Skip to content
Commits on May 19, 2016
  1. @manveru

    Merge pull request #1072 from frodsan/remove-unused-var

    Remove unused variable.
    manveru committed May 19, 2016
  2. @frodsan
Commits on May 6, 2016
  1. @tenderlove

    bumping version

    tenderlove committed May 6, 2016
  2. @tenderlove

    Merge pull request #1056 from maclover7/request-helpers

    Move Rack::Request convienence methods to Helpers
    tenderlove committed May 5, 2016
Commits on May 5, 2016
  1. @tenderlove

    use sha256 for ETag generation

    Make ETags great again. Switch for more secure etag generation.
    tenderlove committed May 5, 2016
Commits on May 4, 2016
  1. @maclover7
  2. @tenderlove

    Merge pull request #1065 from jkowens/fix-null-byte

    Return 400 if Rack::File or Rack::Directory path contains null byte
    tenderlove committed May 4, 2016
  3. @tenderlove

    Merge pull request #1066 from jkowens/head-aware

    Omit response body for HEAD requests to Rack::Directory
    tenderlove committed May 4, 2016
  4. @tenderlove

    Merge pull request #1069 from sgrif/sg-deprecate-params-accessors

    Move `Request#[]` and `Request#[]=` to `Helpers` and deprecate them
    tenderlove committed May 4, 2016
  5. @tenderlove

    Merge pull request #1068 from gearnode/bump-ruby-version-for-ci

    Use last version of MRI Ruby with CI (travis)
    tenderlove committed May 4, 2016
  6. @sgrif
  7. @gearnode
Commits on May 3, 2016
  1. @jkowens
  2. @jkowens

    Return 400 status if request for static file includes null byte

    File paths cannot contain null byte characters and methods that do path
    operations such as Rack::Utils#clean_path_info will raise unwanted
    errors.
    jkowens committed Dec 1, 2015
Commits on Apr 30, 2016
  1. @jeremy

    Tests: check exitstatus outside the conditional as a workaround

    `$?` may be `nil` here, some quirk on 2.4.0-dev. Split it up to fix.
    
    Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
    Thomas Grindinger committed with jeremy Apr 28, 2016
Commits on Apr 28, 2016
  1. @jeremy

    HEAD requests to Rack::File now omit the response body.

    Fixes #945.
    
    Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
    Thomas Grindinger committed with jeremy Apr 23, 2016
Commits on Apr 25, 2016
  1. @jeremy
Commits on Apr 24, 2016
  1. @jeremy

    Merge pull request #1063 from tgrindinger/fix-webrick-tests

    improve fragile webrick test
    
    Awkward busy-wait loop, but sufficient to build on.
    jeremy committed Apr 24, 2016
  2. improve fragile webrick test

    Thomas Grindinger committed Apr 24, 2016
Commits on Apr 18, 2016
  1. @jeremy

    Merge pull request #976 from prathamesh-sonpatki/fix-lighttpd-tests

     Run lighttpd tests if it's present on the system
    jeremy committed Apr 18, 2016
  2. @jeremy

    CI: bump up to modern Travis setup

    * Lean on the default bundle install step.
    * Drop sudo. Switch to services+addons.
    * Cache our bundle and apt packages.
    
    Closes #1053
    jeremy committed Apr 17, 2016
  3. @bobjflong @jeremy

    Validate the SameSite cookie option

    The draft spec for the SameSite option mentions two configuration
    options: Strict & Lax. This commit introduces validation of the
    associated same_site attribute.
    
    The main motivation for validating this value is ensuring that awry
    option values don't cause unexpected behaviour. As this is a sensitive
    security option, I think validation is warranted.
    
    The main drawback of validating the option value is that Rack won't
    immediately support new options.
    
    Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
    bobjflong committed with jeremy Apr 16, 2016
  4. @jeremy
Commits on Apr 12, 2016
  1. @spastorino

    Merge pull request #1042 from gioele/cmp-host-server-once

    Compare host and server name only once per call
    spastorino committed Apr 11, 2016
  2. @spastorino

    Merge pull request #1045 from shhavel/feature/use_string_interpolatio…

    …n_instead_plus
    
    Use String interpolation or << instead plus which are faster
    spastorino committed Apr 11, 2016
Commits on Apr 7, 2016
  1. @jeremy

    Merge pull request #1046 from shhavel/feature/micro_refactor_string_s…

    …can_in_rack_auth_digest_params_split_header_value
    
    Micro refactor string scan in Rack::Auth::Digest::Params.split_header_value
    jeremy committed Apr 7, 2016
  2. @shhavel
  3. @shhavel
Commits on Apr 5, 2016
  1. @gioele

    Compare host and server name only once per call

    The host name and the server name are not changed inside `#call(env)`,
    so there is no need to compare them every time a mapping is tested.
    gioele committed Apr 5, 2016
Commits on Mar 17, 2016
  1. @tenderlove

    Merge pull request #1033 from mastahyeti/same-site-cookies

    Update first-party-only cookie syntax
    tenderlove committed Mar 17, 2016
Commits on Mar 15, 2016
  1. @mastahyeti

    first-party cookies are now same-site cookies

    remove use of `:first_party` option
    
    pass along provided value
    
    make the syntax more flexible
    
    s/strict/Strict/
    mastahyeti committed Mar 15, 2016
Commits on Mar 13, 2016
  1. @raggi

    Merge pull request #1027 from rack/default-server

    Puma should be the default webserver for rackup
    raggi committed Mar 12, 2016
Commits on Mar 11, 2016
  1. @matthewd

    Merge pull request #1029 from rthbound/fixes-951-fixes-1015

    Fixes 951 fixes 1015
    matthewd committed Mar 12, 2016
Commits on Mar 8, 2016
  1. @rthbound

    Fixes #1015

      - Handles the edge case
      - Adds a test for #1015
    rthbound committed Mar 4, 2016
Commits on Mar 5, 2016
  1. @conzett @rthbound

    Add more failing specs for ararys

    conzett committed with rthbound Feb 12, 2016
Something went wrong with that request. Please try again.