Permalink
Commits on Mar 5, 2011
  1. Release 0.3.7

    weavejester committed Mar 5, 2011
Commits on Mar 4, 2011
Commits on Feb 27, 2011
Commits on Feb 16, 2011
  1. Release 0.3.6.

    weavejester committed Feb 16, 2011
Commits on Feb 14, 2011
Commits on Dec 17, 2010
Commits on Dec 16, 2010
  1. Fixed timing attack in signature verification in the cookie session s…

    …tore by replacing = with secure-compare. Adapted from http://codahale.com/a-lesson-in-timing-attacks/ Not using Java's MessageDigest.isEqual since that had a vulnerability until recently
    yn committed Dec 16, 2010
Commits on Nov 27, 2010
  1. Release 0.3.5.

    weavejester committed Nov 27, 2010
  2. Fixed broken Jetty test

    weavejester committed Nov 27, 2010
Commits on Nov 23, 2010
  1. remove trailing whitespace

    committed Nov 23, 2010
  2. Use context classloader for fulfilling resource responses

    Tero Parviainen committed with weavejester Nov 21, 2010
Commits on Nov 16, 2010
  1. Release 0.3.4.

    weavejester committed Nov 16, 2010
Commits on Nov 14, 2010
Commits on Nov 9, 2010
Commits on Nov 1, 2010
  1. Release 0.3.3.

    committed Nov 1, 2010
  2. Qualify servlet calls.

    committed Oct 31, 2010