team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,299 Commits 1 Branch 0 Tags
92921b5ee9fe9b04cd9a9eeaa7898d63e61ef0d5
Commit Graph

19 Commits

Author SHA1 Message Date
Joseph Mastey 0ac072e7e8 update fullcalendar js library, plus styles etc 2017-10-23 21:10:22 -05:00
Joseph Mastey f5a8e0c6a8 upgrade jQuery dataTable library, with minified version 2017-10-23 20:53:55 -05:00
Al Snow 8ddcd96917 Fixed PTO error page 2016-01-07 13:36:36 -05:00
Al Snow edf9a6d560 Upgraded ruby to 2.2.4 and gems: sprockets-rails and bundler 2015-12-18 10:51:26 -05:00
cktricky 5c62c1b021 the setting was incorrect and did not match what we show in the tutorial 2015-08-18 12:27:20 -04:00
Al Snow 80e1ede02b Added Fred's Strong Parameter work 2014-12-28 17:20:39 -05:00
Fred Nixon ea8e9901f4 On branch strong-params 
Your branch is behind 'origin/strong-params' by 1 commit, and can be fast-forwarded.

I'll pull to catch up after this commit
Change code to whitelist params
Remove attr_accessible lines
Add strong_params to Gemfile, since this branch is still on Rails 3
Mixin to ActiveRecord::Base ActiveModel::ForbiddenAttributesProtection
Use an initializer for the mixin
 2014-12-05 15:04:01 -05:00
Al Snow 1ea0c2ddbb More Rails 4.0 upgrade changes 
1. Compared existing branch with empty Rails 4.0 project and
    made changes as needed.
 2. Fix find/first warning.
 3. Fix sqlite timeout issue.
    -- config/database.yml
    -- spec/vulnerabilities/insecure_dor_spec.rb
 2014-09-13 13:44:07 -04:00
Al Snow 23513cf8d2 Initial Rails 4.0.x upgrade 2014-09-07 13:00:54 -04:00
cktricky 2a12765933 slight change to make our cookie even more insecure 2014-06-27 12:05:50 -04:00
cktricky 0a647cbbe6 this appears to fix the issue of our test cases breaking. I had specified that if the rails env was a dev env, the key would be a certain value. Instead, it has been changed to any env other than prod 2014-03-14 16:53:44 -04:00
cktricky 7823eadf3c first round of tests look okay, now we can re-use this function :-) 2014-03-14 16:32:44 -04:00
cktricky 95eb5a56fd added vulnerable auth check for the API 2014-03-12 15:40:12 -04:00
cktricky efcb7b8c4b working on encryption 2013-11-13 18:24:26 -05:00
Mike McCabe e077ad6815 fixing escaping entities 2013-11-12 19:20:42 -05:00
Mike McCabe fe9d8b266f adding security misconfig text 2013-11-12 18:55:14 -05:00
Ken Johnson 0319cc4768 added a few things here. Firstly, I fixed the broken delete function with the admin page. Secondly, whenever you register for this application, we will automatically populate your user data to make the application functional. Seemed like the easiest way to do this 2013-06-01 00:19:07 -04:00
Ken Johnson 5a992c3c1f made some changes to the application controller, added a user controller, and am now about to start working on the login piece 2013-04-24 18:09:43 -04:00
Ken Johnson dafe2a5f4a first commit 2013-03-19 17:27:18 -04:00