Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Remove comments about removing LegacyKeyGenerator in 4.1 | Trevor Turk | 2013-04-03 | 1 | -1/+0 |
| | |||||
* | Rename DummyKeyGenerator -> LegacyKeyGenerator | Trevor Turk | 2013-04-02 | 1 | -2/+2 |
| | |||||
* | Restore original remote_ip algorithm. | Andre Arko | 2013-01-02 | 1 | -1/+1 |
| | | | | | | | | | | | Proxy servers add X-Forwarded-For headers, resulting in a list of IPs. We remove trusted IP values, and then take the last given value, assuming that it is the most likely to be the correct, unfaked value. See [1] for a very thorough discussion of why that is the best option we have at the moment. [1]: http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection/ Fixes #7979 | ||||
* | Use derived keys everywhere, http_authentication was missing it | Santiago Pastorino | 2012-11-03 | 1 | -1/+3 |
| | |||||
* | Remove app building setup/teardown for remote ip railtie tests | Carlos Antonio da Silva | 2012-08-21 | 1 | -14/+0 |
| | | | | | These tests rely on "make_basic_app", which is a faster version that does not need to create the whole app directory structure. | ||||
* | convert railties to use AS::TestCase | Aaron Patterson | 2012-01-05 | 1 | -1/+1 |
| | |||||
* | Solve the RAILS_ENV problem in the railties tests in a more generic way | Jon Leighton | 2011-06-06 | 1 | -0/+4 |
| | |||||
* | Fix a routing test. Reorganize middleware tests. | José Valim | 2010-10-02 | 1 | -0/+63 |