Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Ensure we supply Kernel#y for 1.9 too | Matthew Draper | 2014-04-04 | 1 | -0/+19 | |
| | | | | | | | | In 1.9, it doesn't live in its own file, so we'll have to define it ourselves. Check RUBY_VERSION, instead of rescuing the require, because we want this to break if `psych/y` moves in a future Ruby release. | |||||
* | Merge pull request #13945 from rails/json_cookie_serializer_improvements | Guillermo Iguaran | 2014-02-13 | 1 | -1/+1 | |
|\ | | | | | Cookies serializer improvements | |||||
| * | Renamed session_serializer option to cookies_serializer | Godfrey Chan | 2014-02-11 | 1 | -1/+1 | |
| | | ||||||
* | | do not crash when `config/secrets.yml` is blank. | Yves Senn | 2014-02-12 | 1 | -1/+2 | |
|/ | ||||||
* | Allow session serializer key in config.session_store | Lukasz Sarnacki | 2014-01-29 | 1 | -1/+2 | |
| | | | | | | | | | | | | | MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt. | |||||
* | Better missing `secret_key_base` error message | schneems | 2013-12-24 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | Previously the error was: ``` RuntimeError: You must set secret_key_base in your app's config ``` Will now be: ``` RuntimeError: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml` ``` | |||||
* | Make possible to use symbol as the verifier name | Rafael Mendonça França | 2013-12-19 | 1 | -1/+1 | |
| | ||||||
* | Change the message verifier argument to verifier_name | Rafael Mendonça França | 2013-12-19 | 1 | -6/+6 | |
| | ||||||
* | Rename tokens.yml to secrets.yml | Guillermo Iguaran | 2013-12-12 | 1 | -1/+1 | |
| | ||||||
* | Load secret_key_base from tokens.yml, fallback to config.secret_key_base | Guillermo Iguaran | 2013-12-12 | 1 | -6/+28 | |
| | ||||||
* | Make salt argument required for message verifier | Rafael Mendonça França | 2013-12-04 | 1 | -6/+6 | |
| | ||||||
* | Fix typos | Rafael Mendonça França | 2013-12-04 | 1 | -2/+2 | |
| | ||||||
* | No need to configure salts | Rafael Mendonça França | 2013-12-04 | 1 | -8/+4 | |
| | ||||||
* | Make possibile to get different message verifiers | Rafael Mendonça França | 2013-12-04 | 1 | -9/+18 | |
| | ||||||
* | Add missing require | Rafael Mendonça França | 2013-12-04 | 1 | -0/+1 | |
| | ||||||
* | Rename verifier to message_verifier | Rafael Mendonça França | 2013-12-04 | 1 | -4/+4 | |
| | ||||||
* | Add documentation and CHANGELOG entry to Application#verifier | Rafael Mendonça França | 2013-12-04 | 1 | -0/+9 | |
| | ||||||
* | Add application verifier | Rafael Mendonça França | 2013-12-04 | 1 | -0/+12 | |
| | | | | | | | | It is an application global verifier that can be used to generate and verify signed messages. See the documentation of ActiveSupport::MessageVerifier for more information. | |||||
* | clean up some warnings on trunk ruby | Aaron Patterson | 2013-10-31 | 1 | -1/+1 | |
| | ||||||
* | This is not needed anymore, before_initialize block can access config | Santiago Pastorino | 2013-07-14 | 1 | -1/+0 | |
| | ||||||
* | #11381: Ignore config.eager_load=true for rake | Paul Nikitochkin | 2013-07-10 | 1 | -1/+2 | |
| | | | | Closes #11381 | |||||
* | Allowing multiple rails applications in the same ruby instance. | wangjohn | 2013-06-30 | 1 | -7/+78 | |
| | | | | | This change provides the ability to create a new application with a configuration which can be specified. | |||||
* | Removing a repetitive comment and removing a deprecation warning. | wangjohn | 2013-06-17 | 1 | -24/+7 | |
| | | | | | | | The comment on the +env_config+ method is repetitive, likely to get outdated, and provides no useful information which cannot be gleamed from the code. I'm therefore removing it. I'm also refactoring the check for the presence of a secret_token in the configuration. | |||||
* | Revert "Merge pull request #10961 from wangjohn/changing_rails_env_config" | Santiago Pastorino | 2013-06-17 | 1 | -7/+24 | |
| | | | | | | This reverts commit 7098d6c9ab28931acc9562a00037567609f9e529, reversing changes made to 9ec2e2ee91568af24e09760a6de2890b89c33f56. This make some tests fail /cc @wangjohn | |||||
* | Merge pull request #10968 from wangjohn/refactoring_rails_application_class | Santiago Pastorino | 2013-06-17 | 1 | -95/+8 | |
|\ | | | | | Creating a class to build the default middleware stack. | |||||
| * | Creating a class to build the default middleware stack. | wangjohn | 2013-06-16 | 1 | -95/+8 | |
| | | | | | | | | | | | | | | A lot of logic for building the default middleware stack is currently kept in Application class, but this can be encapsulated and made more modular by being moved to its own class. Also refactored a couple of the helper methods. | |||||
* | | Removing a repetitive comment and refactoring the Application class in | wangjohn | 2013-06-16 | 1 | -24/+7 | |
|/ | | | | | | | | | Railties. The comment on the +env_config+ method is repetitive, likely to get outdated, and provides no useful information which cannot be gleamed from the code. I'm therefore removing it. I'm also refactoring the check for the presence of a secret_token in the configuration. | |||||
* | `initialize_on_precompile` is not used anymore. | Terence Lee | 2013-06-13 | 1 | -3/+1 | |
| | ||||||
* | Fix generating route from engine to other engine | Piotr Sarnacki | 2013-05-03 | 1 | -0/+1 | |
| | | | | | | | | | | | | A regression was introduced in 5b3bb6, generating route from within an engine to an another engine resulted in prefixing a path with the SCRIPT_NAME value. The regression was caused by the fact that SCRIPT_NAME should be appended only if it's the SCRIPT_NAME for the application, not if it's SCRIPT_NAME from the current engine. closes #10409 | |||||
* | Remove comments about removing LegacyKeyGenerator in 4.1 | Trevor Turk | 2013-04-03 | 1 | -1/+0 | |
| | ||||||
* | Rename DummyKeyGenerator -> LegacyKeyGenerator | Trevor Turk | 2013-04-02 | 1 | -2/+2 | |
| | ||||||
* | Allow transparent upgrading of legacy signed cookies to encrypted cookies; ↵ | Trevor Turk | 2013-03-28 | 1 | -6/+7 | |
| | | | | Automatically configure cookie-based sessions to use the best cookie jar given the app's config | |||||
* | Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing ↵ | Trevor Turk | 2013-03-24 | 1 | -0/+1 | |
| | | | | signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4 | |||||
* | Initialize @app_env_config now that the var name has changed | Carlos Antonio da Silva | 2013-03-19 | 1 | -1/+1 | |
| | | | | Check 862389c9537dbb6f65fd26c4325e07607ed437b5 for more background. | |||||
* | Use @app_env_config instead of @env_config | José Valim | 2013-03-18 | 1 | -1/+1 | |
| | | | | Check pull request #9789 for more information. | |||||
* | Renumbering the comments in the application boot process. | wangjohn | 2013-03-09 | 1 | -4/+4 | |
| | ||||||
* | Bring config.allow_concurrency back | José Valim | 2013-03-03 | 1 | -18/+40 | |
| | | | | | Since the Rack::Lock still exists in development, let's provide a way to disable it explicitly. | |||||
* | Remove BestStandardsSupport middleware | Guillermo Iguaran | 2013-01-29 | 1 | -4/+0 | |
| | ||||||
* | Adding Back Rails::Engine::Railties#engines | Tim Raymond | 2013-01-03 | 1 | -5/+1 | |
| | | | | | Removing it breaks functionality with gems such as Thinking Sphinx. This restores it with a deprecation warning. Closes #8551 | |||||
* | Improve secret_token deprecation message | Santiago Pastorino | 2012-12-30 | 1 | -3/+4 | |
| | ||||||
* | remove duplication from Rails::Application docs | Hrvoje Šimić | 2012-12-24 | 1 | -2/+0 | |
| | ||||||
* | Move background jobs to the 'jobs' branch until fully baked. Not shipping ↵ | Jeremy Kemper | 2012-12-21 | 1 | -8/+1 | |
| | | | | with Rails 4.0. | |||||
* | Adding filter capability to ActionController logs | Fabrizio Regini | 2012-12-05 | 1 | -0/+2 | |
| | ||||||
* | Add UpgradeSignatureToEncryptionCookieStore | Santiago Pastorino | 2012-11-16 | 1 | -0/+2 | |
| | | | | | | This allows easy upgrading from the old signed Cookie Store <= 3.2 or the deprecated one in 4.0 (the ones that doesn't use key derivation) to the new one that signs using key derivation | |||||
* | Rename secret_token_key to secret_key_base | Santiago Pastorino | 2012-11-03 | 1 | -6/+6 | |
| | ||||||
* | Cache generated keys per KeyGenerator instance using salt + key_size | Santiago Pastorino | 2012-11-03 | 1 | -5/+8 | |
| | ||||||
* | Allow users to change the default salt if they want, shouldn't be necessary | Santiago Pastorino | 2012-11-03 | 1 | -7/+15 | |
| | ||||||
* | Use derived keys everywhere, http_authentication was missing it | Santiago Pastorino | 2012-11-03 | 1 | -2/+3 | |
| | ||||||
* | Warn config.derive_keys will be true by default in 4.1 | Santiago Pastorino | 2012-11-03 | 1 | -9/+17 | |
| | ||||||
* | Sign cookies using key deriver | Santiago Pastorino | 2012-11-03 | 1 | -1/+8 | |
| |