TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
83,168 Commits 2 Branches 0 Tags 294 MiB
9ebfb149ed
Commit Graph

41 Commits

Author SHA1 Message Date
Dirkjan Bussink
0523532a3c
Always use OpenSSL constants for Digest operations 
As also previously discussed in
https://github.com/rails/rails/pull/40770#issuecomment-748347066, this
moves the usage of Digest constants to always use the OpenSSL version of
those Digest implementations.
 2021-06-30 13:57:54 +02:00
Ryuta Kamizono
c81af6ae72 Enable Layout/EmptyLinesAroundAccessModifier cop 
We sometimes say "✂️ newline after `private`" in a code review (e.g.
https://github.com/rails/rails/pull/18546#discussion_r23188776,
https://github.com/rails/rails/pull/34832#discussion_r244847195).

Now `Layout/EmptyLinesAroundAccessModifier` cop have new enforced style
`EnforcedStyle: only_before` (https://github.com/rubocop-hq/rubocop/pull/7059).

That cop and enforced style will reduce the our code review cost.
 2019-06-13 12:00:45 +09:00
Rafael Mendonça França
1a6a3e06ed
Remove secret_token rack env and cookie upgrade code 
Now that secret_token was removed all this code is now dead.
 2019-01-17 16:08:34 -05:00
Dillon Welch
d108288c2f
Turn on performance based cops 
Use attr_reader/attr_writer instead of methods

method is 12% slower

Use flat_map over map.flatten(1)

flatten is 66% slower

Use hash[]= instead of hash.merge! with single arguments

merge! is 166% slower

See https://github.com/rails/rails/pull/32337 for more conversation
 2018-07-23 15:37:06 -07:00
Daniel Colson
a1ac18671a Replace assert ! with assert_not 
This autocorrects the violations after adding a custom cop in
3305c78dcd.
 2018-04-19 08:11:33 -04:00
utilum
6f6fe69ea8 We should call methods with .method_name not ::method_name. 
Found several instances.

Follow up on 63d530c5e68a8cf53603744789f53ccbc7ac1a0e
 2018-02-22 00:54:40 +01:00
Kir Shatrov
dfcc766163 Use frozen string literal in actionpack/ 2017-07-29 14:02:40 +03:00
Matthew Draper
87b3e226d6 Revert "Merge pull request #29540 from kirs/rubocop-frozen-string" 
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
 2017-07-02 02:15:17 +09:30
Kir Shatrov
cfade1ec7e Enforce frozen string in Rubocop 2017-07-01 02:11:03 +03:00
Rafael Mendonça França
fe1f4b2ad5
Add more rubocop rules about whitespaces 2016-10-29 01:17:49 -02:00
Rafael Mendonça França
55f9b8129a
Add three new rubocop rules 
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces

Fix all violations in the repository.
 2016-08-16 04:30:11 -03:00
Xavier Noria
80e66cc4d9 normalizes indentation and whitespace across the project 2016-08-06 20:16:27 +02:00
Xavier Noria
5b6eb1d58b modernizes hash syntax in actionpack 2016-08-06 19:35:13 +02:00
Xavier Noria
35b3de8021 applies new string literal convention in actionpack/test 
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
 2016-08-06 18:54:50 +02:00
Prem Sichanugrist
8cb8ce98d9 Stop using deprecated render :text in test 
This will silence deprecation warnings.

Most of the test can be changed from `render :text` to render `:plain`
or `render :body` right away. However, there are some tests that needed
to be fixed by hand as they actually assert the default Content-Type
returned from `render :body`.
 2015-07-17 22:27:33 -04:00
Guo Xiang Tan
ca83436d1b Remove assigns and assert_template. 2015-05-30 14:13:57 +08:00
Lauro Caetano
b1b9a0aeca Typos. return -> returns. [ci skip] 2013-12-03 13:31:36 -02:00
Trevor Turk
2edf657a64 Remove comments about removing LegacyKeyGenerator in 4.1 2013-04-03 08:28:37 -05:00
Trevor Turk
7c7a427344 Rename DummyKeyGenerator -> LegacyKeyGenerator 2013-04-02 18:41:57 -05:00
Brad Dunbar
95332abe09 Digest auth should not 500 when given a basic header. 2013-03-18 14:50:47 -04:00
Francesco Rodriguez
a53a7bea80 update documentation and code to use _action callbacks 2012-12-07 14:46:06 -05:00
Santiago Pastorino
c2a7956eb7 Move ensure_secret_secure to DummyKeyGenerator 2012-11-03 14:57:54 -02:00
Santiago Pastorino
5d23925f84 Use derived keys everywhere, http_authentication was missing it 2012-11-03 14:57:54 -02:00
Arthur Smith
b3e2abc4b1 Fix for digest authentication bug - issue #2301 in rails/rails 2012-08-02 15:24:08 -04:00
kennyj
131083b819 Should use an argument in http_digest_authentication_test.rb 2012-03-17 20:23:28 +09:00
Piotr Sarnacki
3131a93797 Fix http digest authentication with trailing '/' or '?' (fixes #4038 and #3228) 2011-12-21 00:02:58 +01:00
Jarrod Carlson
53c1ae99f5 Added failing test to demonstrate digest authentication failure 2011-12-20 18:03:49 +01:00
José Valim
6690d66292 Rename config.cookie_secret to config.secret_token and pass it as configuration in request.env. This is another step forward removing global configuration. 2010-04-05 12:00:24 +02:00
Carlhuda
e311622e7b Deprecated ActionController::Base.session_options= and ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings. 2010-03-04 16:05:52 -08:00
Carlhuda
5e0a05b8cb Tweak the semantic of various URL related methods of ActionDispatch::Request 2010-03-03 21:23:34 -08:00
Carlhuda
bf9913f8f4 Move session_store and session_options to the AC configuration object 2010-03-03 15:49:52 -08:00
José Valim
32bde66aa6 Make http digest work with different server/browser combinations 
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
 2009-08-09 15:53:52 +01:00
nate
f68cc639f5 A test to show that http_authentication needs to fail authentication if the password procedure returns nil. Also includes a fix to validate_digest_response to fail validation if the password procedure returns nil. 
Signed-off-by: Michael Koziarski <michael@koziarski.com>
 2009-06-09 19:47:53 +12:00
Pratik Naik
1a52b246eb Add HTTP Authentication to the new base 2009-05-22 00:29:47 +02:00
Pratik Naik
195fadbfd3 Ensure HTTP Digest auth uses appropriate HTTP method [#2490 state:resolved] [Steve Madsen] 2009-05-18 16:59:37 +02:00
Joshua Peek
0494909679 Inherit TestSession from Session::AbstractStore and add indifferent access to Session::AbstractStore. 2009-04-26 14:33:57 -05:00
Donald Parish
be7b64b35a Support MD5 passwords for Digest auth and use session_options[:secret] in nonce [#2209 state:resolved] 
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
 2009-03-12 13:24:54 +00:00
Donald Parish
86d8f92282 Fixed http digest authentication to use credentials URI passed from client. [#1848 state:resolved] 
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
 2009-02-16 20:20:23 +01:00
Gregg Kellogg
306cc2b920 Implement HTTP Digest authentication. [#1230 state:resolved] [Gregg Kellogg, Pratik Naik] 
Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
 2009-01-29 16:01:59 +00:00
Pratik Naik
c99ef814b0 Revert "HTTP Digest authentication [#1230 state:resolved]" 
This reverts commit 45dee3842d68359a189fe7c0729359bd5a905ea4.

Reasons :

1. The code is not working in it's current state
2. Should not be using exceptions for flow control
 2009-01-13 16:13:42 +00:00
Joshua Peek
45dee3842d HTTP Digest authentication [#1230 state:resolved] 2008-12-28 15:13:16 -06:00