Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Feb 8, 2013
  1. James Tucker

    Bump version number

    raggi authored
  2. James Tucker
Commits on Feb 7, 2013
  1. James Tucker

    Use secure_compare for hmac comparison

    raggi authored
     * Closes CVE-2013-0263
  2. James Tucker
Commits on Jan 13, 2013
  1. James Tucker

    Bump version

    raggi authored
  2. James Tucker

    Update README for release. Add security section.

    raggi authored
    Conflicts:
    	README
  3. James Tucker

    Squash warnings in spec_auth

    raggi authored
  4. James Tucker
  5. James Tucker

    Reimplement auth scheme fix

    raggi authored
     * Add Rack::Auth.add_scheme to enable folks to fix anything that breaks
     * Add common auth schemes, MS ones, AWS ones, etc are missing, as unlikely
     * Checked Rails - they don't use our authorization code
     * Checked Warden - uses rails
     * Checked Omniauth - uses rails
     * Checked doorkeeper - users rails
     * Checked rack-authentication - does it's own thing
     * Checked warden-oauth - doesn't do headers
     * Checked devise - uses rails
     * Checked oauth2-rack - header creation only
     * Checked rack-oauth2-server - does it's own thing
     * Probably missed a bunch, but that'll have to do
Commits on Jan 7, 2013
  1. James Tucker

    Bump to 1.1.4

    raggi authored
Commits on Jan 6, 2013
  1. James Tucker
Commits on Jan 4, 2013
  1. James Tucker
  2. James Tucker

    Add warning to strongly recommend to people to have secrets protectin…

    raggi authored raggi committed
    …g their cookies
    
    Conflicts:
    	test/spec_rack_session_cookie.rb
Commits on Dec 28, 2011
  1. James Tucker
  2. James Tucker
  3. James Tucker
Commits on Sep 8, 2011
  1. James Tucker

    Backport set_cookie_header! and delete_cookie_header! fixes from mast…

    raggi authored
    …er, affecting rack-cache and rails 2.x
  2. James Tucker
Commits on Mar 13, 2011
  1. Christian Neukirchen

    hack out tests

    chneukirchen authored
  2. Christian Neukirchen

    Version 1.1.2

    chneukirchen authored
  3. Christian Neukirchen

    MD5 Digest auth: fail if authenticator returns nil

    chneukirchen authored
    Fixes the authenticator API to deny access if nil is returned from the
    authenticator block. Without this patch, the nil gets to_s'd to "" and
    an empty password would be accepted.
    
    Backported to rack-1.1.
    
    Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>
Commits on Mar 1, 2011
  1. James Tucker

    Bump to 1.1.1

    raggi authored
Commits on Feb 10, 2011
  1. James Tucker
  2. James Tucker
  3. James Tucker
  4. James Tucker
Commits on Dec 20, 2010
  1. James Tucker
  2. James Tucker

    Add gemloader script that will provide the ability to activate develo…

    raggi authored
    …pment dependencies at the correct version for point releases
  3. James Tucker

    Add stage to gitignore

    raggi authored
  4. James Tucker

    Update for 1.1.1 release

    raggi authored
  5. James Tucker

    Fix failing and invalid tests

    raggi authored
  6. James Tucker
  7. James Tucker

    mark as rack-1.1.1.pre

    raggi authored
Commits on Dec 19, 2010
  1. Simon Chiang James Tucker

    removed parsing of quoted values

    thinkerbot authored raggi committed
    Signed-off-by: raggi <jftucker@gmail.com>
Commits on Jan 3, 2010
  1. Joshua Peek

    Set 1.1 release date

    josh authored
Something went wrong with that request. Please try again.