Changeset: Changeset [ba80ff74a9627f676b4c426587ce5ea487665e46] by Michael Koziarski - Ruby on Rails

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

This project is archived and is in readonly mode.

Changeset [ba80ff74a9627f676b4c426587ce5ea487665e46] by Michael Koziarski

October 19th, 2008 @ 02:24 PM

Sanitize the URLs passed to redirect_to to prevent a potential response splitting attack.

CGI.rb and mongrel don't do any sanitization of the contents of HTTP headers, so care needs to be taken. http://github.com/rails/rails/co...

Committed by Michael Koziarski

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>