Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Apr 21, 2013
  1. James Tucker

    Prevent signals from being sent to pid 0

    raggi authored
     * Closes #544
Commits on Feb 8, 2013
  1. James Tucker

    Bump version number

    raggi authored
  2. James Tucker
  3. James Tucker

    Prevent symlink path traversals

    raggi authored
     * Closes CVE-2013-0262
Commits on Feb 7, 2013
  1. James Tucker

    Use secure_compare for hmac comparison

    raggi authored
     * Closes CVE-2013-0263
  2. James Tucker

    Add secure_compare to Rack::Utils

    raggi authored
    Conflicts:
    	test/spec_utils.rb
Commits on Jan 21, 2013
  1. James Tucker
Commits on Jan 13, 2013
  1. James Tucker

    Bump version

    raggi authored
  2. James Tucker
  3. James Tucker

    Squash warnings in spec_auth

    raggi authored
  4. James Tucker

    Reimplement auth scheme fix

    raggi authored
     * Add Rack::Auth.add_scheme to enable folks to fix anything that breaks
     * Add common auth schemes, MS ones, AWS ones, etc are missing, as unlikely
     * Checked Rails - they don't use our authorization code
     * Checked Warden - uses rails
     * Checked Omniauth - uses rails
     * Checked doorkeeper - users rails
     * Checked rack-authentication - does it's own thing
     * Checked warden-oauth - doesn't do headers
     * Checked devise - uses rails
     * Checked oauth2-rack - header creation only
     * Checked rack-oauth2-server - does it's own thing
     * Probably missed a bunch, but that'll have to do
Commits on Jan 7, 2013
  1. Carlos Antonio da Silva James Tucker
  2. James Tucker
  3. James Tucker

    Bump to 1.4.3

    raggi authored
  4. James Tucker

    multipart/parser: avoid unbounded #gets method

    Eric Wong authored raggi committed
    Malicious clients may send excessively long lines
    to trigger out-of-memory errors in a Rack web server.
  5. James Tucker

    Bump to 1.4.2

    raggi authored
Commits on Jan 6, 2013
  1. James Tucker

    Update README based on master

    raggi authored
Commits on Jan 4, 2013
  1. James Tucker

    Fix parsing performance for unquoted filenames

    raggi authored raggi committed
    Special thanks to Paul Rogers & Eric Wong
    
    Conflicts:
    	test/spec_multipart.rb
  2. Sokolov Yura James Tucker

    Fix parsing multiple ranges

    funny-falcon authored raggi committed
    Fix parsing miltiple ranges in HTTP_RANGE header according to w3 rfc2616 (according to last example in sec14.35.1 http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.1 ) (according to BNF rules in http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.1 )
  3. James Tucker

    .woff now has an official mime type!

    raggi authored
     * Closes #405
  4. James Tucker

    Do not fail on cookies that are not URI escaped

    raggi authored
     * Closes #360
    
    Conflicts:
    	test/spec_request.rb
  5. James Tucker
  6. James Tucker

    Refactor spec_cascade and spec_head

    raggi authored
     * StringIO is a better choice than a struct here.
  7. James Tucker

    Rack::Response now conforms to body.close SPEC

    raggi authored
     * Previously 204, 205 and 304 bodies were not closed correctly.
  8. James Tucker
  9. James Tucker
  10. James Tucker

    Clarify the body.close spec section

    raggi authored
     * This item is frequently missed, including in core.
     * This is not a change in semantic requirement, and does not update the SPEC
       version.
  11. Konstantin Haase James Tucker

    fixes for 1.8

    rkh authored raggi committed
  12. James Tucker
  13. Zachary Scott James Tucker

    Rack::BodyProxy#each, fixes rack/rack#434

    zzak authored raggi committed
  14. James Tucker
  15. James Tucker
  16. Thomas Klemm James Tucker

    Rack::Static: Rename methods

    thomasklemm authored raggi committed
  17. Thomas Klemm James Tucker

    Remove .rbenv-version from .gitignore

    thomasklemm authored raggi committed
  18. Zachary Scott James Tucker

    rescue Errno::ESRCH for windows, fixes #391

    zzak authored raggi committed
Something went wrong with that request. Please try again.