kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/actionpack/test/controller
History
Jose and Yehuda 56cdc81c08 Remove default match without specified method 
In the current router DSL, using the +match+ DSL
method will match all verbs for the path to the
specified endpoint.

In the vast majority of cases, people are
currently using +match+ when they actually mean
+get+. This introduces security implications.

This commit disallows calling +match+ without
an HTTP verb constraint by default. To explicitly
match all verbs, this commit also adds a
:via => :all option to +match+.

Closes #5964
2012-04-24 22:52:26 -05:00
..
controller_fixtures
new_base Remove default match without specified method 2012-04-24 22:52:26 -05:00
request
action_pack_assertions_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
assert_select_test.rb Remove the leading \n added by textarea on assert_select 2012-03-30 11:40:23 -03:00
base_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
caching_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
capture_test.rb Remove rescue_action from compatibility module and tests 2012-01-17 10:04:37 -02:00
content_type_test.rb Remove deprecated default_charset= from AC::Base 2012-01-17 10:04:39 -02:00
default_url_options_with_filter_test.rb it's -> its 2011-12-15 12:57:33 -08:00
filters_test.rb prevent the cache sweeper ignores NoMethodError 2012-03-29 11:09:42 +08:00
flash_hash_test.rb mutations on the underlying hash should also mutate the discard set 2011-12-28 18:33:44 -08:00
flash_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
force_ssl_test.rb Tests :if option of force_ssl method 2012-04-01 09:44:49 +04:00
helper_test.rb Remove rescue_action from compatibility module and tests 2012-01-17 10:04:37 -02:00
http_basic_authentication_test.rb remove ActiveSupport::Base64 in favor of ::Base64 2012-01-02 22:48:15 +03:00
http_digest_authentication_test.rb Should use an argument in http_digest_authentication_test.rb 2012-03-17 20:23:28 +09:00
http_token_authentication_test.rb
integration_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
layout_test.rb force response body to be read in assert_template 2012-03-05 22:21:04 +03:00
localized_templates_test.rb
log_subscriber_test.rb Log 'Filter chain halted as CALLBACKNAME rendered or redirected' every time a before callback halts. 2011-11-30 09:53:09 +01:00
mime_responds_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
output_escaping_test.rb
params_wrapper_test.rb Fix warning for params_wrapper_test. 2011-12-08 23:09:09 +09:00
record_identifier_test.rb AP tests should inherit from AS::TestCase 2012-01-05 17:05:44 -08:00
redirect_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
render_js_test.rb
render_json_test.rb Moving to logger methods to ActiveSupport Logger 2011-12-24 00:17:21 +05:30
render_other_test.rb
render_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
render_xml_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
request_forgery_protection_test.rb Cover one more case in auth_token and remote forms 2012-03-28 18:03:16 +02:00
rescue_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
resources_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
routing_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
runner_test.rb AP tests should inherit from AS::TestCase 2012-01-05 17:05:44 -08:00
selector_test.rb AP tests should inherit from AS::TestCase 2012-01-05 17:05:44 -08:00
send_file_test.rb Remove unused method 2012-03-12 16:09:40 -03:00
show_exceptions_test.rb Show detailed exceptions no longer returns true if the request is local in production. 2011-12-16 10:45:59 +01:00
sweeper_test.rb Don't ignore call to undefined method in Sweeper 2012-03-06 16:24:04 +00:00
test_case_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
url_for_integration_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
url_for_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
url_rewriter_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00
view_paths_test.rb Remove rescue_action from compatibility module and tests 2012-01-17 10:04:37 -02:00
webservice_test.rb Remove default match without specified method 2012-04-24 22:52:26 -05:00