Skip to content
Commits on Jul 26, 2012
  1. @tenderlove
Commits on Apr 30, 2012
  1. @willbryant @drogus

    fix the Flash middleware loading the session on every request (very d…

    willbryant committed with drogus Jan 24, 2012
    …angerous especially with Rack::Cache), it should only be loaded when the flash method is called
Commits on Apr 29, 2012
  1. @pixeltrix

    Don't convert params if the request isn't HTML - fixes #5341

    pixeltrix committed Apr 29, 2012
    (cherry picked from commit d6bbd33)
Commits on Mar 15, 2012
  1. @tenderlove

    Merge pull request #5456 from brianmario/redirect-sanitization

    tenderlove committed Mar 15, 2012
    Strip null bytes from Location header
Commits on Feb 20, 2012
  1. @tenderlove
Commits on Jan 10, 2012
  1. @drogus
Commits on Oct 31, 2011
  1. @tenderlove
  2. @cmeiklejohn @tenderlove

    Ensure that the format isn't applied twice to the cache key, else it …

    cmeiklejohn committed with tenderlove Jul 30, 2011
    …becomes impossible to target with expire_action.
Commits on Oct 20, 2011
  1. @avakhov @vijaydev
Commits on Oct 14, 2011
  1. @amatsuda @vijaydev

    status is a number in Rails 3

    amatsuda committed with vijaydev Oct 12, 2011
  2. @avakhov @vijaydev

    Add ActionController#head example

    avakhov committed with vijaydev Oct 11, 2011
Commits on Oct 9, 2011
  1. @avakhov @vijaydev
Commits on Sep 28, 2011
  1. @spastorino

    Merge pull request #3150 from avakhov/patch-html-sanitizer-cqi-require

    spastorino committed Sep 27, 2011
    add missing require to html sanitizer
Commits on Sep 7, 2011
  1. @tenderlove
Commits on Aug 31, 2011
  1. @vijaydev

    doc fixes

    vijaydev committed Aug 28, 2011
Commits on Aug 27, 2011
  1. @fxn

    deletes spurious arrow

    fxn committed Aug 27, 2011
Commits on Aug 23, 2011
  1. @dmajda @pixeltrix

    Make ActionController::TestCase#recycle! set @protocol to nil

    dmajda committed with pixeltrix Aug 23, 2011
    This ensures that the protocol does not get carried over when there are
    two or more requests in functional tests. This was a problem when e.g.
    the first request was HTTP and the second request was HTTPS.
    
    Closes #2654.
    
    Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
    (cherry picked from commit 68a13ed)
  2. @pixeltrix

    Don't modify params in place - fixes #2624

    pixeltrix committed Aug 23, 2011
    (cherry picked from commit 14cf4b2)
Commits on Aug 20, 2011
  1. @spastorino

    Merge pull request #2596 from dharmatech/patch-1

    spastorino committed Aug 20, 2011
    ActionController::Redirecting : fix docs typo
  2. @spastorino

    Merge pull request #2597 from dharmatech/patch-2

    spastorino committed Aug 20, 2011
    actionpack/lib/action_controller/base.rb: docs typo
  3. @spastorino

    Merge pull request #2604 from vijaydev/params_wrapper_docs

    spastorino committed Aug 20, 2011
    Minor edit in the params wrapper api docs
Commits on Aug 16, 2011
  1. @tenderlove

    Tags with invalid names should also be stripped in order to prevent

    tenderlove committed Aug 16, 2011
    XSS attacks.  Thanks Sascha Depold for the report.
  2. @jonleighton

    Use lazy load hooks to set parameter wrapping configuration. This mea…

    jonleighton committed Aug 16, 2011
    …ns that it doesn't force Action Controller / Active Record to load, but it doesn't fail if they have already loaded. Thanks @josevalim for the hint.
  3. @jonleighton

    Don't refer to ActionController::Base in the wrap_parameters initiali…

    jonleighton committed Aug 16, 2011
    …zer - use config object instead. Cuts about 15% off the load time. (#734)
Commits on Aug 7, 2011
  1. @spastorino

    x_sendfile_header now defaults to nil and production.rb env file doesn't

    spastorino committed Aug 7, 2011
    set a particular value for it. This allows servers to set it through
    X-Sendfile-Type, read
    https://github.com/rack/rack/blob/master/lib/rack/sendfile.rb for more
    info. Anyways you can force this value in your production.rb
Commits on Aug 1, 2011
  1. @thoefer2
Commits on Jul 25, 2011
  1. @dchelimsky
Commits on Jul 24, 2011
  1. @oem @fxn

    Changed a few instances of of words in the API docs written in Britis…

    oem committed with fxn Jul 24, 2011
    …h English to
    
    American English(according to Weber)
    
    Conflicts:
    
    	actionpack/lib/action_controller/metal/request_forgery_protection.rb
    	railties/lib/rails/engine.rb
Commits on Jul 18, 2011
  1. @jstorimer

    Ensure that status codes are logged properly

    jstorimer committed Jul 18, 2011
    Needed to move AC::Metal::Instrumentation before AM::Metal::Rescue
    so that status codes rendered from rescue_from blocks are logged
    properly.
Commits on Jul 6, 2011
  1. @josevalim

    Deprecate stream at the class level.

    josevalim committed Jul 6, 2011
    This is because only template rendering works with streaming.
    Setting it at the class level was also changing the behavior
    of JSON and XML responses, closes #1337.
Commits on Jun 30, 2011
  1. @josevalim
Commits on Jun 29, 2011
  1. @josevalim

    [IMPORTANT] Make "sprockets/railtie" require explicit.

    josevalim committed Jun 29, 2011
    This makes "sprockets/railtie" explicit. This means that sprockets will
    be loaded when you require "rails/all". If you are not using requiring
    "rails/all", you need to manually load it with all other framework
    railties.
    
    In order to be complete, this commit also adds --skip-sprockets to
    the rails generator.
Commits on Jun 24, 2011
  1. @spastorino

    Merge pull request #1844 from jeroenj/cachesweeper-fix-3-1

    spastorino committed Jun 24, 2011
    Fixes an issue where cache sweepers
Commits on Jun 23, 2011
  1. @mjankowski @fxn
  2. Fixes an issue where cache sweepers with only after filters would hav…

    Jeroen Jacobs committed Jun 21, 2011
    …e no controller object
    
    It would raise undefined method controller_name for nil
Something went wrong with that request. Please try again.