aboutsummaryrefslogtreecommitdiffstats
path: root/railties/test/application/middleware/session_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* Removing use of subclassed application constant and instead using thewangjohn2013-06-031-6/+6
| | | | | more agnostic Rails.application syntax. This means tests will be more portable, and won't rely on the existence of a particular subclass.
* Allow transparent upgrading of legacy signed cookies to encrypted cookies; ↵Trevor Turk2013-03-281-8/+60
| | | | Automatically configure cookie-based sessions to use the best cookie jar given the app's config
* Add UpgradeSignatureToEncryptionCookieStoreSantiago Pastorino2012-11-161-0/+110
| | | | | | This allows easy upgrading from the old signed Cookie Store <= 3.2 or the deprecated one in 4.0 (the ones that doesn't use key derivation) to the new one that signs using key derivation
* Remove duplicated get /foo/write_sessionSantiago Pastorino2012-11-161-1/+0
|
* Remove unused config optionSantiago Pastorino2012-11-161-1/+0
|
* Add encrypted cookie storeSantiago Pastorino2012-11-031-0/+51
|
* Use Ruby 1.9 Hash syntax in railtiesRobin Dupret2012-10-141-1/+1
|
* Implement :null_session CSRF protection methodSergey Nartimov2012-09-131-0/+82
| | | | | | | | It's further work on CSRF after 245941101b1ea00a9b1af613c20b0ee994a43946. The :null_session CSRF protection method provide an empty session during request processing but doesn't reset it completely (as :reset_session does).
* Failing test for #6034Piotr Sarnacki2012-04-301-0/+20
|
* config.force_ssl should mark the session as secure.José Valim2012-01-131-0/+30