kotovalexarian-likes-github/mperham--sidekiq
1
0
Fork 0
mirror of https://github.com/mperham/sidekiq.git synced 2022-11-09 13:52:34 -05:00
Code Releases Activity
4360 commits 15 branches 164 tags 17 MiB
Commit graph

8 commits

Author SHA1 Message Date
Mike Perham
890c75bb6e Update standard to use ruby 2.7 rules 2022-05-10 14:29:44 -07:00
Dominik Bauernfeind
572f7035b3 Use Base64.urlsafe_* like Rake::Protection::AuthenticityToken 2022-04-02 19:47:26 +02:00
Mike Perham
24c35e64fd Add note about sessions and Rails apps in API mode 2021-04-06 08:02:26 -07:00
Mike Perham
968bc81043
Improve Web UI session experience (#4804) 
* Simplify Web UI sessions

Remove all of the hacks and support infrastructure around Rack sessions. Rails provides this by default so we don't need it for 95% of users. The other 5% need to provide a Rack session.

This is a big change and has the potential to break installs so it deserves at least a minor version bump.

See also #4671, #4728 and many others.
 2021-02-12 14:50:51 -08:00
Jared Szechy
09305a0909
Fix handling of no session (#4731) 2020-11-04 09:09:30 -08:00
basherru
df702a16ce
check if session object is not empty in csrf protection (#4672) 
Co-authored-by: basherru <alexander.baz@okwork.io>
 2020-08-19 10:39:30 -07:00
Mike Perham
14d31269bc Explicitly scope to ::Rack, fixes #4655 2020-07-27 16:42:27 -07:00
Mike Perham
47bc87034f Refactor and clean up CSRF protection code 
1. Remove unused methods
2. Remove unused and unnecessary features
3. Add basic tests

The session token is stored server-side and never given to the client.
A masked token is generated for each request which can be inserted into forms to be POSTed.
 2020-06-03 16:06:36 -07:00