kotovalexarian-likes-github/sinatra
1
0
Fork 0
mirror of https://github.com/sinatra/sinatra synced 2023-03-27 23:18:01 -04:00
Code Releases Activity
168 commits 2 branches 149 tags 10 MiB
Commit graph

20 commits

Author SHA1 Message Date
Josef Stribny
270ab97e17 Fix permissions back to 0644 2015-01-16 15:13:23 +01:00
Igor Bochkariov
690dbeffaa clarify reaction warning, test it 2014-03-13 11:55:59 +04:00
Jason Staten
5f7be397a2 Discard invalid Referer header 
If an invalid Referer header such as "http://example.com/bad|uri" is
provided, ignore the value of it and skip using the Host header fallback.
 2014-01-23 15:15:44 -07:00
Patrick Ellis
06ce831fb2 ensure Rack::Protection::Base#random_string always outputs 32 characters 2013-09-09 15:27:17 -07:00
brookemckim
4121d4cd16 Add instrumentation support 2013-08-21 15:02:02 -04:00
Florian Gilcher
3835ec3ea8 Add a report reaction 
This reaction does not halt the request, but leaves it up to the
app to react on this information. This allows e.g. frameworks to
ignore failures in certain conditions.
 2013-03-10 23:34:37 +01:00
Konstantin Haase
1fb10858b8 small refactor 2012-12-10 22:04:43 +01:00
Chris Heald
ea010df020 Don't choke on requests that end up without a content-type header 2012-12-10 13:54:27 -07:00
Konstantin Haase
13f0d4dac3 only set protection headers for html, fixes #31 2012-12-10 16:42:48 +01:00
Bjørge Næss
fd4687f331 Bypass referer check if Origin header is given 2012-09-05 10:08:09 +02:00
Akzhan Abdulin
eea798e787 NotImpelentedError typo fix 2011-11-08 17:44:32 +03:00
Konstantin Haase
fcce195bc8 remove NoReferrer, instead, take an option for that 2011-06-20 13:08:39 +02:00
Konstantin Haase
f644adcbeb default reaction to deny 2011-06-20 09:16:15 +02:00
Konstantin Haase
62dd794011 add JSON CSRF protection 2011-06-19 15:26:39 +02:00
Konstantin Haase
012cd7be0f implement session hijacking prevention 2011-05-29 13:01:47 +02:00
Konstantin Haase
3588ba5d33 move stuff around, add remote_token protection 2011-05-29 12:10:15 +02:00
Konstantin Haase
ab177702bb import authenticity token implementation 2011-05-28 17:51:54 +02:00
Konstantin Haase
725d26b502 implement NoReferrer 2011-05-25 12:27:18 +02:00
Konstantin Haase
40f5a0c0fa fix default options not overriding options 2011-05-24 10:56:19 +02:00
Konstantin Haase
0985552f33 initial commit 2011-05-23 10:07:54 +02:00