index
:
rails.git
3-2-stable-for-hmno
master
Mirror of official rails repo with custom fixes.
Harald Eilertsen
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
guides
/
source
/
security.md
Commit message (
Expand
)
Author
Age
Files
Lines
*
Update link to OWASP XSS cheat sheet [ci skip]
Aaron Suarez
2019-06-23
1
-1
/
+1
*
Update links and code examples in the guides to use HTTPS where the host supp...
Nathaniel Suchy
2019-03-06
1
-5
/
+5
*
Merge branch 'master' into guides_session_guidelines_2
Matilda Smeds
2018-12-09
1
-1
/
+6
|
\
|
*
Amend CVE note and security guide section wordings
Gannon McGibbon
2018-11-06
1
-1
/
+1
|
*
Add CVE note to security guide and gemspecs
Gannon McGibbon
2018-11-06
1
-0
/
+5
*
|
Update guides/source/security.md
Derek Prior
2018-10-18
1
-1
/
+1
*
|
Update guides/source/security.md
Derek Prior
2018-10-18
1
-1
/
+1
*
|
Edit Security Guide's Session Guidelines & Custom Credentials [skip ci]
Matilda Smeds
2018-10-14
1
-68
/
+31
|
/
*
[ci skip] corrects more grammar awkwardness, replacing denylist with restrict...
Mina Slater
2018-08-22
1
-14
/
+14
*
[ci skip] fixes a few more grammar issues, changing a to an before the word a...
Mina Slater
2018-08-22
1
-6
/
+6
*
[ci skip] change all instances of blacklist and whitelist to denylist and all...
Mina Slater
2018-08-21
1
-14
/
+14
*
Fix file upload location recommendation
Jack Christensen
2018-08-01
1
-1
/
+1
*
Merge pull request #33229 from albertoalmagro/albertoalmagro/prefer-rails-com...
Matthew Draper
2018-07-25
1
-1
/
+1
|
\
|
*
Recommend use of rails over bin/rails
Alberto Almagro
2018-07-06
1
-1
/
+1
*
|
Rails guides are now served over https
Paul McMahon
2018-07-24
1
-1
/
+1
|
/
*
Added a lot of Oxford commas
Anthony Crumley
2018-05-10
1
-19
/
+19
*
Add the `nonce: true` option for `javascript_include_tag` helper.
Yaroslav Markin
2018-04-17
1
-0
/
+6
*
Update security.md with latest underground market prices
szTheory
2018-04-13
1
-1
/
+1
*
Fix MySpace Samy worm link [ci skip]
284km
2018-04-12
1
-1
/
+1
*
Put images into each page's dir in guides
Yoshiyuki Hirano
2018-03-31
1
-2
/
+2
*
Move CSP info from 5.2 release notes to guide [ci skip]
bogdanvlviv
2018-03-18
1
-0
/
+106
*
Fix note marks [ci skip]
Yauheni Dakuka
2018-03-12
1
-1
/
+1
*
Remove password anecdotes from guides [ci skip]
Daniel Colson
2018-02-07
1
-12
/
+0
*
Merge pull request #31817 from composerinteralia/mediocre-joke
Richard Schneeman
2018-01-28
1
-1
/
+1
|
\
|
*
Remove joke in security guide [ci skip]
Daniel Colson
2018-01-28
1
-1
/
+1
*
|
Update `action_dispatch.default_headers` default value [ci skip]
yuuji.yaginuma
2018-01-28
1
-1
/
+4
|
/
*
Fix typos [ci skip]
Yauheni Dakuka
2018-01-11
1
-1
/
+1
*
Merge pull request #30474 from yhirano55/make_it_same_title_in_index_and_page
Eileen M. Uchitelle
2017-12-13
1
-2
/
+2
|
\
|
*
Make it same title in index and page [ci skip]
Yoshiyuki Hirano
2017-08-31
1
-2
/
+2
*
|
[ci skip] SecureRandom should mentioned Win32 CryptoAPI functions ins… (#31...
Atul Shimpi
2017-11-25
1
-1
/
+1
*
|
Fix links [ci skip]
Yauheni Dakuka
2017-11-16
1
-2
/
+2
*
|
Update security guide for signed cookie rotations
Michael Coyne
2017-10-09
1
-2
/
+3
*
|
Fix broken link to recaptcha.net [ci skip]
Patrick Davey
2017-10-01
1
-1
/
+1
*
|
[ci skip] Don't mention unrotatable secret_key_base.
Kasper Timm Hansen
2017-09-25
1
-18
/
+20
*
|
[ci skip] Attempt a new explanation for rotations.
Kasper Timm Hansen
2017-09-24
1
-28
/
+16
*
|
[ci skip] RotationConfiguration is an implementation detail, not public API.
Kasper Timm Hansen
2017-09-24
1
-7
/
+4
*
|
Add key rotation cookies middleware
Michael Coyne
2017-09-24
1
-19
/
+111
*
|
Merge pull request #30623 from manojmj92/manojmj92-oo-key-patch
Javan Makhmali
2017-09-20
1
-1
/
+1
|
\
\
|
*
|
Fix error message documentation
Manoj M J
2017-09-20
1
-1
/
+1
*
|
|
Remove "the" [ci skip]
Yauheni Dakuka
2017-09-18
1
-1
/
+1
|
/
/
*
|
Fix typo: `credentails` -> `credentials` [ci skip]
yuuji.yaginuma
2017-09-16
1
-3
/
+3
*
|
[ci skip] Prefer credentials to secrets in docs.
Kasper Timm Hansen
2017-09-13
1
-24
/
+21
*
|
Fix created_at [ci skip]
Yauheni Dakuka
2017-09-13
1
-1
/
+1
|
/
*
Grammar fix
Jordan Sitkin
2017-08-22
1
-1
/
+1
*
Use ssl in guide and comment [ci skip]
Yoshiyuki Hirano
2017-08-19
1
-3
/
+3
*
Remove period from within links
Jon Moss
2017-08-16
1
-3
/
+3
*
Update security.md
Yauheni Dakuka
2017-06-26
1
-1
/
+1
*
Add brakeman to guides/additional resources. Fixes #29383 [ci skip] (#29427)
Vipul A M
2017-06-12
1
-3
/
+4
*
Merge pull request #28132 from mikeycgto/aead-encrypted-cookies
Kasper Timm Hansen
2017-05-28
1
-8
/
+15
|
\
|
*
AEAD encrypted cookies and sessions
Michael Coyne
2017-05-22
1
-8
/
+15
[next]