The session is used by the form_authenticity_token method before it is
tested to be valid. This patch moves a few lines around so that the
session is validated first.
Without this patch, if you try to use forgery protection with sessions
turned off, you get this exception message:
undefined method `session_id' for {}:Hash
The patch includes a test that can be used to see this behavior before
the request_forgery_protection.rb file is patched to fix it.
commit e6afd8b273
Author: Xavier Noria <fxn@hashref.com>
Date: Thu May 8 23:49:36 2008 +0200
Overall documentation improvement and markup corrections. Zillion changes.
commit 2fead68b31
Author: Austin Putman <austin@emmanuel.local>
Date: Wed May 7 19:35:46 2008 -0700
Documented class methods on ActionController::Routing. These are dangerous, and mostly used for testing.
commit f5b84182db
Author: Teflon Ted <github@rudiment.net>
Date: Wed May 7 16:08:49 2008 -0400
Added explanation about errant inflections not being patched in the future in order to avoid breaking legacy applications.
commit 370f4f5172
Author: Sunny Ripert <negatif@gmail.com>
Date: Wed May 7 14:00:59 2008 +0200
Applied list conventions in AR::Base
commit 5bd18429f0
Author: Sunny Ripert <negatif@gmail.com>
Date: Wed May 7 13:53:35 2008 +0200
Renamed Options list to Attributes list whenever they weren't option hashes in AR::Base
commit d912bd5672
Author: Yaroslav Markin <yaroslav@markin.net>
Date: Wed May 7 13:50:28 2008 +0400
Add a filter_parameter_logging usage hint to generated ApplicationController.
This may help to remind the developer to filter sensitive information from application logs.
Closes#11578
commit b243de0db3
Author: Jack Danger Canty <git@6brand.com>
Date: Tue May 6 23:39:47 2008 -0700
doc: disambiguating an example ActiveRecord class
commit f81d771f06
Author: Jack Danger Canty <git@6brand.com>
Date: Tue May 6 23:35:05 2008 -0700
doc: ActiveRecord::Reflection::AssociationReflection#through_reflection
Added documentation demonstrating the use of #through_reflection for
finding intervening reflection objects for HasManyThrough
and HasOneThrough.
commit ae6b46f00b
Author: Cheah Chu Yeow <chuyeow@gmail.com>
Date: Wed May 7 13:47:41 2008 +0800
Document AttributeAssignmentError and MultiparameterAssignmentErrors.
commit 8f463550b5
Author: John Barnette <jbarnette@gmail.com>
Date: Tue May 6 22:46:44 2008 -0700
Killing/fixing a bunch of outdated language in the AR README.
commit aca44bcd92
Author: Cheah Chu Yeow <chuyeow@gmail.com>
Date: Wed May 7 13:34:52 2008 +0800
Make a note about ActiveResource::Timeouterror being raised when ARes calls timeout.
commit 284a930a93
Author: Jonathan Dance <jd@wuputah.com>
Date: Tue May 6 14:58:26 2008 -0400
improvements to the page caching docs
commit 9482da6213
Author: Sunny Ripert <negatif@gmail.com>
Date: Mon May 5 18:13:40 2008 +0200
validates_numericality_of() "integer" option really is "only_integer"
commit e9afd6790a
Author: Sunny Ripert <negatif@gmail.com>
Date: Mon May 5 12:11:59 2008 +0200
Harmonized hash notation in AR::Base
commit 67ebf14a91
Author: Sunny Ripert <negatif@gmail.com>
Date: Mon May 5 12:06:19 2008 +0200
Turned options into rdoc-lists in AR::Base
commit 0ec7c0a41d
Author: Marshall Huss <mwhuss@Macbook.local>
Date: Sun May 4 23:21:33 2008 -0400
Added information of how to set element_name in the case the user has a name confliction with an existing model
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>