Skip to content
This repository

Feb 08, 2013

  1. James Tucker

    Bump version number

    authored
  2. James Tucker

    Update README for todays releases

    authored

Feb 07, 2013

  1. James Tucker

    Use secure_compare for hmac comparison

     * Closes CVE-2013-0263
    authored
  2. James Tucker

    Add secure_compare to Rack::Utils

    authored

Jan 13, 2013

  1. James Tucker

    Bump version

    authored
  2. James Tucker

    Update README for release. Add security section.

    Conflicts:
    	README
    authored
  3. James Tucker

    Squash warnings in spec_auth

    authored
  4. James Tucker

    Update spec_auth to work with test-spec

    authored
  5. James Tucker

    Reimplement auth scheme fix

     * Add Rack::Auth.add_scheme to enable folks to fix anything that breaks
     * Add common auth schemes, MS ones, AWS ones, etc are missing, as unlikely
     * Checked Rails - they don't use our authorization code
     * Checked Warden - uses rails
     * Checked Omniauth - uses rails
     * Checked doorkeeper - users rails
     * Checked rack-authentication - does it's own thing
     * Checked warden-oauth - doesn't do headers
     * Checked devise - uses rails
     * Checked oauth2-rack - header creation only
     * Checked rack-oauth2-server - does it's own thing
     * Probably missed a bunch, but that'll have to do
    authored

Jan 07, 2013

  1. James Tucker

    Bump to 1.1.4

    authored

Jan 06, 2013

  1. James Tucker

    Update README based on the one from master

    authored

Jan 04, 2013

  1. James Tucker

    Make the Rakefile usable in presence of new RDoc

    authored
  2. James Tucker

    Add warning to strongly recommend to people to have secrets protectin…

    …g their cookies
    
    Conflicts:
    	test/spec_rack_session_cookie.rb
    authored raggi committed

Dec 28, 2011

  1. James Tucker

    Bump version, and add release notes

    authored
  2. James Tucker

    Backport `Limit the size of parameter keys`

    authored
  3. James Tucker

    Fix errors caused by different stdlib logger

    authored

Sep 08, 2011

  1. James Tucker

    Backport set_cookie_header! and delete_cookie_header! fixes from mast…

    …er, affecting rack-cache and rails 2.x
    authored
  2. James Tucker

    Lets move things forward... (working test runs again)

    authored

Mar 13, 2011

  1. Christian Neukirchen

    hack out tests

    authored
  2. Christian Neukirchen

    Version 1.1.2

    authored
  3. Christian Neukirchen

    MD5 Digest auth: fail if authenticator returns nil

    Fixes the authenticator API to deny access if nil is returned from the
    authenticator block. Without this patch, the nil gets to_s'd to "" and
    an empty password would be accepted.
    
    Backported to rack-1.1.
    
    Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>
    authored

Mar 01, 2011

  1. James Tucker

    Bump to 1.1.1

    authored

Feb 10, 2011

  1. James Tucker

    Use Rack.release instead of two separate strings

    authored
  2. James Tucker

    improve gemloader to include runtime deps if any, and not break on co…

    …mplex requirements
    authored
  3. James Tucker

    Fix daemonize issues, may need picking into master

    authored
  4. James Tucker

    Fix cgi spec against implementation (same as master)

    authored

Dec 20, 2010

  1. James Tucker

    Use gemloader to run against older development dependency gems

    authored
  2. James Tucker

    Add gemloader script that will provide the ability to activate develo…

    …pment dependencies at the correct version for point releases
    authored
  3. James Tucker

    Add stage to gitignore

    authored
  4. James Tucker

    Update for 1.1.1 release

    authored
  5. James Tucker

    Fix failing and invalid tests

    authored
  6. James Tucker

    Fixup development dependencies in gemspec, as newer versions now caus…

    …e breakage
    authored
  7. James Tucker

    mark as rack-1.1.1.pre

    authored

Dec 19, 2010

  1. Simon Chiang

    removed parsing of quoted values

    Signed-off-by: raggi <jftucker@gmail.com>
    authored raggi committed

Jan 03, 2010

  1. Joshua Peek

    Set 1.1 release date

    authored
Something went wrong with that request. Please try again.