Commit graph

512 commits

Author SHA1 Message Date
Mike Perham
e407d0195c Implement CSRF protection
This adds a middleware which, when activated, will deny any form submission which does not include a valid `authenticity_token` parameter or `http-x-csrf-token` header with the request.

The header and parameter names are identical to the ones supported by Ruby's rack-protection gem for interoperability purposes.
2016-06-28 15:50:43 -07:00
Serdar Dogruyol
7e49237468 Merge pull request #170 from mperham/master
Implement basic in-memory session store
2016-06-28 16:55:02 +03:00
Mike Perham
46b4dc6524 Add Session#delete, more docs 2016-06-27 16:24:03 -07:00
Mike Perham
94db0c8cb8 Implement basic in-memory session store
Sessions are stored in a non-persistent Hash.  Only String values are allowed.  A reaper fiber regularly removes any sessions which expire due to inactivity.
2016-06-27 14:37:40 -07:00
Sdogruyol
0c46bd65da Add X-Powered-By header 2016-06-19 03:22:55 +03:00
Serdar Dogruyol
56067b6280 Merge pull request #165 from MGerrior/add_headers_helper_method
Add headers helper method
2016-06-16 17:35:38 +03:00
Matthew Gerrior
fbbb43dcab Add "headers" helper to make it easier to add headers to response. 2016-06-16 10:33:38 -04:00
sdogruyol
c492ede5d3 Add LICENSE 2016-06-15 09:09:48 +03:00
sdogruyol
f92d812c32 Format 2016-06-15 08:58:14 +03:00
Serdar Dogruyol
e9665c124b Merge pull request #162 from omarroth/fix-0.18
Fix SSL and specs for 0.18
2016-06-15 08:54:32 +03:00
Omar Roth
ac4a5afc05 Fix ssl and specs for 0.18 2016-06-14 16:18:00 -05:00
Serdar Dogruyol
74044d62e9 Merge pull request #161 from MGerrior/allow_multiple_values_for_params
Allow multiple values for a single parameter key.
2016-06-14 19:08:46 +03:00
Matthew Gerrior
d1f9c4394b Opt for built-in HTTP::Params class instead. 2016-06-14 07:32:13 -04:00
Matthew Gerrior
a5e4bc21f3 Allow multiple values for a single parameter key. 2016-06-11 16:52:07 -04:00
sdogruyol
c9b206d1d6 Remove unnecessary type annotations 2016-05-22 23:34:37 +03:00
sdogruyol
b3ebf40201 Cache request url_params 2016-05-21 15:03:34 +03:00
Serdar Dogruyol
e7ebb7f45d Merge pull request #147 from sdogruyol/error-404-customize
Allow 404 error handler to be customizable
2016-05-15 15:03:55 +03:00
Sdogruyol
67abb5fff3 Allow 404 error handler to be customizable 2016-05-15 14:58:09 +03:00
Sdogruyol
92d7273759 Inherit response.content type from filter if it's given. Fixes #146. 2016-05-14 11:07:19 +03:00
Sdogruyol
c2edc89992 Bump version to 0.12.0 2016-05-08 20:45:40 +03:00
Ben Jolitz
b73802df0e resolve merge conflict by trusting sdogruyol/master RE property listings 2016-05-07 17:22:08 -07:00
Ben Jolitz
108e732274 rename on_options -> extra_options 2016-05-07 17:18:42 -07:00
Sdogruyol
53df88b9fb Update filters to dont care about block return type 2016-05-06 21:03:24 +03:00
sdogruyol
3b402586f8 Make error handlers also work for filters 2016-05-06 14:08:34 +03:00
Serdar Dogruyol
ceb962df6b Merge pull request #144 from sdogruyol/error-handler
Custom Error handlers
2016-05-06 13:09:39 +03:00
sdogruyol
09439dd437 Remove unnecessary views 2016-05-05 23:54:25 +03:00
sdogruyol
12ec74e923 Add instance types for Crystal 0.16.0 2016-05-05 23:35:53 +03:00
sdogruyol
76b5add665 Don't write to context in case of an exception 2016-05-05 23:22:58 +03:00
sdogruyol
6611b976a9 Improve exception handler 2016-05-05 23:12:17 +03:00
sdogruyol
e6d9311895 Start implementing error block 2016-05-05 22:35:36 +03:00
sdogruyol
35239dfaa0 Improve config semantics 2016-05-03 21:11:35 +03:00
Sdogruyol
e077d17943 Remove colorize from common exception handler 2016-04-18 22:17:55 +03:00
Sdogruyol
456724f8e4 Remove colorize from common log handler 2016-04-18 22:16:41 +03:00
Sdogruyol
18efc4601f Add more documentation 2016-04-18 21:40:48 +03:00
Sdogruyol
a8ecbde222 Merge branch 'instance-vars' 2016-04-17 00:04:53 +03:00
Sdogruyol
9c6d6f5326 Update to Radix 0.3.0 2016-04-16 23:55:26 +03:00
sdogruyol
2b9152ff79 Update instance types 2016-04-13 11:00:02 +03:00
sdogruyol
40ab34c63d All specs passing 2016-04-12 20:00:37 +03:00
sdogruyol
0a162a602b Update to use sdogruyol/radix 2016-04-12 17:56:30 +03:00
sdogruyol
b4bc818490 Update handler 2016-04-12 17:35:29 +03:00
sdogruyol
c47c9488fe Return string from context 2016-04-12 17:15:43 +03:00
sdogruyol
05e44e68c6 Updating to instance types 2016-04-12 14:41:09 +03:00
Serdar Dogruyol
3b4440d358 Merge pull request #140 from jeromegn/patch-1
Only set @logger when not previously set
2016-04-11 20:32:24 +03:00
Jerome Gravel-Niquet
e407f52897 Only set @logger when not previously set
This came in contradiction with the docs.
2016-04-11 10:54:59 -04:00
Sdogruyol
65d0af5b5f Update config to use uninitialized server 2016-04-09 17:33:17 +03:00
Sdogruyol
b32099e13b Move server from local scope to config 2016-04-09 17:20:39 +03:00
Sdogruyol
0eb7638b1b Remove redundant at_exit hook 2016-04-09 17:17:11 +03:00
Serdar Dogruyol
de98236fc4 Merge pull request #136 from f/master
Added return_with macro to break response blocks.
2016-04-03 19:14:28 +03:00
Ben Jolitz
1f809c68c8 Support additional options as part of the Config
This commit adds the ability to add a closure suitable for adding
additional options. It is expected to allow someone to set global,
module or class level variables so they can pass changes/options
suitable for making decisions.
2016-03-30 13:33:51 -07:00
Fatih Kadir Akın
8110788a41 Added return_with macro to break response in the middle of the block. 2016-03-30 00:48:58 +03:00