Rack middleware to taint incoming data
Ruby
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib Don't assume presence of Rack::MethodOverride Mar 15, 2012
test rack-taint 1.0.0 Mar 15, 2012
.gitignore rack-taint 1.0.0 Mar 15, 2012
Gemfile rack-taint 1.0.0 Mar 15, 2012
LICENSE rack-taint 1.0.0 Mar 15, 2012
README.markdown rack-taint 1.0.0 Mar 15, 2012
Rakefile rack-taint 1.0.0 Mar 15, 2012
rack-taint.gemspec Reword summary Mar 15, 2012

README.markdown

Rack::Taint

Rack::Taint is Rack middleware to taint the the query string (and thus GET parameters), input (and thus POST parameters), headers (and thus cookies), and everything else that comes in on a request. Among other use cases, this may prove helpful as a component in a scheme that limits mass assignment in Rails.

Installation

Add this line to your application's Gemfile:

gem 'rack-taint'

On Rails, the Railtie takes care of everything else. On everything else, you'll need to add the Rack::Taint middleware to the stack yourself.

Contributing

Please follow Git commit message best practices when submitting a pull request.

If I provide you with feedback on your pull request, generally you should squash your changes into the previous commit when submitting a second request.