Skip to content
This repository
tag: v1.5.0

Mar 13, 2013

  1. Konstantin Haase

    bump version, regenerate gemspec

    authored

Mar 11, 2013

  1. Konstantin Haase

    Merge pull request #46 from Asquera/feature/report-reaction

    Feature/report reaction
    authored

Mar 10, 2013

  1. Florian Gilcher

    Add a `report` reaction

    This reaction does not halt the request, but leaves it up to the
    app to react on this information. This allows e.g. frameworks to
    ignore failures in certain conditions.
    skade authored

Mar 01, 2013

  1. Konstantin Haase

    v1.4.0

    authored
  2. Konstantin Haase

    xhr requests cannot be used for the json attack, fixes #39

    authored
  3. Konstantin Haase

    rework protection headers, fixes #40

    authored
  4. Konstantin Haase

    remove note about NoReferrer

    authored

Jan 21, 2013

  1. Konstantin Haase

    Merge pull request #41 from homakov/patch-2

    Introducing :use
    authored
  2. Egor Homakov

    Introducing :use

    homakov authored

Dec 12, 2012

  1. Konstantin Haase

    fix docs

    authored
  2. Konstantin Haase

    Revert "Update .travis.yml"

    This reverts commit 9e720f2.
    authored
  3. Konstantin Haase

    Update .travis.yml

    authored
  4. Konstantin Haase

    travis, how do you work, part 3

    authored
  5. Konstantin Haase

    travis, how do you work, part 2

    authored
  6. Konstantin Haase

    travis, how do you work

    authored
  7. Konstantin Haase

    improve compatibility to old rack versions, fixes #36

    authored
  8. Konstantin Haase

    escape unicode in gemspec, fixes #35

    authored

Dec 10, 2012

  1. Konstantin Haase

    regenerate gemspec

    authored
  2. Konstantin Haase

    bump version

    authored
  3. Konstantin Haase

    small refactor

    authored
  4. Konstantin Haase

    Merge pull request #32 from cheald/master

    Don't choke on requests that end up without a content-type header
    authored
  5. Chris Heald

    Don't choke on requests that end up without a content-type header

    cheald authored
  6. Konstantin Haase

    bump version

    authored
  7. Konstantin Haase

    remove history section

    authored
  8. Konstantin Haase

    use upper case for frame options, fixes #25

    authored
  9. Konstantin Haase

    only set protection headers for html, fixes #31

    authored
  10. Konstantin Haase

    make session hijacking middleware ignore case, fixes #11

    authored

Sep 05, 2012

  1. Konstantin Haase

    upgrade rake

    authored
  2. Konstantin Haase

    Merge pull request #30 from bjoerge/add-json-crsf-http-origin-check

    Bypass referer check if Origin header is given
    authored
  3. Bjørge Næss

    Bypass referer check if Origin header is given

    bjoerge authored

Aug 07, 2012

  1. Konstantin Haase

    Merge pull request #29 from savulchik/master

    Fix for issue #28
    authored
  2. Stanislav Savulchik

    Fix typo in FrameOptions example description

    savulchik authored

Jul 02, 2012

  1. Konstantin Haase

    Merge pull request #27 from spagalloco/escapenils

    allow cache-breaker params in EscapedParams
    authored
  2. Steve Agalloco

    allow cache-breaker params in EscapedParams

    spagalloco authored

Jun 28, 2012

  1. Konstantin Haase

    Merge pull request #26 from send/x-content-type-options

    X-Content-Type-Options feature
    authored
Something went wrong with that request. Please try again.