kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity
rails--rails/actioncable/lib/action_cable/connection
History
Daniel Colson d092c133c7
Do not allow subscribing to Base channel 
Closes #40482

Prior to this commit it was possible to subscribe with
`ActionCable::Channel::Base` as the subscription class. While it doesn't
seem possible to exploit this in away way, it also doesn't seem like
something we need to allow.

This commit swaps [Module#>=][gte] with [Module#>][gt] to prevent
subscribing to a channel when `ActionCable::Channel::Base` is the
subscription class.

[gte]: https://ruby-doc.org/core-2.5.3/Module.html#method-i-3E-3D
[gt]: https://ruby-doc.org/core-2.5.3/Module.html#method-i-3E
 		2020-11-24 22:30:03 -05:00
..
authorization.rb Update authorization.rb 2018-10-30 16:57:42 -04:00
base.rb add rescue_with support to ActionCable::Connection::Base 2020-03-20 14:49:38 -07:00
client_socket.rb Enable autocorrect for `Lint/EndAlignment` cop 2018-01-18 17:19:13 +09:00
identification.rb Class methods in the `class_methods` blocks are wrongly appeared in the doc 2018-04-04 09:04:15 +09:00
internal_channel.rb Use frozen string literal in actioncable/ 2017-07-23 23:30:29 +03:00
message_buffer.rb Rails 6 requires Ruby 2.3+ 2018-02-17 10:03:37 -08:00
stream.rb Better compatibility with SPEC. 2018-07-04 12:45:35 +12:00
stream_event_loop.rb Use frozen string literal in actioncable/ 2017-07-23 23:30:29 +03:00
subscriptions.rb Do not allow subscribing to Base channel 2020-11-24 22:30:03 -05:00
tagged_logger_proxy.rb Use frozen string literal in actioncable/ 2017-07-23 23:30:29 +03:00
test_case.rb update from PR #36222 2020-02-12 13:31:43 -05:00
web_socket.rb Rails 6 requires Ruby 2.3+ 2018-02-17 10:03:37 -08:00