Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Jul 26, 2012
  1. @tenderlove
Commits on Apr 30, 2012
  1. @willbryant @drogus

    fix the Flash middleware loading the session on every request (very d…

    willbryant authored drogus committed
    …angerous especially with Rack::Cache), it should only be loaded when the flash method is called
Commits on Apr 29, 2012
  1. @pixeltrix

    Don't convert params if the request isn't HTML - fixes #5341

    pixeltrix authored
    (cherry picked from commit d6bbd33)
Commits on Mar 15, 2012
  1. @tenderlove

    Merge pull request #5456 from brianmario/redirect-sanitization

    tenderlove authored
    Strip null bytes from Location header
Commits on Feb 20, 2012
  1. @tenderlove
Commits on Jan 10, 2012
  1. @drogus
Commits on Oct 31, 2011
  1. @tenderlove
  2. @cmeiklejohn @tenderlove

    Ensure that the format isn't applied twice to the cache key, else it …

    cmeiklejohn authored tenderlove committed
    …becomes impossible to target with expire_action.
Commits on Oct 20, 2011
  1. @avakhov @vijaydev

    HTMl -> HTML: html scanner comment fix

    avakhov authored vijaydev committed
Commits on Oct 14, 2011
  1. @amatsuda @vijaydev

    status is a number in Rails 3

    amatsuda authored vijaydev committed
  2. @avakhov @vijaydev

    Add ActionController#head example

    avakhov authored vijaydev committed
Commits on Oct 9, 2011
  1. @avakhov @vijaydev

    Fix params hash example in AC::Base comment

    avakhov authored vijaydev committed
Commits on Sep 28, 2011
  1. @spastorino

    Merge pull request #3150 from avakhov/patch-html-sanitizer-cqi-require

    spastorino authored
    add missing require to html sanitizer
Commits on Sep 7, 2011
  1. @tenderlove
Commits on Aug 31, 2011
  1. @vijaydev

    doc fixes

    vijaydev authored
Commits on Aug 27, 2011
  1. @fxn

    deletes spurious arrow

    fxn authored
Commits on Aug 23, 2011
  1. @dmajda @pixeltrix

    Make ActionController::TestCase#recycle! set @protocol to nil

    dmajda authored pixeltrix committed
    This ensures that the protocol does not get carried over when there are
    two or more requests in functional tests. This was a problem when e.g.
    the first request was HTTP and the second request was HTTPS.
    Closes #2654.
    Signed-off-by: Andrew White <>
    (cherry picked from commit 68a13ed)
  2. @pixeltrix

    Don't modify params in place - fixes #2624

    pixeltrix authored
    (cherry picked from commit 14cf4b2)
Commits on Aug 20, 2011
  1. @spastorino

    Merge pull request #2596 from dharmatech/patch-1

    spastorino authored
    ActionController::Redirecting : fix docs typo
  2. @spastorino

    Merge pull request #2597 from dharmatech/patch-2

    spastorino authored
    actionpack/lib/action_controller/base.rb: docs typo
  3. @spastorino

    Merge pull request #2604 from vijaydev/params_wrapper_docs

    spastorino authored
    Minor edit in the params wrapper api docs
Commits on Aug 16, 2011
  1. @tenderlove

    Tags with invalid names should also be stripped in order to prevent

    tenderlove authored
    XSS attacks.  Thanks Sascha Depold for the report.
  2. @jonleighton

    Use lazy load hooks to set parameter wrapping configuration. This mea…

    jonleighton authored
    …ns that it doesn't force Action Controller / Active Record to load, but it doesn't fail if they have already loaded. Thanks @josevalim for the hint.
  3. @jonleighton

    Don't refer to ActionController::Base in the wrap_parameters initiali…

    jonleighton authored
    …zer - use config object instead. Cuts about 15% off the load time. (#734)
Commits on Aug 7, 2011
  1. @spastorino

    x_sendfile_header now defaults to nil and production.rb env file doesn't

    spastorino authored
    set a particular value for it. This allows servers to set it through
    X-Sendfile-Type, read for more
    info. Anyways you can force this value in your production.rb
Commits on Aug 1, 2011
  1. @thoefer2
Commits on Jul 25, 2011
  1. @dchelimsky
Commits on Jul 24, 2011
  1. @oem @fxn

    Changed a few instances of of words in the API docs written in Britis…

    oem authored fxn committed
    …h English to
    American English(according to Weber)
Commits on Jul 18, 2011
  1. @jstorimer

    Ensure that status codes are logged properly

    jstorimer authored
    Needed to move AC::Metal::Instrumentation before AM::Metal::Rescue
    so that status codes rendered from rescue_from blocks are logged
Commits on Jul 6, 2011
  1. @josevalim

    Deprecate stream at the class level.

    josevalim authored
    This is because only template rendering works with streaming.
    Setting it at the class level was also changing the behavior
    of JSON and XML responses, closes #1337.
Commits on Jun 30, 2011
  1. @josevalim
Commits on Jun 29, 2011
  1. @josevalim

    [IMPORTANT] Make "sprockets/railtie" require explicit.

    josevalim authored
    This makes "sprockets/railtie" explicit. This means that sprockets will
    be loaded when you require "rails/all". If you are not using requiring
    "rails/all", you need to manually load it with all other framework
    In order to be complete, this commit also adds --skip-sprockets to
    the rails generator.
Commits on Jun 24, 2011
  1. @spastorino

    Merge pull request #1844 from jeroenj/cachesweeper-fix-3-1

    spastorino authored
    Fixes an issue where cache sweepers
Commits on Jun 23, 2011
  1. @mjankowski @fxn

    more detail on how the flow between redirect and show works, and mino…

    mjankowski authored fxn committed
    …r grammar
  2. Fixes an issue where cache sweepers with only after filters would hav…

    Jeroen Jacobs authored
    …e no controller object
    It would raise undefined method controller_name for nil
Something went wrong with that request. Please try again.