rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Merge branch 'master' of github.com:rails/docrails	Vijay Dev	2016-12-16	1	-1/+1
\|\
\| *	Remove mention of SafeErb gem [ci skip]	Prathamesh Sonpatki	2016-11-19	1	-1/+1
\| \| \| \| \| \| \| \|	Followup of https://github.com/rails/rails/pull/27086
* \|	Remove mention of deprecated SafeERB gem from security docs for now, prior ↵	Vipul A M	2016-11-18	1	-1/+1
\|/ \| \| \| \|	section already speaks about sanitization as a safety measure. [ci skip] (#27086) Fixes #27085
*	Remove the word "mongrel" from documents	Ryunosuke Sato	2016-09-07	1	-1/+1
\| \| \| \| \| \| \| \| \|	Currently mongrel is not maintained. And it couldn't be built with any Ruby versions that supported by Rails. It is reasonable to remove the word "mongrel" in order to avoid confusion from newcomer.
*	[ci skip] Broken links in documentation fix	Rasmus Kjellberg	2016-08-30	1	-1/+1
\|
*	When referring to Rails, be consistent in usage of capitalized form, unless ↵	Vipul A M	2016-08-19	1	-1/+1
\| \| \| \|	it is used in context of a command like bin/rails or the rails directory [ci skip]
*	rails -> Rails [ci skip]	Santosh Wadghule	2016-07-12	1	-1/+1
\|
*	cometic updates to security guide - fixes #25058 [ci skip]	Mateusz Konieczny	2016-05-27	1	-1/+1
\|
*	Merge pull request #25052 from matkoniecz/2008_is_not_recent	Jon Moss	2016-05-17	1	-3/+1
\|\ \| \| \| \|	update to make it less obvious that this guide is from 2008/2009
\| *	update to make it less obvious that this guide is from 2008/2009	Mateusz Konieczny	2016-05-17	1	-3/+1
\| \| \| \| \| \| \| \| \| \|	malicious ads are neither new nor unusual live HTTP headers project is dead - see https://www.mozdev.org/bugs/show_bug.cgi?id=25944
* \|	Safari 4 supports http only cookie (#25053)	Mateusz Konieczny	2016-05-17	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	* Update documentation about Safari 4 supporting http only cookie - Source: www.greebo.net/2009/06/09/httponly-in-safari-40-release/ via http://stackoverflow.com/questions/528405/which-browsers-do-support-httponly-cookies
* \|	Fix security guide capitalization errors	Jon Moss	2016-05-16	1	-15/+15
\|/ \| \| \| \| \| \| \| \|	Would have submitted to docrails, but this guide was just changed today, and docrails doesn't have the most updated version :grimacing: cc @vipulnsward [ci skip]
*	Update the Rails security guide	Ralin Chimev	2016-05-16	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	Bring up-to-date the information about the session id in the Sessions section. The guide currently says that the session id is a md5 hash while the implementation uses a random hex string. Fixes #25032. [ci skip]
*	[ci skip] Parameter filter performs regular expression partial matching	Andrew Babichev	2016-03-31	1	-0/+2
\|
*	Remove reference to unmaintained plugin/gem	Olivier Lacan	2016-03-23	1	-1/+1
\| \| \| \| \| \| \| \| \|	[restful-authentication](https://rubygems.org/gems/restful-authentication/versions/1.2.1) hasn't been updated since September 6th, 2012 so it might not be a great idea to recommend that Rails users try it out. Devise seems like a much more popular and secure solution that automatically resets sessions on sign in and out so it's a great example in this case. /cc @tenderlove @josevalim
*	Change 'a HTTP' to 'an HTTP' [ci skip]	Santosh Wadghule	2016-03-03	1	-3/+3
\|
*	Fixed grammatical errors in rails docs [ci skip]	Matt Michnal	2016-02-09	1	-2/+2
\| \| \| \| \| \|	Fixed errors in rails migrations docs [ci skip] Fixed errors in rails security docs [ci skip]
*	[ci skip] Fix grammar	Abhishek Jain	2016-02-09	1	-1/+1
\|
*	use rails secret in rails guides	Ryo Hashimoto	2016-02-03	1	-1/+1
\|
*	ApplicationRecord documentation pass	Genadi Samokovarov	2015-12-17	1	-1/+1
\| \| \| \| \| \| \|	This is a pass over the documentation which fills the missing gaps of `ApplicationRecord`. [ci skip]
*	Fix a couple of grammatical errors in security.md	Existent Ltd	2015-12-16	1	-2/+2
\|
*	Merge branch 'master' of github.com:rails/docrails	Vijay Dev	2015-10-31	1	-1/+1
\|\
\| *	Improved `KeyError` messages on bang version, since commit ↵	amitkumarsuroliya	2015-10-11	1	-1/+1
\| \| \| \| \| \| \| \|	https://github.com/rails/rails/commit/e768c519fb6015e00961702a5165c6dab548a954 bang version produces `KeyError` [ci skip]
* \|	Improve readability in CSRF section of guide	Andy Lampert	2015-10-07	1	-4/+3
\| \|
* \|	[ci skip] Change 'an URL' to 'a URL' as URL doesn't have a vowel sound	tanmay3011	2015-10-06	1	-2/+2
\| \|
* \|	Update text on CSS Injection / Myspace	Sean Collins	2015-10-03	1	-5/+3
\|/ \| \| \|	[skip ci]
*	Clarify CSRF <script> purpose and protection. Note how to deal with your own ↵	Jeremy Daer	2015-09-16	1	-1/+3
\| \| \| \| \| \| \| \|	<script> tags. Ref #21618 [ci skip]
*	Improved explanation of the <script> tag CSRF behavior	Anshul Agrawal	2015-09-14	1	-1/+1
\|
*	Merge branch 'master' of github.com:rails/rails	Vijay Dev	2015-08-24	1	-20/+20
\|\ \| \| \| \| \| \| \| \|	Conflicts: guides/source/security.md
\| *	Add bold to lists' titles [ci skip]	Alexey Markov	2015-08-21	1	-6/+6
\| \|
\| *	Small fixes [ci skip]	Alexey Markov	2015-08-20	1	-12/+6
\| \|
\| *	Small fixes [ci skip]	Alexey Markov	2015-08-17	1	-6/+5
\| \|
\| *	Tiny documentation fixes [ci skip]	Robin Dupret	2015-08-11	1	-1/+6
\| \|
\| *	[ci skip] Typo fixed	Dhia Eddine Chouchane	2015-08-06	1	-1/+1
\| \|
\| *	Outdated information about session storage updated [ci skip]	Dhia Eddine Chouchane	2015-08-06	1	-2/+4
\| \| \| \| \| \| \| \|	The guide contains information about Rails 2 storing mechanism, but not Rails 4. Enhanced the accuracy and coherence of information (There was a part saying "Older versions of Rails use CookieStore, which uses `secret_token` instead of `secret_key_base` that is used by EncryptedCookieStore." while there was no mention of EncryptedCookieStore before)
* \|	add commas removed earlier [ci skip]	Vijay Dev	2015-08-24	1	-1/+1
\| \|
* \|	[ci skip] Fix to `a, b and c` format	yui-knk	2015-07-25	1	-1/+1
\| \|
* \|	[ci skip] Fix minor typo	yui-knk	2015-07-24	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	* Remove `,` * Fix `&lt`; -> `<`
* \|	[ci skip] Minor fix	yui-knk	2015-07-24	1	-1/+1
\|/ \| \| \| \|	* add a space * add a `.`
*	Add to Security guides the secrets.yml	Mauro George	2015-07-06	1	-0/+23
\| \| \| \|	[ci skip]
*	[ci skip] Replace dead link about HttpOnly cookies.	Yoong Kang Lim	2015-05-28	1	-1/+1
\|
*	Rails documentation standard is american english. [ci skip]	karanarora	2015-05-20	1	-1/+1
\|
*	updating the links, they were removed in cc30f5f9 [ci skip]	Ankit Gupta	2015-05-19	1	-0/+1
\| \| \| \|	new links as per pull request comment #20160 (OWASP guides)
*	Dead blog/site links [ci skip]	Ankit Gupta	2015-05-14	1	-1/+1
\|
*	promote :except option instead of :only for before action docs [ci skip]	Faruk AYDIN	2015-05-09	1	-1/+1
\|
*	[skip ci] Fix typos in actionpack changelog and security guide	Anton Davydov	2015-05-07	1	-1/+1
\|
*	Merge pull request #19446 from ↵	Zachary Scott	2015-04-14	1	-4/+6
\|\ \| \| \| \| \| \| \| \|	andersonDadario/fix_security_guide_captcha_03_21_2015 Fix security guide captcha 03 21 2015 [ci skip]
\| *	[ci skip] Fix for Security Guide - Captcha Section	Anderson Dadario	2015-03-22	1	-4/+6
\| \|
* \|	Remove old and not working link. [ci skip]	Santosh Wadghule	2015-03-28	1	-1/+1
\|/
*	Merge pull request #18503 from vipulnsward/guides-in-on	Xavier Noria	2015-01-14	1	-1/+1
\|\ \| \| \| \|	Changed `IN` to `ON` in markdown renderer condition