Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Avoid SCRIPT_NAME escaping in Rack::Directory #415

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
2 participants
@ghost

ghost commented Jul 30, 2012

When it serve /, it works just well, cause SCRIPT_NAME is empty and there are nothing to escape.

However, when serving /some-url, the generated links will look like "%2Fsome-url/some-path".

Update lib/rack/directory.rb
Avoid SCRIPT_NAME escaping.

When it serve /, it works just well, cause SCRIPT_NAME is empty and there are nothing to escape.

However, when serving /some-url, the generated links will look like "%2Fsome-url/some-path".

This pull request passes (merged 15a1738 into ab67e70).

@raggi raggi closed this in 7c36a88 Aug 26, 2012

raggi added a commit that referenced this pull request Jan 4, 2013

Fix script name escaping in Rack::Directory
Closes #415 and replaces it, which came with no tests and an insecure
implementation.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment