Skip to content
Rack middleware to taint incoming data
Ruby
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
lib
test
.gitignore
Gemfile
LICENSE
README.markdown
Rakefile
rack-taint.gemspec

README.markdown

Rack::Taint

Rack::Taint is Rack middleware to taint the the query string (and thus GET parameters), input (and thus POST parameters), headers (and thus cookies), and everything else that comes in on a request. Among other use cases, this may prove helpful as a component in a scheme that limits mass assignment in Rails.

Installation

Add this line to your application's Gemfile:

gem 'rack-taint'

On Rails, the Railtie takes care of everything else. On everything else, you'll need to add the Rack::Taint middleware to the stack yourself.

Contributing

Please follow Git commit message best practices when submitting a pull request.

If I provide you with feedback on your pull request, generally you should squash your changes into the previous commit when submitting a second request.

Something went wrong with that request. Please try again.