Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Rack middleware to taint incoming data

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 lib
Octocat-spinner-32 test
Octocat-spinner-32 .gitignore
Octocat-spinner-32 Gemfile
Octocat-spinner-32 LICENSE
Octocat-spinner-32 README.markdown
Octocat-spinner-32 Rakefile
Octocat-spinner-32 rack-taint.gemspec
README.markdown

Rack::Taint

Rack::Taint is Rack middleware to taint the the query string (and thus GET parameters), input (and thus POST parameters), headers (and thus cookies), and everything else that comes in on a request. Among other use cases, this may prove helpful as a component in a scheme that limits mass assignment in Rails.

Installation

Add this line to your application's Gemfile:

gem 'rack-taint'

On Rails, the Railtie takes care of everything else. On everything else, you'll need to add the Rack::Taint middleware to the stack yourself.

Contributing

Please follow Git commit message best practices when submitting a pull request.

If I provide you with feedback on your pull request, generally you should squash your changes into the previous commit when submitting a second request.

Something went wrong with that request. Please try again.