wrap-params middleware doesn't make a user detect a charset of GET mothod.
When client does not specify its charset in Content-Type header of a request, a server use default charset(ISO-8859-1). Therefore parameters of a request is encoded in other than default charset without ...
wrap-params middleware doesn't function when not url-encoded...
IE send an url not url-encoded when "Send UTF-8 query strings..." flag of Internet Option is unset. And parameters of this request can't be processed properly by wrap-params, which decode ...
Minor docstring update for http-only flag
Fix confusing and incorrect definition in docstring for http-only https://www.owasp.org/index.php/HttpOnly
wrap-resource captures root route when in a jar file
If wrap-resource is added to the handler stack ahead of Compojure routes meant to serve the root (index) route while running from a jar file, it will mistakenly identify the top resource directory as a ...
In ring-core 1.2.1, I'm getting this explosion: Exception in thread "main" java.lang.NoClassDefFoundError: javax/servlet/http/HttpServletRequest, compiling:(ring/middleware/multipart_params.clj:39:5) ...
At https://github.com/mmcgrana/ring/blob/master/ring-core/src/ring/middleware/session/cookie.clj#L92 should there be a (binding [read-eval false] ) ? Otherwise, it seems -- suppose some other vulnerability ...
The middleware wrap-head makes Content-Length always be 0
Because it sets :body to nil, and :body is used to set Content-Length.
Update ring-devel/src/ring/middleware/stacktrace.clj
Catch all Throwaables, not just Exceptions, so that (assert ...) works inside handlers.
Session wrapper does not update the cookie after session expiry date is changed.
(ns ring-session-test.core) (use 'ring.middleware.session) (defn handler [{session :session uri :uri}] (let [res {:status 200 :headers {"Content-Type" "text/plain"} ...
Automatic code reloading is one step behind
In wrap-reload after the new code is loaded, the old handler is still used to serve the current request meaning that to see any code changes you have to refresh the page twice which is seriously annoying. ...