public
Description: Ruby on Rails
Homepage: http://rubyonrails.org
Clone URL: git://github.com/rails/rails.git
Add text/plain to the browser_generated_types array as webkit and gecko can 
submit them.

For more information see:

http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup/
NZKoz (author)
Sun Nov 16 11:19:02 -0800 2008
commit  8c197fb4ab4fa432a6e9421e0339a17a7ec296f1
tree    5efbb2355fa3a461d75e18139cfbb429b75eb012
parent  2530d0eea8eaecd2c61f99225f050ff47973e9a0
...
25
26
27
28
 
29
30
31
...
177
178
179
180
 
181
182
183
...
25
26
27
 
28
29
30
31
...
177
178
179
 
180
181
182
183
0
@@ -25,7 +25,7 @@ module Mime
0
     # These are the content types which browsers can generate without using ajax, flash, etc
0
     # i.e. following a link, getting an image or posting a form.  CSRF protection
0
     # only needs to protect against these types.
0
-    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form]
0
+    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text]
0
     cattr_reader :browser_generated_types
0
 
0
 
0
@@ -177,7 +177,7 @@ module Mime
0
     end
0
 
0
     # Returns true if Action Pack should check requests using this Mime Type for possible request forgery.  See
0
-    # ActionController::RequestForgerProtection.
0
+    # ActionController::RequestForgeryProtection.
0
     def verify_request?
0
       browser_generated?
0
     end

Comments