Skip to content
This repository
Browse code

Merge pull request #361 from engineyard/dont_escape_params

Don't escape parameters by default in included rack-protection (issue #310)
  • Loading branch information...
commit 9c4ac4c0edaaf2f1ae2167dce98a4a4a3dc48951 2 parents c61c5e5 + c59fad7
Konstantin Haase rkh authored

Showing 1 changed file with 1 addition and 1 deletion. Show diff stats Hide diff stats

  1. +1 1  lib/sinatra/base.rb
2  lib/sinatra/base.rb
@@ -1361,7 +1361,7 @@ def setup_logging(builder)
1361 1361
1362 1362 def setup_protection(builder)
1363 1363 return unless protection?
1364   - options = Hash === protection ? protection.dup : {}
  1364 + options = Hash === protection ? protection.dup : {:except => [:escaped_params]}
1365 1365 options[:except] = Array options[:except]
1366 1366 options[:except] += [:session_hijacking, :remote_token] unless sessions?
1367 1367 builder.use Rack::Protection, options

0 comments on commit 9c4ac4c

Please sign in to comment.
Something went wrong with that request. Please try again.