kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/actionpack/test/dispatch
History
Jose and Yehuda 56cdc81c08 Remove default match without specified method 
In the current router DSL, using the +match+ DSL
method will match all verbs for the path to the
specified endpoint.

In the vast majority of cases, people are
currently using +match+ when they actually mean
+get+. This introduces security implications.

This commit disallows calling +match+ without
an HTTP verb constraint by default. To explicitly
match all verbs, this commit also adds a
:via => :all option to +match+.

Closes #5964
2012-04-24 22:52:26 -05:00
..
middleware_stack
request Remove default match without specified method 2012-04-24 22:52:26 -05:00
session Remove default match without specified method 2012-04-24 22:52:26 -05:00
callbacks_test.rb ActionDispatch: add missing test for callbacks 2012-02-16 15:58:58 +02:00
cookies_test.rb ActionDispatch::Cookies::CookieJar#deleted? predicate method. 2012-01-24 00:31:22 +11:00
debug_exceptions_test.rb Removed unused assigns from ActionView::Template::Error 2012-01-20 20:13:29 +04:00
header_test.rb
mapper_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
middleware_stack_test.rb Fix GH #4873. Allow swapping middleware of same class 2012-02-04 22:59:13 +09:00
mime_type_test.rb Added parsing of arbitrary media type parameters. 2012-03-05 15:10:23 -05:00
mount_test.rb
prefix_generation_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
rack_cache_test.rb
rack_test.rb
reloader_test.rb Use a BodyProxy instead of including a Module that responds to close. 2012-01-13 19:46:13 -02:00
request_id_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
request_test.rb Add config.default_method_for_update to support PATCH 2012-02-22 08:47:10 -08:00
response_test.rb
routing_assertions_test.rb Fix the assert_recognizes test method so that it works when there are 2012-02-24 13:16:31 +00:00
routing_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
show_exceptions_test.rb Removed unused assigns from ActionView::Template::Error 2012-01-20 20:13:29 +04:00
ssl_test.rb Fix secure cookies when there are more than one space before the secure 2012-03-19 16:31:57 -03:00
static_test.rb fix ArgumentError being raised in case of invalid byte sequences 2012-03-08 20:41:25 +09:00
test_request_test.rb
test_response_test.rb
uploaded_file_test.rb adds delegetion for eof? to AD::Http::UploadedFile 2012-03-27 22:53:33 +02:00
url_generation_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00