RubygemsResearch

Sha256: 6aef081c4287d4a30d820ed80f8f6a5069d7159d4e6af1003854ed73f5d65810

Contents?: true

Size: 1.9 KB

Versions: 1

Compression:

Stored size: 1.9 KB

* 2012-jun-25 - Rails 3 and generic Rack compatibility; much simplified

  - LimitedSessions has been broken up into two parts:
    - Rack-compatible middleware that handles session time limits. This
      *should* work for all session stores. Just requires Rack, not 
      necessarily Rails.
    - Rails 3 specific enhancement to the ActiveRecord Session Store
      that also cleans up stale session records.
  - Rails 3.2 (maybe 3.0 and 3.1; untested) compatibility. No longer
    compatible with Rails 2--use previous versions.
  - All IP matching and restrictions have been removed. In short, dual-
    stack environments (IPv4+IPv6) have a tendency to bounce between v4
    and v6 at times. This causes sessions to be aborted regularly.

* 2010-jul-20 - IPv6, replay attack mitigation, more non-AR support

  - IPv6 now works for subnet matching.
  - New options to configure the allowed subnet size (both IPv4 and 
    IPv6) added.
  - Plugin now enhances reset_session to clear old session data from
    the DB; this prevents session_id replay attacks when using 
    DB-backed session storage.
  - Session activity and hard limits now work with non-ActiveRecord
    session stores. Configuration is done differently depending on 
    which session store is in use.

* 2009-apr-22 - update to support rails 2.3

  - Rails 2.3 changed the internal session code substantially. This new
    version now supports rails 2.3. Note that is no longer supports any
    version of rails prior to 2.3 -- see the README for where to find
    an older version of this plugin for rails 2.2 and earlier. 
  - CONFIGURATION OPTIONS HAVE CHANGED. This is required by the new
    support for rails 2.3. See the README for more information.

* 2008-jul-23 - update to improve rails 2.1 compatibility 
  
  - disable partial-updates for the session table
    (thanks to eilonon erkki for bringing the problem to my attention)
  
* 2007-sep-06 - initial release

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
limited_sessions-3.0.0	CHANGELOG