Skip to content
Browse files

Merge pull request #361 from engineyard/dont_escape_params

Don't escape parameters by default in included rack-protection (issue #310)
  • Loading branch information...
2 parents c61c5e5 + c59fad7 commit 9c4ac4c0edaaf2f1ae2167dce98a4a4a3dc48951 @rkh rkh committed Sep 22, 2011
Showing with 1 addition and 1 deletion.
  1. +1 −1 lib/sinatra/base.rb
View
2 lib/sinatra/base.rb
@@ -1361,7 +1361,7 @@ def setup_logging(builder)
def setup_protection(builder)
return unless protection?
- options = Hash === protection ? protection.dup : {}
+ options = Hash === protection ? protection.dup : {:except => [:escaped_params]}
options[:except] = Array options[:except]
options[:except] += [:session_hijacking, :remote_token] unless sessions?
builder.use Rack::Protection, options

0 comments on commit 9c4ac4c

Please sign in to comment.
Something went wrong with that request. Please try again.