github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-02-04 11:15:08 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
ba80ff74a9627f676b4c426587ce5ea487665e46
rails/actionpack/lib/action_controller
History
Michael Koziarski ba80ff74a9 Sanitize the URLs passed to redirect_to to prevent a potential response splitting attack. 
CGI.rb and mongrel don't do any sanitization of the contents of HTTP headers, so care needs to be taken.
2008-10-19 15:24:18 +02:00
..
assertions
Merge docrails
2008-09-13 20:28:01 +01:00
caching
Merge docrails
2008-09-03 17:58:47 +01:00
cgi_ext
Use ActiveSupport::SecureRandom instead of the strange fallback code.
2008-09-24 16:24:02 +02:00
routing
Allow use of :path_prefix and :name_prefix outside of namespaced routes. [#1188 state:resolved]
2008-10-08 14:56:52 +01:00
session
Added support for http_only cookies in cookie_store Added unit tests for secure and http_only cookies in cookie_store
2008-09-17 13:20:16 +02:00
templates/rescues
Cleanup around partial rendering
2008-08-21 21:03:33 -05:00
vendor/html-scanner/html
Merge with docrails.
2008-07-16 13:01:23 +01:00
assertions.rb
Fix typos (closes #10378)
2007-12-05 18:54:41 +00:00
base.rb
Make sure last_modified! works with <= rather than just equality.
2008-10-07 21:09:07 +02:00
benchmarking.rb
Only separate loggings with a comma when there are actually two statements
2008-09-09 22:42:49 -05:00
caching.rb
Merge docrails:
2008-05-09 10:40:50 +01:00
cgi_ext.rb
Parse url-encoded and multipart requests ourselves instead of delegating to CGI.
2007-05-18 06:24:50 +00:00
cgi_process.rb
Added support for http_only cookies in cookie_store Added unit tests for secure and http_only cookies in cookie_store
2008-09-17 13:20:16 +02:00
components.rb
Get rid of 'Object#send!'. It was originally added because it's in Ruby 1.9, but it has since been removed from 1.9.
2008-08-31 13:20:15 -07:00
cookies.rb
Merge with docrails.
2008-07-16 13:01:23 +01:00
dispatcher.rb
Return processing lock to dispatcher, the finer grained lock was incompatible with the reloading in development mode.
2008-10-04 18:25:08 +02:00
filters.rb
Get rid of 'Object#send!'. It was originally added because it's in Ruby 1.9, but it has since been removed from 1.9.
2008-08-31 13:20:15 -07:00
flash.rb
Fixed flash.now not being accessible in tests. Flash sweeping is now done before action processing instead after
2008-05-11 18:30:10 +12:00
headers.rb
Simplifying usage of ETags and Last-Modified and conditional GET requests
2008-08-07 23:43:12 -07:00
helpers.rb
Get rid of 'Object#send!'. It was originally added because it's in Ruby 1.9, but it has since been removed from 1.9.
2008-08-31 13:20:15 -07:00
http_authentication.rb
Get rid of 'Object#send!'. It was originally added because it's in Ruby 1.9, but it has since been removed from 1.9.
2008-08-31 13:20:15 -07:00
integration.rb
call clear_active_connections! in :after_dispatch to give pooled connections back
2008-10-04 17:48:13 +02:00
layout.rb
Revert "Revert "Add layout functionality to mailers.""
2008-09-09 17:25:09 -05:00
mime_responds.rb
Disable the Accept header by default
2008-07-07 07:31:49 +02:00
mime_type.rb
Require missing libraries and check for defined ActionController constant so ActionView can be used standalone
2008-08-26 15:13:28 -05:00
mime_types.rb
Added application/jsonrequest as a synonym for application/json
2008-07-02 11:39:42 -07:00
performance_test.rb
Performance: integration test benchmarking and profiling. [Jeremy Kemper]
2008-06-14 02:04:38 -07:00
polymorphic_routes.rb
Get rid of 'Object#send!'. It was originally added because it's in Ruby 1.9, but it has since been removed from 1.9.
2008-08-31 13:20:15 -07:00
rack_process.rb
Added support for http_only cookies in cookie_store Added unit tests for secure and http_only cookies in cookie_store
2008-09-17 13:20:16 +02:00
record_identifier.rb
Correct code example in dom_id docs. [#437 state:resolved]
2008-06-17 00:32:37 -07:00
request_forgery_protection.rb
Merge with docrails.
2008-07-16 13:01:23 +01:00
request_profiler.rb
Fix file permissions
2008-07-31 16:36:23 -05:00
request.rb
Remove unneeded interning.
2008-09-30 11:34:05 +02:00
rescue.rb
Add tests for ActiveSupport::Rescuable. Use ActiveSupport::Rescuable in ActionController::Base.
2008-10-04 22:13:50 +01:00
resources.rb
Merge docrails
2008-09-03 17:58:47 +01:00
response.rb
Sanitize the URLs passed to redirect_to to prevent a potential response splitting attack.
2008-10-19 15:24:18 +02:00
routing.rb
Routing whitespace cleanup
2008-07-28 13:38:20 -05:00
session_management.rb
Added support for http_only cookies in cookie_store Added unit tests for secure and http_only cookies in cookie_store
2008-09-17 13:20:16 +02:00
status_codes.rb
Nodoc the irrelevant (from 1.2)
2007-01-26 21:37:38 +00:00
streaming.rb
Merge with docrails.
2008-07-16 13:01:23 +01:00
test_case.rb
Make sure named routes with parameters can be used in tests before a request has been done. [#1208 state:resolved]
2008-10-13 18:38:48 +02:00
test_process.rb
Get rid of 'Object#send!'. It was originally added because it's in Ruby 1.9, but it has since been removed from 1.9.
2008-08-31 13:20:15 -07:00
translation.rb
Added ActionController::Translation module delegating to I18n #translate/#t and #localize/#l [status:committed #1008]
2008-09-10 00:39:54 -05:00
url_rewriter.rb
Merge docrails changes
2008-07-28 12:33:24 +01:00
verification.rb
Get rid of 'Object#send!'. It was originally added because it's in Ruby 1.9, but it has since been removed from 1.9.
2008-08-31 13:20:15 -07:00