| .. |
|
authenticity_token_spec.rb
|
Add support for per form csrf tokens
|
2021-01-05 10:41:48 -05:00 |
|
base_spec.rb
|
Remove require 'spec_helper'
|
2014-09-03 19:28:14 +02:00 |
|
content_security_policy_spec.rb
|
Allow CSP to fallback to default-src (#1490)
|
2020-03-13 17:07:34 -04:00 |
|
cookie_tossing_spec.rb
|
Fix failing tests
|
2020-03-10 15:10:55 -04:00 |
|
escaped_params_spec.rb
|
Fix Tempfile reference being returned as nil
|
2015-09-30 16:51:50 -05:00 |
|
form_token_spec.rb
|
Make authenticity token length a fixed value of 32
|
2016-09-20 11:43:22 -04:00 |
|
frame_options_spec.rb
|
Remove require 'spec_helper'
|
2014-09-03 19:28:14 +02:00 |
|
http_origin_spec.rb
|
Fix broken origin_whitelist option #1641
|
2020-09-18 11:11:43 +09:00 |
|
ip_spoofing_spec.rb
|
Remove require 'spec_helper'
|
2014-09-03 19:28:14 +02:00 |
|
json_csrf_spec.rb
|
Add allow_if option to bypass json csrf protection
|
2017-03-12 23:00:26 -04:00 |
|
path_traversal_spec.rb
|
Drop Ruby 1.8 checks
|
2019-04-12 23:17:19 +02:00 |
|
protection_spec.rb
|
include application/xml and text/xml content-types to valid html_types for Rack::Protection
|
2018-03-30 13:15:20 -07:00 |
|
remote_referrer_spec.rb
|
Remove require 'spec_helper'
|
2014-09-03 19:28:14 +02:00 |
|
remote_token_spec.rb
|
Make authenticity token length a fixed value of 32
|
2016-09-20 11:43:22 -04:00 |
|
session_hijacking_spec.rb
|
Don't track the Accept-Language header by default.
|
2018-12-15 15:22:21 -05:00 |
|
strict_transport_spec.rb
|
Adds preload option to Rack:Protection:StrictTransport
|
2016-11-26 16:10:35 +00:00 |
|
xss_header_spec.rb
|
Remove require 'spec_helper'
|
2014-09-03 19:28:14 +02:00 |
f8f04e5fce