Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master

Jun 01, 2011

  1. Carl Hörberg

    Trying to get the tests working in 1.9...

    authored June 01, 2011
  2. Carl Hörberg

    Returns the mail when delivered, for the tests

    authored June 01, 2011
  3. Carl Hörberg

    Replaced TMail with Mail in MailExceptions

    authored June 01, 2011

May 06, 2011

  1. Matt Todd

    Merge pull request #37 from judofyr/jsonp_u2028

    JSONP: Always escape U+2028 and U+2029
    authored May 06, 2011
  2. Magnus Holm

    JSONP: Always escape U+2028 and U+2029

    authored May 06, 2011

Apr 30, 2011

  1. Matt Todd

    Merged pull request #22 from toolmantim/master.

    Fix PostBodyContentTypeParser's content-type matching
    authored April 29, 2011

Apr 25, 2011

  1. Matt Todd

    Merged pull request #33 from rack/jsonp-xss-vulnerability.

    Strip invalid JS var name chars from JSONP callback
    authored April 25, 2011

Apr 09, 2011

  1. Matt Todd

    Remove unneeded duplicate call to has_callback?

    authored April 09, 2011
  2. Matt Todd

    Remove accidental inclusion

    authored April 08, 2011
  3. Matt Todd

    Ignore callback if empty

    authored April 08, 2011
  4. Matt Todd

    Return 400 Bad Request for invalid callbacks

    authored April 08, 2011

Apr 06, 2011

  1. Matt Todd

    Support $ as valid JS callback name character

    * is a valid JS var/function name
    authored April 06, 2011
  2. Matt Todd

    Support JSONP callbacks with dots (.)

    * in practice, callbacks often are within objects
    * for example:
      foo.bar.baz({...})
    authored April 06, 2011
  3. Matt Todd

    Clean JSONP callback

    * strips any non-word characters: attemps to ensure only valid JavaScript
      function names are returned
    * reduces XSS vulnerability
    authored April 06, 2011

Dec 19, 2010

  1. Kenny Parnell

    Added TryStatic as autoload

    authored December 18, 2010 manveru committed December 19, 2010

Dec 13, 2010

  1. Tim Lucas

    Fix PostBodyContentTypeParser's handling of empty JSON content bodies…

    …, and cleaned up the spec
    authored December 14, 2010
  2. Tim Lucas

    Fix PostBodyContentTypeParser's content-type matching to support cont…

    …ent-types with media-type parameters (such as 'application/json; charset=utf-8')
    authored December 13, 2010

Oct 19, 2010

  1. Ryan Tomayko

    1.1.0 release

    authored October 19, 2010

Oct 10, 2010

  1. Ryan Tomayko

    whitespace errors

    authored October 09, 2010
  2. Ryan Tomayko

    Merge remote branch 'gmarik/master'

    authored October 09, 2010

Oct 01, 2010

  1. Ravil Bayramgalin

    Add a few tests for edge cases

    authored October 01, 2010
  2. Ravil Bayramgalin

    Add tests

    authored October 01, 2010
  3. Ravil Bayramgalin

    Fix small bugs

    authored October 01, 2010

Sep 30, 2010

  1. Ravil Bayramgalin

    Rename subdomain_cookies as common_cookies

    authored October 01, 2010
  2. Ravil Bayramgalin

    Add line to describe middleware

    authored October 01, 2010
  3. Ravil Bayramgalin

    Add subdomain_cookies middleware

    authored October 01, 2010

Sep 19, 2010

  1. Rack::TryStatic middleware

    - try match request to a static file
    authored September 19, 2010

Sep 18, 2010

  1. MailExceptions: add tls support

    - TODO: use mailer
    authored September 17, 2010 manveru committed September 18, 2010
  2. MailExceptions: add tls support

    - TODO: use mailer
    authored September 16, 2010

Sep 03, 2010

  1. Matt Haynes

    Modify JSONP middleware to not fail if Content-Type header is missing

    authored September 03, 2010 manveru committed September 03, 2010

Aug 15, 2010

  1. Samuel Lebeau

    Rack::JSONP: Don't change content type in place.

    authored August 03, 2010 manveru committed August 15, 2010

Aug 07, 2010

  1. Eli Fox-Epstein

    A few minor text changes

    authored August 07, 2010 manveru committed August 07, 2010
  2. Eli Fox-Epstein

    Domain-Specific Language

    authored August 07, 2010 manveru committed August 07, 2010

Jun 10, 2010

  1. Ryan Tomayko

    1.0.1 release

    authored June 09, 2010
  2. Rafael Souza

    removed the last traces of etag

    authored June 10, 2010 rtomayko committed June 10, 2010
Something went wrong with that request. Please try again.