kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
69231 commits 72 branches 493 tags 355 MiB
Commit graph

10 commits

Author SHA1 Message Date
George Claghorn
847342c25c Stream blobs from disk 2018-05-02 18:56:09 -04:00
Rafael Mendonça França
03bd370c02
Protect all active storage controllers agains CSRF 
Before it was possible to for example use the direct upload controller
without using the site.
 2018-04-06 14:28:44 -04:00
George Claghorn
4d5f0bb30b Fix loading ActiveStorage::DiskController when CSRF protection is disabled by default 2017-11-21 14:59:30 -05:00
George Claghorn
2d20a7696a Fix direct uploads to local service 
Disable CSRF protection for ActiveStorage::DiskController#update. The local disk service is intended to imitate a third-party service like S3 or GCS, so we don't care where direct uploads originate: they’re authorized by signed tokens.

Closes #30290.

[Shinichi Maeshima & George Claghorn]
 2017-11-20 10:54:46 -05:00
George Claghorn
d30586211b Preview PDFs and videos 2017-09-28 16:43:37 -04:00
George Claghorn
376dd5c001 DRY 2017-08-20 18:09:44 -04:00
Xavier Noria
d8bf5d73c3 restores some double newlines deleted in ae87217 
These were intentional, see

https://github.com/rails/rails/pull/30061#issuecomment-320068368
 2017-08-15 22:01:24 +02:00
Xavier Noria
ae87217382 minor tweaks in Active Storage after a walkthrough 2017-08-15 18:50:46 +02:00
Koichi ITO
d02844f249 Use frozen string literal in Active Storage 2017-08-12 21:43:42 +09:00
Rafael Mendonça França
9330d01ada Add 'activestorage/' from commit '3f4a7218a4a4923a0e7ce1b2eb0d2888ce30da58' 
git-subtree-dir: activestorage
git-subtree-mainline: 0d58e7e478
git-subtree-split: 3f4a7218a4
 2017-07-31 15:21:22 -04:00