Log in

Home » Oreps » Ruby on Rails » All Releases » v5.2.6 Release

rails/rails

Ruby on Rails

1

Commit Activity

Directory Browser

Velocity History

Basic Details Issues Addressed Top Contributors Directory Browser Release Notes

Ruby on Rails v5.2.6

Ruby on Rails: v5.2.6 Release

Release date:

May 5, 2021

Previous version:

v5.2.5 (released May 5, 2021)

Magnitude:

523 Diff Delta

Contributors:

4 total committers

Data confidence:

Commits:

10

4 Features Released with v5.2.6

Browse Other Releases

Latest Pending Unreleased 😎

v5.2.7 Released March 10, 2022

v5.2.6.3 Released March 8, 2022

v5.2.6.2 Released February 14, 2022

v5.2.6.1 Released February 11, 2022

v5.2.6 Released May 5, 2021

v5.2.5 Released May 5, 2021

v5.2.4.6 Released May 5, 2021

v5.2.4.5 Released February 10, 2021

v5.2.4.4 Released September 9, 2020

v5.2.4.3 Released May 18, 2020

Top Contributors in v5.2.6

kamipo

gmcgibbon

tenderlove

rafaelfranca

Directory Browser for v5.2.6

We haven't yet finished calculating and confirming the files and directories changed in this release. Please check back soon.

Release Notes Published

Active Support

No changes.

Active Model

No changes.

Active Record

No changes.

Action View

No changes.

Action Pack

Accept base64_urlsafe CSRF tokens to make forward compatible.

Base64 strict-encoded CSRF tokens are not inherently websafe, which makes them difficult to deal with. For example, the common practice of sending the CSRF token to a browser in a client-readable cookie does not work properly out of the box: the value has to be url-encoded and decoded to survive transport.

In this version, we generate Base64 urlsafe-encoded CSRF tokens, which are inherently safe to transport. Validation accepts both urlsafe tokens, and strict-encoded tokens for backwards compatibility.

How the tokes are encoded is controllr by the action_controller.urlsafe_csrf_tokens config.

In Rails 5.2.5, the CSRF token format was accidentally changed to urlsafe-encoded.

Atention: If you already upgraded your application to 5.2.5, set the config urlsafe_csrf_tokens to true, otherwise your form submission will start to fail during the deploy of this new version.
```
Rails.application.config.action_controller.urlsafe_csrf_tokens = true
```
If you are upgrading from 5.2.4.x, you don't need to change this configuration.

Scott Blum, Étienne Barrié

Active Job

No changes.

Action Mailer

No changes.

Action Cable

No changes.

Active Storage

No changes.

Railties

No changes.

GitClear uses cookies to ensure you get the best experience on our website. Learn more