NZKoz / xss_bareback

A Plugin that lets you shoot yourself in the foot

This URL has Read+Write access

Initial Commit
NZKoz (author)
Wed Oct 14 21:52:06 -0700 2009
commit  3276ca0daa2ea3c5a3920c856813cee464044538
tree    c545801eb5c0252efdf395b5fb30dcffb098c7ae
name age
history
message
file MIT-LICENSE Wed Oct 14 21:52:06 -0700 2009 Initial Commit [NZKoz]
file README.markdown Wed Oct 14 21:52:06 -0700 2009 Initial Commit [NZKoz]
file init.rb Wed Oct 14 21:52:06 -0700 2009 Initial Commit [NZKoz]
file install.rb Wed Oct 14 21:52:06 -0700 2009 Initial Commit [NZKoz]
directory lib/ Wed Oct 14 21:52:06 -0700 2009 Initial Commit [NZKoz]
README.markdown

XSS Bareback

This plugin disables the escape-by-default behaviour for applications using Rails 3.0 or later.

There is almost no good reason for you to be using this plugin, it's provided for educational purposes only. You should view the XSS protection in 3.0 as the web equivalent of ASLR, turning it off is basically never worth the risk it implies.

If you still want to do this, you have been warned.

Copyright (c) 2009 Koziarski Software Ltd, released under the MIT license