Skip to content

Commit

Permalink
SECURITY: update rack-mini-profiler to latest to correct XSS
Browse files Browse the repository at this point in the history 
This corrects an XSS in ?pp=help.

Also removes the jQuery dependency from rack-mini-profiler and restricts
memory sensitive profiling methods development only.
  • Loading branch information
@SamSaffron
SamSaffron committed Oct 1, 2019
1 parent 6e04120 commit fd0bb34
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Gemfile.lock
View file
Expand Up @@ -267,7 +267,7 @@ GEM
puma (3.12.1)
r2 (0.2.7)
rack (2.0.7)
rack-mini-profiler (1.0.2)
rack-mini-profiler (1.1.0)
rack (>= 1.2.0)
rack-openid (1.3.1)
rack (>= 1.1.0)
Expand Down

0 comments on commit fd0bb34

Please sign in to comment.