haskell/yesod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,742 Commits 42 Branches 853 Tags 10 MiB
documentRunDB
Commit Graph

120 Commits

Author SHA1 Message Date
Maximilian Tagher
c8974d81f9 Add functions to get and set values in the per-request caches 
Closes #1572
 2019-01-21 10:47:27 -08:00
Steven Leiva
2a9bef34c0 Add sendResponseNoContent. 2018-11-30 14:27:21 -06:00
Steven Leiva
266c436f18 selectRep chooses first rep if no matches found. 
The `selectRep` documentation indicates that it choose the first
representation provided if no representation matches.

This was only partially correct, as `selectRep` required that no
representation matched **and** that the `Content-Type` header of the
response was empty.

This led to a problem because `defaultErrorhandler` relies on
`selectRep`, and when `selectRep` was unable to find a suitable
representation, it would "swallow" the original error that resulted in
`defaultErrorhandler` being called, and set a status 406 for all cases.
 2018-07-19 21:32:02 -05:00
Michael Snoyman
182abd89bf
Drop some deps 2018-07-03 19:01:58 +03:00
Michael Snoyman
867e7c32dc
Clean up some CPP 2018-07-03 18:57:23 +03:00
ncaq
a8df3c48c2 modified: use sinkLazy and toStrict 
Because performance problem.
 2018-05-01 17:15:13 +09:00
ncaq
e664ae2e0e changed: use foldC 2018-04-24 12:55:55 +09:00
ncaq
74ce4c57ff Merge branch 'master' into add-file-source-bytes 2018-04-24 12:36:36 +09:00
ncaq
33b5171b75 modified: fileSourceByteString: use sinkLazy 2018-04-17 18:54:18 +09:00
ncaq
a59ee6b62e added: ChangeLog 1.6.4 2018-04-17 18:47:54 +09:00
ncaq
eb220c936a added: addContentDispositionFileName: document comment 
I wrote battle of multibyte from code review.
 2018-04-17 18:44:19 +09:00
ncaq
1e89f4d4c3 cleaned: fileSourceByteString: document comment 
from code review.
 2018-04-17 18:01:36 +09:00
ncaq
11159f3a75 cleaned: use runConduit and .| instead of connect 
from code review.
 2018-04-17 17:58:49 +09:00
ncaq
712e8bb475 added: addContentDispositionFileName 2018-04-17 14:33:38 +09:00
ncaq
7e2ca33ed5 added: fileSourceByteString 
This function is to get `FileInfo` raw body.
 2018-04-17 13:58:15 +09:00
Michael Snoyman
778cf2cf0b
Add missing SubHandlerFor export 2018-04-04 12:11:27 +03:00
Michael Snoyman
fa8e1ac00f
Switch to SubHandlerFor 
This is much more consistent than suddenly using a ReaderT for subsites.
Thanks to @jprider63 for the inspiration for this, I think it cleans
things up a lot!
 2018-01-24 13:01:26 +02:00
Michael Snoyman
0f09393c34
Merge branch 'simple-content-type' of https://github.com/JaSpa/yesod into better-monads 2018-01-21 11:13:05 +02:00
Michael Snoyman
6830a9840c
Merge branch 'better-monads' into no-transformers 2018-01-17 06:43:52 +02:00
Michael Snoyman
ad35ef9431
Deal with another sneaky exception 2018-01-16 16:10:23 +02:00
Michael Snoyman
915d9e2fa6
Finish switching header key to a CI 
Fixes #1418
 2018-01-15 16:47:49 +02:00
Michael Snoyman
1a1cb8a45f
Drop mwc-random 2018-01-15 10:18:16 +02:00
Michael Snoyman
fbccfe2306
Merge branch 'better-monads' into no-transformers 2018-01-11 22:49:02 +02:00
Michael Snoyman
103c098cf8
Catch up with Data.Conduit.Combinators 2018-01-10 12:16:31 -08:00
Michael Snoyman
a16e75249a
More moving over to unliftio 2017-12-31 09:20:02 +02:00
Maximilian Tagher
5cdc0a39ac Document whitelisting certain routes to not need CSRF protection 
This question came up on the #yesod Slack channel and I think it's moderately common; I've seen it elsewhere.
 2017-12-29 23:44:08 -05:00
Michael Snoyman
47ee7384ea
Be gone with ye HandlerT! 2017-12-13 09:53:14 +02:00
Michael Snoyman
c5ac821115
Remove some conditionals for old versions 2017-12-12 12:08:06 +02:00
Maximilian Tagher
1275cce1af Give better error messages when CSRF validation fails 
* This is important because historically these errors have tripped people up
* Making security as easy as possible is important so that it doesn't just get turned off
* Giving clear directions about where to get the CSRF token (a cookie) and where to send it (a header/param) is especially helpful to frontend developers not necessarily familiar with the backend codebase
 2017-11-26 09:00:30 -05:00
Josh Berman
79ab662a80 Fix docs on languages set and getMessageRender to use it (#1325) 2017-11-26 11:52:37 +02:00
Ian Duncan
05b2193e9f
Code review fixes for #1444 2017-09-08 09:00:12 +09:00
Ian Duncan
fd872cff40
Add support to yesod-core for weak etags 2017-09-06 10:08:45 +09:00
Sibi Prabakaran
617591aa4e
Do case insensitive equality on header name 2017-07-14 13:44:21 +05:30
Sibi Prabakaran
89fc6c46e2
Fix ordering logic in replaceHeader function 2017-07-13 16:29:08 +05:30
Sibi Prabakaran
18951b0de7
Update the replace logic to obey proper ordering 2017-07-13 12:42:30 +05:30
Sibi Prabakaran
8416bb6569
Add Haddock documentation for the added function 2017-07-13 11:27:03 +05:30
Sibi Prabakaran
3cec499c85
ScopedTypeVariables is also needed 2017-07-13 11:17:03 +05:30
Sibi Prabakaran
839b56b032
Implement replaceOrAddHeader function 2017-07-13 11:10:54 +05:30
Sibi Prabakaran
470858f81c
Better Haddock rendering. Since -> @since 2017-02-17 00:21:31 +05:30
Sibi Prabakaran
797278243e
Add and export getPostParams function 2017-02-17 00:18:17 +05:30
Michael Snoyman
aefd074efa Cleanup GHC 8 redundant constraints 2017-02-05 13:35:12 +02:00
Michael Snoyman
bbca01ce71 languages reflects setLanguage 2016-11-04 11:10:26 +02:00
Cthulhu
fbaf502858 cached and cachedBy will not overwrite global state changes 2016-08-28 19:02:11 +03:00
Alexander Lippling
8822fa37a8 Added support for aeson's toEncoding function (>= 0.11) to sendStatusJSON 2016-08-28 01:06:23 +02:00
Maximilian Tagher
e6287362ad Default CSRF tokens to the root path "/" 
* The default path of cookies is the current path making the request
  * e.g. an AJAX request made from http://example.com/foo/bar would be /foo
  * This causes multiple CSRF tokens to build up as you navigate a site
  * This will cause errors if the CSRF tokens have different values, and an invalid token is sent.
* Closes #1247
 2016-08-16 07:25:41 -07:00
Chris Allen
5e4cefc9ad path, not value 2016-07-08 14:25:47 -05:00
Chris Allen
4a0caeb05c deleting cookie before adding to avoid duplicates for a test 2016-07-08 13:38:39 -05:00
Mikkel Christiansen
50c4138a5c Take hlint suggestions. 2016-06-28 08:28:23 +02:00
Mikkel Christiansen
cc134b93de Remove compiler warnings for unused var and unused imports. 2016-06-27 19:47:55 +02:00
Maximilian Tagher
5a5cfd6c7a Bump version for CSRF logging changes, and improve error message. 2016-03-28 23:36:31 -07:00