#88

wrap-params middleware doesn't make a user detect a charset of GET mothod.

When client does not specify its charset in Content-Type header of a request, a server use default charset(ISO-8859-1). Therefore parameters of a request is encoded in other than default charset without ...

  • Opened by guruma Apr 2, 2016
#87

wrap-params middleware doesn't function when not url-encoded...

IE send an url not url-encoded when "Send UTF-8 query strings..." flag of Internet Option is unset. And parameters of this request can't be processed properly by wrap-params, which decode ...

  • Opened by guruma Apr 2, 2016
#85

Minor docstring update for http-only flag

Fix confusing and incorrect definition in docstring for http-only https://www.owasp.org/index.php/HttpOnly

#84

wrap-resource captures root route when in a jar file

If wrap-resource is added to the handler stack ahead of Compojure routes meant to serve the root (index) route while running from a jar file, it will mistakenly identify the top resource directory as a ...

  • Opened by pjlegato Jul 30, 2014
  • 2 comments
#83

Exception in thread "main" java.lang.NoClassDefFoundError: javax/servlet/http/HttpServletRequest, compiling:(ring/middleware/multipart_params.clj:39:5)

In ring-core 1.2.1, I'm getting this explosion: Exception in thread "main" java.lang.NoClassDefFoundError: javax/servlet/http/HttpServletRequest, compiling:(ring/middleware/multipart_params.clj:39:5) ...

#82

*read-eval* false?

At https://github.com/mmcgrana/ring/blob/master/ring-core/src/ring/middleware/session/cookie.clj#L92 should there be a (binding [read-eval false] ) ? Otherwise, it seems -- suppose some other vulnerability ...

  • Opened by txrev319 Oct 31, 2013
  • 2 comments
#81

The middleware wrap-head makes Content-Length always be 0

Because it sets :body to nil, and :body is used to set Content-Length.

  • Opened by aviflax Jun 24, 2013
  • 4 comments
#80

Update ring-devel/src/ring/middleware/stacktrace.clj

Catch all Throwaables, not just Exceptions, so that (assert ...) works inside handlers.

#79

Session wrapper does not update the cookie after session expiry date is changed.

(ns ring-session-test.core) (use 'ring.middleware.session) (defn handler [{session :session uri :uri}] (let [res {:status 200 :headers {"Content-Type" "text/plain"} ...

  • Opened by zby Feb 2, 2013
  • 1 comment
#78

Automatic code reloading is one step behind

In wrap-reload after the new code is loaded, the old handler is still used to serve the current request meaning that to see any code changes you have to refresh the page twice which is seriously annoying. ...