kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity
6,895 Commits 72 Branches 493 Tags 355 MiB
Commit Graph

10 Commits

Author SHA1 Message Date
Michael Koziarski 5ef8a81b84 Don't append the forgery token to an ajax request if it's serializing a form, prevents duplicate tokens. Closes #10684 [macournoyer] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8598 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2008-01-08 21:17:08 +00:00
Jeremy Kemper 9d755f1983 require abstract_unit directly since test is in load path 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8564 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2008-01-05 13:32:06 +00:00
Jeremy Kemper 0ee1cb2cd3 Ruby 1.9 compat, consistent load paths 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7719 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-10-02 05:32:14 +00:00
Rick Olson 82ff27766d Better error messages if you leave out the :secret option for request forgery protection. Closes #9670 [rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7671 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 16:50:48 +00:00
Michael Koziarski c1bdf027d8 Add missing require 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7670 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 16:48:59 +00:00
Rick Olson 5edc81dcc2 Allow ability to disable request forgery protection, disable it in test mode by default. Closes #9693 [lifofifo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7668 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-28 15:55:45 +00:00
David Heinemeier Hansson 82c1fed89f Protect button_to behind protect_from_forgery (closes #9675) [lifo] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7636 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-25 16:50:35 +00:00
David Heinemeier Hansson bdf5672077 Change from InvalidToken to InvalidAuthenticityToken to be more specific 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7623 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-24 23:12:25 +00:00
Rick Olson c619003854 Rename some RequestForgeryProtection methods. The class method is now #protect_from_forgery, and the default parameter is now 'authenticity_token'. [Rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7596 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 18:14:44 +00:00
Rick Olson 4e3ed5bc44 Merge csrf_killer plugin into rails. Adds RequestForgeryProtection model that verifies session-specific _tokens for non-GET requests. [Rick] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7592 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-23 02:32:55 +00:00