Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Jun 12, 2015
  1. @tenderlove

    assume secure random is always available

    tenderlove authored
    secure_random should always be available on Ruby 2.2+, it just may not
    use openssl
  2. @tenderlove
  3. @zenspider @tenderlove

    More of the terrible from tenderlove

    zenspider authored tenderlove committed
  4. @zenspider @tenderlove

    moar from tenderlove

    zenspider authored tenderlove committed
  5. @zenspider @tenderlove

    more patches from tenderlove... both versions of this test are terrib…

    zenspider authored tenderlove committed
    …le, so no loss except for the extra dependency in this case
  6. @zenspider @tenderlove

    Fixes from tenderlove for tests I can't currently run.

    zenspider authored tenderlove committed
  7. @zenspider @tenderlove

    fixed random failure in webrick test via tenderlove

    zenspider authored tenderlove committed
  8. @zenspider @tenderlove
  9. @zenspider @tenderlove
  10. @zenspider @tenderlove
  11. @zenspider @tenderlove

    Make all tests run and pass independently.

    zenspider authored tenderlove committed
  12. @zenspider @tenderlove

    Converting to minitest: phase 1: minitest/bacon

    zenspider authored tenderlove committed
    This is a VERY quick conversion to minitest/bacon. It does nothing but
    include minitest/bacon and get the tests passing again. Some things are
    different, namely, how minitest treats tests (instance methods run
    randomly) vs how bacon treats tests ("class" blocks run serially).
    Instance variable access is different between the two, so some things
    got wrapped in before/after blocks WITHOUT indenting properly. That'll
    come later.
Commits on Jun 11, 2015
  1. @tenderlove

    Merge pull request #879 from wjordan/1.6-history

    tenderlove authored
    Add HISTORY for 1.6.0 and 1.5.3/1.6.1 releases
  2. @tenderlove

    raise an exception if the parameters are too deep

    tenderlove authored
    CVE-2015-3225
    
    Conflicts:
    	lib/rack/utils.rb
    	test/spec_utils.rb
Commits on Jun 10, 2015
  1. @spastorino
  2. @spastorino
  3. @spastorino

    Use == to compare form_input to rack.input

    Santiago Pastorino & Alexis Mas authored spastorino committed
    Partially reverts b059307 and 7f34329
  4. @spastorino

    URI::RFC2396 is always defined in Ruby 2.2+

    Santiago Pastorino & Alexis Mas authored spastorino committed
  5. @spastorino

    Remove to_s since we do not run 1.8 anymore

    Santiago Pastorino & Alexis Mas authored spastorino committed
Commits on Jun 9, 2015
  1. @tenderlove
  2. @tenderlove

    `params_class` should be private

    tenderlove authored
    the class type is an implementation detail and should not be shared.
  3. @tenderlove

    consolidate where to find the default_query_parser make keyspace requ…

    tenderlove authored
    …ired
    
    we should only be able to find the default_query_parser in one place,
    Utils.  Also the keyspace size should be a require parameter
  4. @tenderlove

    use the factory method for allocating new params objects

    tenderlove authored
    since the query parser only supports one type (the type it was allocated
    with), we can just use the factory method for allocating new child
    parameter types.  This should speed up the parser since we don't need to
    ask for the class of the params type all the time
  5. @tenderlove
  6. @tenderlove

    remove more dead code

    tenderlove authored
  7. @tenderlove

    remove dead code

    tenderlove authored
  8. @tenderlove

    make some methods private

    tenderlove authored
  9. @tenderlove

    ask the query parser to "normalize_params"

    tenderlove authored
    the query parser that constructed the params hash may be diffrent than
    the one that `Util` delegated to.  We should use the same query parser
    to `normalize_params` as constructed the params object.
  10. @tenderlove

    ask the query parser to construct a params object

    tenderlove authored
    this decouples the rest of the code from knowing how a params object is
    actually constructed
  11. @tenderlove
  12. @tenderlove
  13. @tenderlove

    query parsers should be immutable

    tenderlove authored
    this reduces the footprint for dealing with thread safety issues (for
    example, what if one thread mutates the parser while another one is
    using it? :-O )
  14. @tenderlove

    remove hash and optional params

    tenderlove authored
    the parser class is required, and we don't need a hash
  15. @tenderlove
  16. @tenderlove
Something went wrong with that request. Please try again.