sinatra

mirror of https://github.com/sinatra/sinatra synced 2023-03-27 23:18:01 -04:00

History

Zachary Scott b115767785 Hard-code rack-protection version until we can generate it I want them to be the same as Sinatra, but since r-p doesn't (and won't) depend on Sinatra we can't use the `VERSION` constant here at runtime. Closes #1174		2016-08-23 01:51:51 +09:00
..
authenticity_token.rb	Mitigate BREACH attack	2016-08-16 21:22:49 -04:00
base.rb	Use secure_compare when checking CSRF token	2016-07-26 15:31:31 +09:00
content_security_policy.rb	💅	2016-07-29 08:50:52 +09:00
cookie_tossing.rb	Remove extra calls to method that determines cookie paths	2016-07-31 16:24:58 -04:00
escaped_params.rb	Fix Tempfile reference being returned as nil	2015-09-30 16:51:50 -05:00
form_token.rb	implement form token protection	2011-06-20 09:17:04 +02:00
frame_options.rb	rework protection headers, fixes #40	2013-03-01 15:36:05 +11:00
http_origin.rb	Document `:origin_whitelist` option for HttpOrigin and pointer from JsonCsrf	2016-08-01 16:32:11 +09:00
ip_spoofing.rb	Add parens for 'Ambiguous first argument' warnings in jruby	2011-09-28 22:54:32 -07:00
json_csrf.rb	Document `:origin_whitelist` option for HttpOrigin and pointer from JsonCsrf	2016-08-01 16:32:11 +09:00
path_traversal.rb	Fix PATH_INFO's encoding problem	2013-04-16 11:42:51 +09:00
remote_referrer.rb	remove note about NoReferrer	2013-03-01 15:23:34 +11:00
remote_token.rb	remove "not yet implemented" comments if not true	2011-06-19 14:54:29 +02:00
session_hijacking.rb	Ignore changing Accept-Encoding header, fixes #56	2014-01-03 04:33:50 +02:00
strict_transport.rb	Add Strict Transport Security protection	2016-01-26 15:35:01 +00:00
version.rb	Hard-code rack-protection version until we can generate it	2016-08-23 01:51:51 +09:00
xss_header.rb	Document Chrome is also supported by XSSHeader [ci skip]	2016-07-28 13:36:52 +09:00