Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Rack middleware to taint incoming data
Ruby
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
test
.gitignore
Gemfile
LICENSE
README.markdown
Rakefile
rack-taint.gemspec

README.markdown

Rack::Taint

Rack::Taint is Rack middleware to taint the the query string (and thus GET parameters), input (and thus POST parameters), headers (and thus cookies), and everything else that comes in on a request. Among other use cases, this may prove helpful as a component in a scheme that limits mass assignment in Rails.

Installation

Add this line to your application's Gemfile:

gem 'rack-taint'

On Rails, the Railtie takes care of everything else. On everything else, you'll need to add the Rack::Taint middleware to the stack yourself.

Contributing

Please follow Git commit message best practices when submitting a pull request.

If I provide you with feedback on your pull request, generally you should squash your changes into the previous commit when submitting a second request.

Something went wrong with that request. Please try again.