archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-09-15 16:44:01 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
ruby/lib/webrick
History
Exact
usa bbda1a0274 merge revision(s) 62968: 
webrick: prevent response splitting and header injection

	Original patch by tenderlove (with minor style adjustments).

	* lib/webrick/httpresponse.rb (send_header): call check_header
	  (check_header): raise on embedded CRLF in header value
	* test/webrick/test_httpresponse.rb
	  (test_prevent_response_splitting_headers): new test
	* (test_prevent_response_splitting_cookie_headers): ditto

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@63022 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-03-28 14:50:27 +00:00
..
httpauth merge revision(s) 62960-62965: 2018-03-28 14:47:30 +00:00
httpservlet merge revision(s) 62960-62965: 2018-03-28 14:47:30 +00:00
accesslog.rb * ext/win32ole/sample/olegen.rb: Fix typo 2013-12-11 03:58:07 +00:00
cgi.rb * lib/webrick/accesslog.rb: Improved WEBrick documentation. 2013-01-26 01:12:54 +00:00
compat.rb * lib/webrick/compat.rb, lib/xmlrpc/datetime.rb: [DOC] fix typo by @vipulnsward [fix GH-464] 2013-12-06 02:10:11 +00:00
config.rb * lib/webrick/accesslog.rb: Improved WEBrick documentation. 2013-01-26 01:12:54 +00:00
cookie.rb * remove trailing spaces. 2013-01-26 02:31:43 +00:00
htmlutils.rb webrick: fix non-ascii escape bugs 2013-05-20 01:40:30 +00:00
httpauth.rb * lib/webrick: Add documentation for WEBrick::HTTPAuth 2011-05-10 23:37:43 +00:00
httpproxy.rb * lib/webrick/httpproxy.rb: remove needless condition 2014-08-08 05:34:48 +00:00
httprequest.rb merge revision(s) 62960-62965: 2018-03-28 14:47:30 +00:00
httpresponse.rb merge revision(s) 62968: 2018-03-28 14:50:27 +00:00
https.rb * lib/webrick/accesslog.rb: Improved WEBrick documentation. 2013-01-26 01:12:54 +00:00
httpserver.rb webrick/httpserver.rb: Stop handling requests on shutdown 2014-05-08 01:17:07 +00:00
httpservlet.rb * lib/webrick: imported. 2003-07-23 16:51:36 +00:00
httpstatus.rb merge revision(s) 59897: 2017-09-14 11:37:47 +00:00
httputils.rb webrick: fix non-ascii escape bugs 2013-05-20 01:40:30 +00:00
httpversion.rb * lib/webrick/accesslog.rb: Improved WEBrick documentation. 2013-01-26 01:12:54 +00:00
log.rb merge revision(s) 59897: 2017-09-14 11:37:47 +00:00
server.rb * lib/webrick/server.rb: Setup shutdown pipe in listen method. 2014-11-10 11:05:00 +00:00
ssl.rb * lib/webrick/server.rb: Setup shutdown pipe in listen method. 2014-11-10 11:05:00 +00:00
utils.rb webrick/utils.rb: mark by class name 2014-07-02 06:26:02 +00:00
version.rb * lib/webrick/accesslog.rb: Improved WEBrick documentation. 2013-01-26 01:12:54 +00:00