Commit 8c197fb4ab4fa432a6e9421e0339a17a7ec296f1 to rails's rails

8c197fb4ab4fa432a6e9421e0339a17a7ec296f1
all branches
- 1-2-stable
- 2-0-stable
- 2-1-stable
- 2-2-stable
- 2-3-stable
- 3-0-unstable
- HEAD
- master
all tags
- v0.9.1
- v0.9.2
- v0.9.3
- v0.9.4
- v0.9.4.1
- v0.9.5
- v0.10.0
- v0.10.1
- v0.11.0
- v0.11.1
- v0.12.0
- v0.13.0
- v0.13.1
- v0.14.1
- v0.14.2
- v0.14.3
- v0.14.4
- v1.0.0
- v1.1.0
- v1.1.0_RC1
- v1.1.1
- v1.1.2
- v1.1.3
- v1.1.4
- v1.1.5
- v1.1.6
- v1.2.0
- v1.2.0_RC1
- v1.2.0_RC2
- v1.2.1
- v1.2.2
- v1.2.3
- v1.2.4
- v1.2.5
- v1.2.6
- v2.0.0
- v2.0.0_PR
- v2.0.0_RC1
- v2.0.0_RC2
- v2.0.1
- v2.0.2
- v2.0.3
- v2.0.4
- v2.0.5
- v2.1.0
- v2.1.0_RC1
- v2.1.1
- v2.1.2
- v2.2.0
- v2.2.1
- v2.2.2
- v2.3.0
- v2.3.1
- v2.3.2
- v2.3.2.1
comments

rails / rails

668

3817

Description:	Ruby on Rails edit
Homepage:	http://rubyonrails.org edit
Public Clone URL:	git://github.com/rails/rails.git Give this clone URL to anyone. `git clone git://github.com/rails/rails.git`
Your Clone URL:	git@github.com:rails/rails.git Use this clone URL yourself. `git clone git@github.com:rails/rails.git`

Add text/plain to the browser_generated_types array as webkit and gecko can 
submit them.

For more information see:

http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/

NZKoz (author)

Sun Nov 16 11:19:02 -0800 2008

commit 8c197fb4ab4fa432a6e9421e0339a17a7ec296f1
tree 5efbb2355fa3a461d75e18139cfbb429b75eb012
parent 2530d0eea8eaecd2c61f99225f050ff47973e9a0

actionpack/lib/action_controller/mime_type.rb

actionpack/lib/action_controller/mime_type.rb

0
@@ -25,7 +25,7 @@ module Mime
0
     # These are the content types which browsers can generate without using ajax, flash, etc
0
     # i.e. following a link, getting an image or posting a form.  CSRF protection
0
     # only needs to protect against these types.
0
-    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form]
0
+    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text]
0
     cattr_reader :browser_generated_types
0
 
0
 
0
@@ -177,7 +177,7 @@ module Mime
0
     end
0
 
0
     # Returns true if Action Pack should check requests using this Mime Type for possible request forgery.  See
0
-    # ActionController::RequestForgerProtection.
0
+    # ActionController::RequestForgeryProtection.
0
     def verify_request?
0
       browser_generated?
0
     end

Comments