index
:
rails.git
3-2-stable-for-hmno
master
Mirror of official rails repo with custom fixes.
Harald Eilertsen
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
guides
/
source
/
security.md
Commit message (
Expand
)
Author
Age
Files
Lines
*
warn about reading guides in GitHub
Xavier Noria
2014-12-23
1
-0
/
+2
*
Do not use line breaks on notes [ci skip]
Andrey Nering
2014-12-22
1
-6
/
+1
*
s/a unobtrusive/an unobtrusive [ci skip]
Zachary Scott
2014-12-22
1
-1
/
+1
*
Add note about Ajax and CSRF-Token [ci skip]
Andrey Nering
2014-12-20
1
-1
/
+8
*
Don't convert empty arrays to nils when deep munging params
Chris Sinjakli
2014-12-15
1
-4
/
+4
*
Fixing wrong link in 'Ruby on Rails Security Guide' [ci skip]
Javier Vidal
2014-11-22
1
-1
/
+1
*
[ci skip] re-worded section on CookieStore to make it more readable.
Tom Kadwill
2014-08-16
1
-3
/
+3
*
Point to rubygems instead of Rails GitHub. [ci skip]
Rafael Mendonça França
2014-08-15
1
-1
/
+1
*
Fixed link for in_place_editor [ci skip]
Arun Agrawal
2014-08-15
1
-1
/
+1
*
correct markdown usage [ci skip]
Nishant Modak
2014-07-09
1
-6
/
+6
*
remove rubyforge.org that was shut down [ci skip]
Gaurav Sharma
2014-06-06
1
-1
/
+1
*
Replace first person point of view on guides.
Hendy Tanata
2014-05-16
1
-7
/
+7
*
[ci skip] Security guide clarity.
Kyle Heironimus
2014-05-01
1
-2
/
+2
*
Remove statement assuming coffee shop/public space wifi is inherently insecure
Nick Quaranto
2014-04-19
1
-1
/
+1
*
Include default rails protect_from_forgery with: :exception
PaulL1
2014-04-17
1
-4
/
+4
*
CSRF protection should rescue exception not extend
PaulL1
2014-04-17
1
-3
/
+2
*
[ci skip] Use plain underscore instead of "\_".
Juanito Fatas
2014-04-13
1
-2
/
+2
*
W3C CSP document moved to gihub.io URL [ci skip]
Andy Callaghan
2014-04-05
1
-1
/
+1
*
[ci skip] use secrets.secret_key_base instead of config.secret_key_base
Kuldeep Aggarwal
2014-03-01
1
-3
/
+10
*
Add verb to sanitization note
Dave Jachimiak
2014-02-14
1
-1
/
+1
*
Log which keys were set to nil in deep_munge
Lukasz Sarnacki
2014-01-28
1
-0
/
+43
*
clean up security guide: his => their [ci skip]
Rex Feng
2014-01-16
1
-1
/
+1
*
[ci skip] Added alias to CSRF
Uday Kadaboina
2014-01-14
1
-2
/
+2
*
CSRF protection from cross-origin <script> tags
Jeremy Kemper
2013-12-17
1
-3
/
+5
*
[ci skip] Removing some gender sensitive object pronouns
Tejas Dinkar
2013-12-02
1
-6
/
+6
*
Use genderless pronouns in security guide. [ci skip]
Vipul A M
2013-12-02
1
-18
/
+18
*
Update security.md
Adam
2013-11-08
1
-1
/
+1
*
incorrect url
Sergio
2013-09-16
1
-1
/
+1
*
incorrect urls
Sergio
2013-09-16
1
-2
/
+2
*
surplus : in attachment_fu plugin
Sergio
2013-09-15
1
-1
/
+1
*
Improves a sentence in guides/security
Hannes Fostie
2013-09-09
1
-1
/
+1
*
cleans the guides sources from fancy non-ASCII stuff
Xavier Noria
2013-08-23
1
-22
/
+22
*
remove language about configuring digest method [ci skip]
Justin George
2013-07-31
1
-1
/
+1
*
update guide to reflect default HMAC SHA1 in MessageVerifier used in SignedCo...
Justin George
2013-07-30
1
-1
/
+1
*
Remove double spaces in guides
Sunny Ripert
2013-05-28
1
-2
/
+2
*
Simple grammar updates
Jonathan Roes
2013-05-03
1
-2
/
+2
*
Fix typo "can exploited" with "can be exploited"
Leo Gallucci
2013-05-01
1
-1
/
+1
*
Ruby On Rails -> Ruby on Rails [ci skip]
Xavier Noria
2013-04-16
1
-1
/
+1
*
ReCAPTCHA plug-in link now points to Github repo. Plug-in is no longer availa...
sthollmann
2013-03-27
1
-1
/
+1
*
Remove mass-assignment line from guide summary
Andrew Wilcox
2013-01-25
1
-1
/
+0
*
PUT => PATCH or PUT
Akira Matsuda
2013-01-02
1
-1
/
+1
*
Updated security guide to reference secret_key_base instead of secret_token, ...
Gary S. Weaver
2012-12-21
1
-3
/
+3
*
Updated security guide with information about secret_token.rb and to suggest ...
Gary S. Weaver
2012-12-21
1
-7
/
+11
*
remove Mass Assignment reference from Security Guide [ci skip]
Francesco Rodriguez
2012-12-10
1
-1
/
+0
*
Security Guide: removing Mass Assignment.
Steve Klabnik
2012-12-08
1
-135
/
+0
*
update guides to use _action callbacks [ci skip]
Francesco Rodriguez
2012-12-07
1
-1
/
+1
*
Normalize on 'After reading this guide, you will know:'
Steve Klabnik
2012-11-29
1
-1
/
+3
*
Add periods to the bullet points in guides.
Steve Klabnik
2012-11-29
1
-7
/
+7
*
use em-dashes instead of two minuses in guides
burningTyger
2012-11-10
1
-2
/
+2
*
migrating guides to new hash syntax
AvnerCohen
2012-10-10
1
-13
/
+13
[next]