Jeremy Kemper
|
d2ed32d592
|
Parse url-encoded and multipart requests ourselves instead of delegating to CGI.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6764 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-05-18 06:24:50 +00:00 |
|
Jeremy Kemper
|
f8273e4309
|
Shine some sunlight on the CGI extensions. Remove unused CGI#session.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6733 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-05-15 00:08:05 +00:00 |
|
Jeremy Kemper
|
bbcfb9b625
|
Cookie session store: ensure that new sessions doesn't reuse data from a deleted session in the same request.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6424 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-03-14 11:33:10 +00:00 |
|
Jeremy Kemper
|
5219aa9008
|
Cookie session store: raise ArgumentError when :session_key is blank.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6415 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-03-13 20:44:16 +00:00 |
|
Jeremy Kemper
|
f254831e83
|
Cookie store: use OpenSSL::HMAC instead of basic hash. Introduce :secret block and :digest option.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6296 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-03-03 13:54:54 +00:00 |
|
Jeremy Kemper
|
a0563bf7b0
|
Cookie store: test that >4K raises CookieOverflow and that unverifiable cookies are automatically deleted.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6294 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-03-03 08:18:30 +00:00 |
|
Jeremy Kemper
|
781985f7f2
|
Cookie session store: empty and unchanged sessions don't write a cookie.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6226 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-02-25 16:35:24 +00:00 |
|
Jeremy Kemper
|
c8f7860d50
|
CGI escape the session cookie.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6200 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-02-22 01:17:28 +00:00 |
|
Jeremy Kemper
|
f29857690f
|
Introduce a cookie-based session store as the Rails default. Sessions typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure hash is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the hash). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6184 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
|
2007-02-21 09:17:38 +00:00 |
|