Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on May 6, 2015
  1. @tenderlove

    use shasum

    tenderlove authored
  2. @tenderlove

    bumping to 1.5.3

    tenderlove authored
  3. @tenderlove
Commits on Nov 14, 2014
  1. @spastorino

    Merge pull request #756 from filipegiusti/fix-large-posts

    spastorino authored
    Rack 1.5: Use equal? to compare form_input to rack.input
Commits on Nov 13, 2014
  1. @statianzo @filipegiusti

    Use equal? to compare form_input to rack.input

    statianzo authored filipegiusti committed
    Using equal? provides consistent results of equality between 1.8, 1.9,
    and 2.0 when comparing Tempfile objects.
    In 1.8, == will change the position of the Tempfile.
    In 1.9+, == compares Tempfiles correctly.
    In 1.8, eql? compares Tempfiles correctly
    In 1.9+, t.eql?(t) always returns false
Commits on Jul 9, 2014
  1. @rkh

    Merge pull request #711 from polleverywhere/152

    rkh authored
    correct Request#port for lighttpd2 proxy case
  2. @manveru @bf4

    correct Request#port for lighttpd2 proxy case

    manveru authored bf4 committed
Commits on Dec 4, 2013
  1. @spastorino
  2. @spastorino
Commits on Jul 16, 2013
  1. @spastorino

    Merge pull request #585 from MSch/patch-1

    spastorino authored
    Fix bug in sendfile.rb
Commits on Feb 8, 2013
  1. @raggi

    Bump version number

    raggi authored
  2. @raggi
  3. @raggi

    Prevent symlink path traversals

    raggi authored
     * Closes CVE-2013-0262
  4. @TimMoore @raggi

    Stop overwriting existing pidfiles.

    TimMoore authored raggi committed
    A race condition can arise when two servers are started simultaneously. Both
    instances may complete the check for an existing pidfile before either one
    writes it.
    Now the pidfile is opened with ::File::EXCL, which raises an error if the file
    already exists. This error is handled by retrying the check and the write.
  5. @raggi

    Use secure_compare for hmac comparison

    raggi authored
     * Closes CVE-2013-0263
  6. @raggi

    Add secure_compare to Rack::Utils

    raggi authored
  7. @raggi
  8. @raggi
  9. @raggi
  10. @jordimassaguerpla @raggi

    add license information to gemspec

    jordimassaguerpla authored raggi committed
    this way it can be used with API
  11. @oscardelben @raggi

    Fix reference link

    oscardelben authored raggi committed
  12. @oscardelben @raggi

    Document Rack::Deflater

    oscardelben authored raggi committed
  13. @raggi

    Request#trusted_proxy? no longer accepts lines

    raggi authored
     * Closes #508
     * Adds some limited coverage. More issues highlighted - incomplete local ips.
Commits on Feb 7, 2013
  1. @spastorino @raggi

    Add find and set methods to Session object

    spastorino authored raggi committed
Commits on Jan 28, 2013
  1. @raggi
  2. @raggi
  3. @raggi

    Merge pull request #500 from aocole/patch-1

    raggi authored
    Changing incorrect documentation
  4. @raggi

    Remove specific version code from Lint

    raggi authored
     * Too easy to miss during updates
     * Required format unchanged
     * Closes #501
  5. @raggi

    Reimplement keys and values on SessionHash

    raggi authored
     * Basic additional APIs to simplify requirements for Rails and Devise
Commits on Jan 25, 2013
  1. @aocole

    Changing incorrect documentation

    aocole authored
    The original comment on set_session said to return true or false
    depending on whether the session was saved or not. In reality, this
    method MUST return the session id in order for #commit_session to set
    the cookie data properly.
Commits on Jan 22, 2013
  1. @raggi

    Merge branch 'lint-headerhash' of git://

    raggi authored
    * 'lint-headerhash' of git://
      lint: avoid TypeError on non-Hash-like response headers
  2. @rkh

    Merge pull request #499 from barttenbrinke/master

    rkh authored
    Added specific test when X-Forwarded-For is 'unknown'
  3. @barttenbrinke
  4. lint: avoid TypeError on non-Hash-like response headers

    Eric Wong authored
    According to SPEC (and check_headers), Response headers need only
    respond to #each.  Thus, check_hijack_response should rely on
    Rack::Utils::HeaderHash if it wishes to access the headers in a
    hash-like fashion.
  5. @raggi
Something went wrong with that request. Please try again.