Please sign in to comment.
Deep Munge the parameters for GET and POST
The previous implementation of this functionality could be accidentally subverted by instantiating a raw Rack::Request before the first Rails::Request was constructed. Fixes CVE-2013-6417 Conflicts: actionpack/lib/action_dispatch/http/request.rb
- Loading branch information...
Showing with 17 additions and 2 deletions.