-06-231-1/+1
* Update links and code examples in the guides to use HTTPS where the host supp...Nathaniel Suchy2019-03-061-5/+5
* Merge branch 'master' into guides_session_guidelines_2Matilda Smeds2018-12-091-1/+6
|\
| * Amend CVE note and security guide section wordingsGannon McGibbon2018-11-061-1/+1
| * Add CVE note to security guide and gemspecsGannon McGibbon2018-11-061-0/+5
* | Update guides/source/security.mdDerek Prior2018-10-181-1/+1
* | Update guides/source/security.mdDerek Prior2018-10-181-1/+1
* | Edit Security Guide's Session Guidelines & Custom Credentials [skip ci]Matilda Smeds2018-10-141-68/+31
|/
* [ci skip] corrects more grammar awkwardness, replacing denylist with restrict...Mina Slater2018-08-221-14/+14
* [ci skip] fixes a few more grammar issues, changing a to an before the word a...Mina Slater2018-08-221-6/+6
* [ci skip] change all instances of blacklist and whitelist to denylist and all...Mina Slater2018-08-211-14/+14
* Fix file upload location recommendationJack Christensen2018-08-011-1/+1
* Merge pull request #33229 from albertoalmagro/albertoalmagro/prefer-rails-com...Matthew Draper2018-07-251-1/+1
|\
| * Recommend use of rails over bin/railsAlberto Almagro2018-07-061-1/+1
* | Rails guides are now served over httpsPaul McMahon2018-07-241-1/+1
|/
* Added a lot of Oxford commasAnthony Crumley2018-05-101-19/+19
* Add the `nonce: true` option for `javascript_include_tag` helper.Yaroslav Markin2018-04-171-0/+6
* Update security.md with latest underground market pricesszTheory2018-04-131-1/+1
* Fix MySpace Samy worm link [ci skip]284km2018-04-121-1/+1
* Put images into each page's dir in guidesYoshiyuki Hirano2018-03-311-2/+2
* Move CSP info from 5.2 release notes to guide [ci skip]bogdanvlviv2018-03-181-0/+106
* Fix note marks [ci skip]Yauheni Dakuka2018-03-121-1/+1
* Remove password anecdotes from guides [ci skip]Daniel Colson2018-02-071-12/+0
* Merge pull request #31817 from composerinteralia/mediocre-jokeRichard Schneeman2018-01-281-1/+1
|\
| * Remove joke in security guide [ci skip]Daniel Colson2018-01-281-1/+1
* | Update `action_dispatch.default_headers` default value [ci skip]yuuji.yaginuma2018-01-281-1/+4
|/
* Fix typos [ci skip]Yauheni Dakuka2018-01-111-1/+1
* Merge pull request #30474 from yhirano55/make_it_same_title_in_index_and_pageEileen M. Uchitelle2017-12-131-2/+2
|\
| * Make it same title in index and page [ci skip]Yoshiyuki Hirano2017-08-311-2/+2
* | [ci skip] SecureRandom should mentioned Win32 CryptoAPI functions ins… (#31...Atul Shimpi2017-11-251-1/+1
* | Fix links [ci skip]Yauheni Dakuka2017-11-161-2/+2
* | Update security guide for signed cookie rotationsMichael Coyne2017-10-091-2/+3
* | Fix broken link to recaptcha.net [ci skip]Patrick Davey2017-10-011-1/+1
* | [ci skip] Don't mention unrotatable secret_key_base.Kasper Timm Hansen2017-09-251-18/+20
* | [ci skip] Attempt a new explanation for rotations.Kasper Timm Hansen2017-09-241-28/+16
* | [ci skip] RotationConfiguration is an implementation detail, not public API.Kasper Timm Hansen2017-09-241-7/+4
* | Add key rotation cookies middlewareMichael Coyne2017-09-241-19/+111
* | Merge pull request #30623 from manojmj92/manojmj92-oo-key-patchJavan Makhmali2017-09-201-1/+1
|\ \
| * | Fix error message documentationManoj M J2017-09-201-1/+1
* | | Remove "the" [ci skip]Yauheni Dakuka2017-09-181-1/+1
|/ /
* | Fix typo: `credentails` -> `credentials` [ci skip]yuuji.yaginuma2017-09-161-3/+3
* | [ci skip] Prefer credentials to secrets in docs.Kasper Timm Hansen2017-09-131-24/+21
* | Fix created_at [ci skip]Yauheni Dakuka2017-09-131-1/+1
|/
* Grammar fixJordan Sitkin2017-08-221-1/+1
* Use ssl in guide and comment [ci skip]Yoshiyuki Hirano2017-08-191-3/+3
* Remove period from within linksJon Moss2017-08-161-3/+3
* Update security.mdYauheni Dakuka2017-06-261-1/+1
* Add brakeman to guides/additional resources. Fixes #29383 [ci skip] (#29427)Vipul A M2017-06-121-3/+4
* Merge pull request #28132 from mikeycgto/aead-encrypted-cookiesKasper Timm Hansen2017-05-281-8/+15
|\
| * AEAD encrypted cookies and sessionsMichael Coyne2017-05-221-8/+15