| .. |
|
authenticity_token_spec.rb
|
spec only cares about presence of csrf token, not length
|
2013-09-10 13:46:16 -07:00 |
|
base_spec.rb
|
fix typoed header name
|
2014-01-23 15:29:16 -07:00 |
|
escaped_params_spec.rb
|
Don't create request since it is unused.
|
2013-11-21 22:08:22 +05:30 |
|
form_token_spec.rb
|
spects for token checks
|
2011-06-20 09:16:44 +02:00 |
|
frame_options_spec.rb
|
use upper case for frame options, fixes #25
|
2012-12-10 16:48:21 +01:00 |
|
http_origin_spec.rb
|
refactored spec
|
2012-05-12 22:23:25 +07:00 |
|
ip_spoofing_spec.rb
|
pending tests for ip spoofing
|
2011-06-20 15:47:29 +02:00 |
|
json_csrf_spec.rb
|
let json_csrf always deny, fixes #50
|
2013-10-21 11:38:36 +02:00 |
|
path_traversal_spec.rb
|
Fix PATH_INFO's encoding problem
|
2013-04-16 11:42:51 +09:00 |
|
protection_spec.rb
|
clarify reaction warning, test it
|
2014-03-13 11:55:59 +04:00 |
|
remote_referrer_spec.rb
|
remove NoReferrer, instead, take an option for that
|
2011-06-20 13:08:39 +02:00 |
|
remote_token_spec.rb
|
pending specs for remote token
|
2011-06-20 15:47:43 +02:00 |
|
session_hijacking_spec.rb
|
Ignore changing Accept-Encoding header, fixes #56
|
2014-01-03 04:33:50 +02:00 |
|
spec_helper.rb
|
improve compatibility to old rack versions, fixes #36
|
2012-12-12 11:03:07 +01:00 |
|
xss_header_spec.rb
|
rework protection headers, fixes #40
|
2013-03-01 15:36:05 +11:00 |
