- 24 10月, 2017 1 次提交
-
-
由 Rafael Mendonça França 提交于
-
- 18 9月, 2017 1 次提交
-
-
由 Yauheni Dakuka 提交于
-
- 22 8月, 2017 1 次提交
-
-
由 Yoshiyuki Hirano 提交于
-
- 08 8月, 2017 1 次提交
-
-
由 Claudio B 提交于
In some examples and guides we are recommending to use code like: ```ruby verified_user = User.find_by(id: cookies.signed[:user_id]) ``` My suggestion is to use instead: ```ruby verified_user = User.find_by(id: cookies.encrypted[:user_id]) ``` which invites users to prefer the "newer" encrypted cookies over the "legacy" signed cookies.
-
- 14 6月, 2017 1 次提交
-
-
由 bogdanvlviv 提交于
-
- 23 5月, 2017 1 次提交
-
-
由 bogdanvlviv 提交于
".. with __dir__ we can restore order in the Universe." - by @fxn Related to 5b8738c2
-
- 25 3月, 2017 3 次提交
-
-
由 Ryuta Kamizono 提交于
Assigning local variable named `current_user` in the condition is confusing.
-
由 Kasper Timm Hansen 提交于
This reverts commit 296d024b, reversing changes made to e341d835. We aren't trying to compare to current_user, we're assigning that variable.
-
由 HarryCollins 提交于
-
- 24 12月, 2016 1 次提交
-
-
由 Akira Matsuda 提交于
-
- 11 10月, 2016 1 次提交
-
-
由 Matthew Draper 提交于
WebSocket always defers the decision to the server, because it didn't have to deal with legacy compatibility... but the same-origin policy is still a reasonable default. Origin checks do not protect against a directly connecting attacker -- they can lie about their host, but can also lie about their origin. Origin checks protect against a connection from 3rd-party controlled script in a context where a victim browser's cookies will be passed along. And if an attacker has breached that protection, they've already compromised the HTTP session, so treating the WebSocket connection in the same way seems reasonable. In case this logic proves incorrect (or anyone just wants to be more paranoid), we retain a config option to disable it.
-
- 05 10月, 2016 1 次提交
-
-
由 kenta-s 提交于
-
- 21 9月, 2016 1 次提交
-
-
由 Dávid Halász 提交于
When the `allow_same_origin_as_host` is set to `true`, the request forgery protection permits `HTTP_ORIGIN` values starting with the corresponding `proto://` prefix followed by `HTTP_HOST`. This way it is not required to specify the list of allowed URLs.
-
- 03 7月, 2016 1 次提交
-
-
由 Jon Moss 提交于
All other Rails components feature this section, Action Cable should have it as well. [ci skip]
-
- 27 6月, 2016 2 次提交
-
-
由 Rafael Mendonça França 提交于
-
由 Ryuta Kamizono 提交于
-
- 16 6月, 2016 1 次提交
-
-
由 Vipul A M 提交于
-
- 05 6月, 2016 2 次提交
-
-
由 Prathamesh Sonpatki 提交于
- Only Action Cable README did not have this section, all of the other READMEs have this section.
-
由 Prathamesh Sonpatki 提交于
- Remove "Configuration", "Running the server", "Dependencies" and "Deployment" sections from the Action Cable README as they are already duplicated in the Action Cable overview guide.
-
- 31 5月, 2016 1 次提交
-
-
由 Rajat Bansal 提交于
-
- 27 5月, 2016 2 次提交
-
-
由 Anubhav Saxena 提交于
Added 'sh' for markdown formatting as bash.
-
由 Jon Moss 提交于
Sorry, forgot to include in my main PR :( [ci skip] [Jon Moss, Zach Schneider]
-
- 08 5月, 2016 1 次提交
-
-
由 yuuji.yaginuma 提交于
In #23935, cable file was to be provided by the javascript instead of coffeescript, doc was also been modified to use javascript.
-
- 07 5月, 2016 1 次提交
-
-
由 Jon Moss 提交于
[ci skip]
-
- 02 5月, 2016 1 次提交
-
-
由 willnet 提交于
default worker pool size was changed from 100 to 4 at #24376
-
- 18 4月, 2016 1 次提交
-
-
由 Tom Kadwill 提交于
-
- 15 4月, 2016 1 次提交
-
-
由 yuuji.yaginuma 提交于
Follow up to 8b69f1ee
-
- 01 3月, 2016 1 次提交
-
-
由 Bouke van der Bijl 提交于
-
- 28 2月, 2016 1 次提交
-
-
由 Hayley Anderson 提交于
* Fix typos/grammar errors * Make capitalization/naming consistent
-
- 23 2月, 2016 1 次提交
-
-
由 Mehmet Emin İNAÇ 提交于
-
- 18 2月, 2016 1 次提交
-
-
由 Jon Moss 提交于
This PR checks all active Action Cable documentation for typos and other fixes. It aims to make sure that when Rails 5 is released, that the Action Cable docs are up to snuff with the other documentation included with Rails. [ci skip]
-
- 10 2月, 2016 1 次提交
-
-
由 Mawueli Kofi Adzoe 提交于
-
- 09 2月, 2016 2 次提交
-
-
由 Ryuta Kamizono 提交于
-
由 Jon Moss 提交于
[ci skip]
-
- 08 2月, 2016 2 次提交
-
-
由 yuuji.yaginuma 提交于
`faye-websocket` gem is no longer used from 322dca29.
-
由 Daniel Fox 提交于
Some existing examples used ActionCable.server.config but for configuring allowed_request_origins that is overridden in development mode. The correct place to set that is Rails.application.config.action_cable which the ActionCable initializer loads from. I thought the other two examples should be changed as well just in case a default value that would override a configured value is introduced for either log_tags or disable_request_forgery_protection in the future.
-
- 04 2月, 2016 1 次提交
-
-
由 Hongli Lai (Phusion) 提交于
[ci skip]
-
- 30 1月, 2016 1 次提交
-
-
由 Kesha Antonov 提交于
-
- 26 1月, 2016 1 次提交
-
- 23 1月, 2016 1 次提交
-
-
由 yuuji.yaginuma 提交于
This changed in #22950.
-