Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Upgrade Rails to 3.2.11

Include xml_parser disabling.
  • Loading branch information...
commit d3687ffd2d9f5ca227cddbfc8fa46ceb1bf43e11 1 parent a5ac4d4
Mazz Mosley authored
Showing with 35 additions and 31 deletions.
  1. +1 −1  Gemfile
  2. +31 −30 Gemfile.lock
  3. +3 −0  config/initializers/xml_parser.rb
View
2  Gemfile
@@ -18,7 +18,7 @@ gem 'router-client', "3.1.0"
gem 'aws-ses', require: 'aws/ses'
-gem 'rails', '3.2.7'
+gem 'rails', '3.2.11'
gem 'unicorn', '4.3.1'
gem 'less-rails-bootstrap'
View
61 Gemfile.lock
@@ -20,31 +20,31 @@ GEM
remote: https://gems.gemfury.com/vo6ZrmjBQu5szyywDszE/
specs:
PriorityQueue (0.1.2)
- actionmailer (3.2.7)
- actionpack (= 3.2.7)
+ actionmailer (3.2.11)
+ actionpack (= 3.2.11)
mail (~> 2.4.4)
- actionpack (3.2.7)
- activemodel (= 3.2.7)
- activesupport (= 3.2.7)
+ actionpack (3.2.11)
+ activemodel (= 3.2.11)
+ activesupport (= 3.2.11)
builder (~> 3.0.0)
erubis (~> 2.7.0)
journey (~> 1.0.4)
rack (~> 1.4.0)
rack-cache (~> 1.2)
rack-test (~> 0.6.1)
- sprockets (~> 2.1.3)
- activemodel (3.2.7)
- activesupport (= 3.2.7)
+ sprockets (~> 2.2.1)
+ activemodel (3.2.11)
+ activesupport (= 3.2.11)
builder (~> 3.0.0)
- activerecord (3.2.7)
- activemodel (= 3.2.7)
- activesupport (= 3.2.7)
+ activerecord (3.2.11)
+ activemodel (= 3.2.11)
+ activesupport (= 3.2.11)
arel (~> 3.0.2)
tzinfo (~> 0.3.29)
- activeresource (3.2.7)
- activemodel (= 3.2.7)
- activesupport (= 3.2.7)
- activesupport (3.2.7)
+ activeresource (3.2.11)
+ activemodel (= 3.2.11)
+ activesupport (= 3.2.11)
+ activesupport (3.2.11)
i18n (~> 0.6)
multi_json (~> 1.0)
addressable (2.3.2)
@@ -139,7 +139,7 @@ GEM
httpauth (0.2.0)
i18n (0.6.1)
journey (1.0.4)
- json (1.7.5)
+ json (1.7.6)
jwt (0.1.5)
multi_json (>= 1.0)
kgio (2.7.4)
@@ -208,7 +208,7 @@ GEM
plek (0.3.0)
builder
polyglot (0.3.3)
- rack (1.4.1)
+ rack (1.4.3)
rack-accept (0.4.5)
rack (>= 0.4)
rack-cache (1.2)
@@ -217,23 +217,23 @@ GEM
rack
rack-test (0.6.2)
rack (>= 1.0)
- rails (3.2.7)
- actionmailer (= 3.2.7)
- actionpack (= 3.2.7)
- activerecord (= 3.2.7)
- activeresource (= 3.2.7)
- activesupport (= 3.2.7)
+ rails (3.2.11)
+ actionmailer (= 3.2.11)
+ actionpack (= 3.2.11)
+ activerecord (= 3.2.11)
+ activeresource (= 3.2.11)
+ activesupport (= 3.2.11)
bundler (~> 1.0)
- railties (= 3.2.7)
- railties (3.2.7)
- actionpack (= 3.2.7)
- activesupport (= 3.2.7)
+ railties (= 3.2.11)
+ railties (3.2.11)
+ actionpack (= 3.2.11)
+ activesupport (= 3.2.11)
rack-ssl (~> 1.3.2)
rake (>= 0.8.7)
rdoc (~> 3.4)
thor (>= 0.14.6, < 2.0)
raindrops (0.10.0)
- rake (10.0.2)
+ rake (10.0.3)
rdoc (3.12)
json (~> 1.4)
rest-client (1.6.7)
@@ -261,8 +261,9 @@ GEM
simplecov-html (0.5.3)
simplecov-rcov (0.2.3)
simplecov (>= 0.4.1)
- sprockets (2.1.3)
+ sprockets (2.2.2)
hike (~> 1.2)
+ multi_json (~> 1.0)
rack (~> 1.0)
tilt (~> 1.1, != 1.3.0)
state_machine (1.1.2)
@@ -330,7 +331,7 @@ DEPENDENCIES
nokogiri
null_logger
plek (~> 0.3.0)
- rails (= 3.2.7)
+ rails (= 3.2.11)
router-client (= 3.1.0)
rummageable (~> 0.3.0)
shoulda (~> 2.11.3)
View
3  config/initializers/xml_parser.rb
@@ -0,0 +1,3 @@
+# Turn off XML parsing:
+# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
+ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::XML)
Please sign in to comment.
Something went wrong with that request. Please try again.