Rails 2.3.5

Upgrade to Rails 2.3.5. Also work around this bug: https://rails.lighthouseapp.com/projects/8994/tickets/3524 created by the aforementioned Rails release.
2009-11-30 19:38:34 -06:00 · 2009-11-30 19:38:34 -06:00 · e3832c6f79
commit e3832c6f79
parent a6429f8c22
187 changed files with 2316 additions and 891 deletions
--- a/vendor/rails/actionpack/lib/action_controller/http_authentication.rb
+++ b/vendor/rails/actionpack/lib/action_controller/http_authentication.rb
@ -227,9 +227,9 @@ module ActionController
      end

      def decode_credentials(header)
-        header.to_s.gsub(/^Digest\s+/,'').split(',').inject({}) do |hash, pair|
+        header.to_s.gsub(/^Digest\s+/,'').split(',').inject({}.with_indifferent_access) do |hash, pair|
          key, value = pair.split('=', 2)
-          hash[key.strip.to_sym] = value.to_s.gsub(/^"|"$/,'').gsub(/'/, '')
+          hash[key.strip] = value.to_s.gsub(/^"|"$/,'').gsub(/'/, '')
          hash
        end
      end
@ -289,6 +289,7 @@ module ActionController
      # allow a user to use new nonce without prompting user again for their
      # username and password.
      def validate_nonce(request, value, seconds_to_timeout=5*60)
+        return false if value.nil?
        t = Base64.decode64(value).split(":").first.to_i
        nonce(t) == value && (t - Time.now.to_i).abs <= seconds_to_timeout
      end