Skip to content
Browse files

Revert "bump up rack version to the one that includes the Hash DoS fix"

Rack 1.1.3 also changes the Set-Cookie header to expects a
newline-delimited string instead of an Array, which breaks Rails 2.3's
expectations in a variety of ways.

This reverts commit 27a508c.

  • Loading branch information...
1 parent 709af05 commit 28cfd79e31eeb5923c51ea6c8410d98fb48efebf @jeremy jeremy committed Jan 17, 2013
Showing with 2 additions and 2 deletions.
  1. +1 −1 actionpack/Rakefile
  2. +1 −1 actionpack/lib/action_controller.rb
2 actionpack/Rakefile
@@ -79,7 +79,7 @@ spec = do |s|
s.requirements << 'none'
s.add_dependency('activesupport', '= 2.3.15' + PKG_BUILD)
- s.add_dependency('rack', '~> 1.1.3')
+ s.add_dependency('rack', '~> 1.1.0')
s.require_path = 'lib'
2 actionpack/lib/action_controller.rb
@@ -31,7 +31,7 @@
-gem 'rack', '~> 1.1.3'
+gem 'rack', '~> 1.1.0'
require 'rack'
require 'action_controller/cgi_ext'

1 comment on commit 28cfd79


Hey, thanks for tis commit!
As it turns out, this fixes a issue with a setup I have with Apache load balancing 4 mongrel services on a Windows server. It was driving me crazy till I saw your commit mentioning 'Cookies'. I needed a hack to make the mongrels work (anyone using mongrel on windows knows about the hack I think) and that went berserk because of the Rack update (as I later concluded).

To thanks for saving my day today ;-)

Please sign in to comment.
Something went wrong with that request. Please try again.