- 27 11月, 2010 1 次提交
-
-
由 Ryan Bigg 提交于
-
- 11 9月, 2010 1 次提交
-
-
由 Xavier Noria 提交于
revises implementation and documentation of csrf_meta_tags, and aliases csrf_meta_tag to it for backwards compatibilty
-
- 03 9月, 2010 1 次提交
-
-
由 José Valim 提交于
Booting a new Rails application does not work after this commit [#5359 state:open] This reverts commit 38a421b3.
-
- 02 9月, 2010 1 次提交
-
-
由 Łukasz Strzałkowski 提交于
Signed-off-by: NJosé Valim <jose.valim@gmail.com>
-
- 27 8月, 2010 1 次提交
-
-
由 Joost Baaij 提交于
-
- 11 6月, 2010 1 次提交
-
-
由 Evgeniy Dolzhenko 提交于
-
- 03 6月, 2010 2 次提交
- 22 4月, 2010 1 次提交
-
-
由 José Valim 提交于
Clean up the config object in ActionPack. Create config_accessor which just delegates to the config object, reducing the number of deprecations and add specific tests.
-
- 12 3月, 2010 1 次提交
-
-
由 Carl Lerche 提交于
ActionController::Base.request_forgery_protection_token should actually be the name of the token and not true.
-
- 09 3月, 2010 1 次提交
-
-
由 Carl Lerche 提交于
This is an interim solution pending revisiting the rails framework configuration situation.
-
- 01 2月, 2010 1 次提交
-
-
由 Jeremy Kemper 提交于
-
- 30 12月, 2009 1 次提交
-
-
由 Carl Lerche 提交于
For some reason the current class_inheritable_accessor does not play nice with included hooks. class_inheritable_accessor will be revised shortly.
-
- 21 12月, 2009 1 次提交
-
-
由 Joshua Peek 提交于
-
- 18 11月, 2009 1 次提交
-
-
由 Jeremy Kemper 提交于
-
- 28 10月, 2009 1 次提交
-
-
由 Yehuda Katz 提交于
-
- 07 8月, 2009 1 次提交
-
-
由 Yehuda Katz 提交于
-
- 25 7月, 2009 1 次提交
-
-
由 Pratik Naik 提交于
-
- 18 6月, 2009 1 次提交
-
-
- 16 6月, 2009 2 次提交
-
-
- 30 5月, 2009 1 次提交
-
-
由 Joshua Peek 提交于
-
- 29 5月, 2009 1 次提交
-
-
由 Joshua Peek 提交于
Break up DependencyModule's dual function of providing a "depend_on" DSL and "included" block DSL into separate modules. But, unify both approaches under AS::Concern.
-
- 22 5月, 2009 1 次提交
-
-
由 Pratik Naik 提交于
-
- 28 4月, 2009 1 次提交
-
-
由 Luke Amdor 提交于
Removed reference in documentation of form_authenticity_token to deprecated :secret option of protect_from_forgery
-
- 16 4月, 2009 1 次提交
-
-
- 28 1月, 2009 1 次提交
-
-
由 Joshua Peek 提交于
-
- 23 11月, 2008 1 次提交
-
-
由 Michael Koziarski 提交于
This deprecates the use of :secret and :digest which were only needed when we were hashing session ids.
-
- 13 11月, 2008 1 次提交
-
-
由 Jeff Cohen 提交于
Signed-off-by: NMichael Koziarski <michael@koziarski.com>
-
- 16 7月, 2008 1 次提交
-
-
由 Pratik Naik 提交于
-
- 05 6月, 2008 1 次提交
-
-
由 Evan Farrar 提交于
-
- 12 5月, 2008 1 次提交
-
-
由 Peter Jones 提交于
The session is used by the form_authenticity_token method before it is tested to be valid. This patch moves a few lines around so that the session is validated first. Without this patch, if you try to use forgery protection with sessions turned off, you get this exception message: undefined method `session_id' for {}:Hash The patch includes a test that can be used to see this behavior before the request_forgery_protection.rb file is patched to fix it.
-
- 09 5月, 2008 1 次提交
-
-
由 Pratik Naik 提交于
commit e6afd8b2 Author: Xavier Noria <fxn@hashref.com> Date: Thu May 8 23:49:36 2008 +0200 Overall documentation improvement and markup corrections. Zillion changes. commit 2fead68b Author: Austin Putman <austin@emmanuel.local> Date: Wed May 7 19:35:46 2008 -0700 Documented class methods on ActionController::Routing. These are dangerous, and mostly used for testing. commit f5b84182 Author: Teflon Ted <github@rudiment.net> Date: Wed May 7 16:08:49 2008 -0400 Added explanation about errant inflections not being patched in the future in order to avoid breaking legacy applications. commit 370f4f51 Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 14:00:59 2008 +0200 Applied list conventions in AR::Base commit 5bd18429 Author: Sunny Ripert <negatif@gmail.com> Date: Wed May 7 13:53:35 2008 +0200 Renamed Options list to Attributes list whenever they weren't option hashes in AR::Base commit d912bd56 Author: Yaroslav Markin <yaroslav@markin.net> Date: Wed May 7 13:50:28 2008 +0400 Add a filter_parameter_logging usage hint to generated ApplicationController. This may help to remind the developer to filter sensitive information from application logs. Closes #11578 commit b243de0d Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:39:47 2008 -0700 doc: disambiguating an example ActiveRecord class commit f81d771f Author: Jack Danger Canty <git@6brand.com> Date: Tue May 6 23:35:05 2008 -0700 doc: ActiveRecord::Reflection::AssociationReflection#through_reflection Added documentation demonstrating the use of #through_reflection for finding intervening reflection objects for HasManyThrough and HasOneThrough. commit ae6b46f0 Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:47:41 2008 +0800 Document AttributeAssignmentError and MultiparameterAssignmentErrors. commit 8f463550 Author: John Barnette <jbarnette@gmail.com> Date: Tue May 6 22:46:44 2008 -0700 Killing/fixing a bunch of outdated language in the AR README. commit aca44bcd Author: Cheah Chu Yeow <chuyeow@gmail.com> Date: Wed May 7 13:34:52 2008 +0800 Make a note about ActiveResource::Timeouterror being raised when ARes calls timeout. commit 284a930a Author: Jonathan Dance <jd@wuputah.com> Date: Tue May 6 14:58:26 2008 -0400 improvements to the page caching docs commit 9482da62 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 18:13:40 2008 +0200 validates_numericality_of() "integer" option really is "only_integer" commit e9afd679 Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:11:59 2008 +0200 Harmonized hash notation in AR::Base commit 67ebf14a Author: Sunny Ripert <negatif@gmail.com> Date: Mon May 5 12:06:19 2008 +0200 Turned options into rdoc-lists in AR::Base commit 0ec7c0a4 Author: Marshall Huss <mwhuss@Macbook.local> Date: Sun May 4 23:21:33 2008 -0400 Added information of how to set element_name in the case the user has a name confliction with an existing model Signed-off-by: NPratik Naik <pratiknaik@gmail.com>
-
- 06 5月, 2008 3 次提交
-
-
由 rick 提交于
-
由 rick 提交于
Change the request forgery protection to go by Content-Type instead of request.format so that you can't bypass it by POSTing to "#{request.uri}.xml" [#73 state:resolved]
-
由 Xavier Noria 提交于
-
- 02 5月, 2008 1 次提交
-
-
由 Xavier Noria 提交于
Signed-off-by: NPratik Naik <pratiknaik@gmail.com>
-
- 07 2月, 2008 1 次提交
-
-
由 Rick Olson 提交于
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8807 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
-
- 10 12月, 2007 1 次提交
-
-
由 Jeremy Kemper 提交于
Document how to disable forgery protection for tests. Useful note for those upgrading from 1.x. Closes #10440 [Trevor Turk] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8350 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
-
- 29 9月, 2007 1 次提交
-
-
由 Rick Olson 提交于
Better error messages if you leave out the :secret option for request forgery protection. Closes #9670 [rick] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7671 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
-