TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
e0dbf155ed
rails/actionpack/test
History
Matthew Caruana Galizia 683b9627b3
Respect log_warning_on_csrf_failure setting for all CSRF failures 
CSRF verification for non-XHR GET requests (cross-origin `<script>`
tags) didn't check this flag before logging failures.

Setting `config.action_controller.log_warning_on_csrf_failure = false`
now disables logging for these CSRF failures as well.

Closes #25086.

Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
2016-05-23 10:21:30 -07:00
..
abstract Revert "ActionController::Base#process() now only takes an action name" 2015-10-29 16:18:27 -07:00
assertions Support for unified Integer class in Ruby 2.4+ 2016-05-18 21:58:51 -07:00
controller Respect log_warning_on_csrf_failure setting for all CSRF failures 2016-05-23 10:21:30 -07:00
dispatch Document and test ActionDispatch server_port 2016-05-12 18:46:16 +01:00
fixtures Properly verify that cache accepts and user expires value. 2016-04-17 23:12:04 +05:30
journey Deprecate :controller and :action path parameters 2016-03-01 08:48:53 +00:00
lib/controller Removing unused fake models 2014-09-07 22:51:14 -03:00
routing Remove deprecate *_path helpers in email views 2015-01-04 11:58:42 -03:00
tmp Use safe tmp dir 2009-08-13 21:03:25 -05:00
abstract_unit.rb Merge pull request #23932 from arthurnn/arthurnn/remove_load_paths 2016-03-01 16:10:09 -05:00