nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/config/initializers
History
Raphael 229e202a72 Take httponly off of session cookies so that the websocket works in firefox 3.x. XSS attacks would now be easier to exploit if found. A possible replacement for opening this security hole is to set a new cookie value for Firefox users that stores a randomly generated key which would give a websocket with that key access.
2010-11-04 15:17:28 -07:00
..
_load_app_config.rb Rails.env is a string, not a symbol 2010-10-28 21:28:20 -07:00
_load_services.rb Fix for build breakage 2010-10-25 21:38:53 -07:00
_mongo.rb removed the http inspect 2010-10-26 19:19:34 -07:00
backtrace_silencers.rb Add or later to license notice 2010-10-07 16:25:34 -07:00
carrierwave.rb Add or later to license notice 2010-10-07 16:25:34 -07:00
check_session_secret.rb added a generate:secret_token task, and added an initializer to generate one if the file does not exist 2010-09-27 15:29:55 -07:00
devise.rb Merge branch 'master' of github.com:diaspora/diaspora into invites 2010-10-07 19:25:42 -07:00
git_info.rb Fallback to static version data if git unavailable. 2010-10-10 16:38:01 +02:00
inflections.rb Add or later to license notice 2010-10-07 16:25:34 -07:00
locale.rb Fix some bugs for I18n fallbacks 2010-10-31 22:39:54 +01:00
logging.rb Add or later to license notice 2010-10-07 16:25:34 -07:00
mailer_config.rb MS IZ the mailer will not be setup unless turned on in the APP_CONFIG 2010-10-26 17:46:19 -07:00
mime_types.rb Add or later to license notice 2010-10-07 16:25:34 -07:00
omniauth.rb DG beginning to collapse twitter&facebook 2010-10-25 17:41:58 -07:00
rspec_generator.rb Add or later to license notice 2010-10-07 16:25:34 -07:00
session_store.rb Take httponly off of session cookies so that the websocket works in firefox 3.x. XSS attacks would now be easier to exploit if found. A possible replacement for opening this security hole is to set a new cookie value for Firefox users that stores a randomly generated key which would give a websocket with that key access. 2010-11-04 15:17:28 -07:00
setup_mail.rb commented out the email interceptor 2010-10-22 10:37:04 -07:00