Skip to content

/ sinatra

Permalink
Browse files
Loading status checks…

escape invalid query params, fixes #1428

  • Loading branch information
@namusyaka
namusyaka committed May 30, 2018
Verified
This commit was signed with a verified signature.
namusyaka namusyaka
GPG key ID: C4B6919318C291BC Learn about signing commits
1 parent 5149dc9 commit 12786867d6faaceaec62c7c2cb5b0e2dc074d71a
Unified Split
Showing with 1 addition and 1 deletion.
  1. +1 −1 lib/sinatra/base.rb
2 lib/sinatra/base.rb
View file
@@ -78,7 +78,7 @@ def unlink?
def params
super
rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
raise BadRequest, "Invalid query parameters: #{e.message}"
raise BadRequest, "Invalid query parameters: #{Rack::Utils.escape_html(e.message)}"
end

private

0 comments on commit 1278686

Please sign in to comment.