Jose and Yehuda 56cdc81c08 Remove default match without specified method ... In the current router DSL, using the +match+ DSL method will match all verbs for the path to the specified endpoint. In the vast majority of cases, people are currently using +match+ when they actually mean +get+. This introduces security implications. This commit disallows calling +match+ without an HTTP verb constraint by default. To explicitly match all verbs, this commit also adds a :via => :all option to +match+. Closes #5964		2012-04-24 22:52:26 -05:00
..
bare_metal_test.rb	A test case to ensure that AC::Metal#response_body= always wraps the given value in an Array in both Ruby 1.8 and 1.9 (refs #3581)	2011-11-10 10:54:56 +09:00
base_test.rb	Corrected some typos and American vs. Queen's English issues	2011-05-29 12:40:24 -07:00
content_negotiation_test.rb	Use Mime::Type references.	2011-02-08 14:14:26 -08:00
content_type_test.rb	Remove default match without specified method	2012-04-24 22:52:26 -05:00
metal_test.rb
middleware_test.rb
render_action_test.rb
render_context_test.rb	Tidy up pending TODOs after discussion with Mr. Gatoz (@wycats).	2011-05-01 19:39:57 +02:00
render_file_test.rb	Deprecate passing the template handler in the template name.	2011-09-22 15:37:38 +02:00
render_implicit_action_test.rb	Revert to old semantics, use available_action? instead of action_method?.	2011-05-06 18:44:18 +02:00
render_layout_test.rb	Fix another regression related to the layout optimization.	2011-12-08 22:56:50 +01:00
render_partial_test.rb	Get rid of update_details in favor of passing details to find_template.	2011-09-22 15:03:05 +02:00
render_streaming_test.rb	Remove unnecessary in HTML 5 type attribute with default value	2012-04-05 15:32:37 +04:00
render_template_test.rb	Remove default match without specified method	2012-04-24 22:52:26 -05:00
render_test.rb	Remove default match without specified method	2012-04-24 22:52:26 -05:00
render_text_test.rb	Remove default match without specified method	2012-04-24 22:52:26 -05:00
render_xml_test.rb