Changeset: Changeset [099a98e9b7108dae3e0f78b207e0a7dc5913bd1a] by Michael Koziarski - Ruby on Rails - rails

List changesets

This project is archived and is in readonly mode.

Changeset [099a98e9b7108dae3e0f78b207e0a7dc5913bd1a] by Michael Koziarski

November 18th, 2008 @ 05:53 PM

Verify form submissions for text/plain posts too.

Some browsers can POST requests with text/plain encoding, allowing attackers to potentially subvert the request forgery prevention.

http://pseudo-flaw.net/content/w... http://github.com/rails/rails/co...

Committed by Michael Koziarski

M actionpack/lib/action_controller/mime_type.rb

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>

Shared Ticket Bins (Sort)

↓↑ drag 455 Open Bugs
↓↑ drag 0 Recent Open Tickets
↓↑ drag 87 Open Patches
↓↑ drag 0 Open Doc Patches
↓↑ drag 542 Stale Tickets
↓↑ drag 3 Verified Patches
↓↑ drag 87 Stale Patches
↓↑ drag 0 Yesterday's Tickets
↓↑ drag 0 Two Days Ago
↓↑ drag 0 This Week
↓↑ drag 0 Last Week
↓↑ drag 7 Bugmash
↓↑ drag 0 Bugmash review queue
↓↑ drag 5 Rails 3 High Priority Tickets