Sha256: ea896f563dd8bbc47293b3b7839a8f7c867fbf3ca45ccaa27570c49609f63170
Contents?: true
Size: 620 Bytes
Versions: 1
Compression:
Stored size: 620 Bytes
Contents
module Rack
class Taint
def initialize(app)
@app = app
end
def call(env)
dup._call(env)
end
def _call(env)
env.each do |k, v|
v.taint unless k.include?('.')
end
input = env['rack.input'].taint
if input.respond_to?(:string)
require 'rack/taint/readable'
input.extend(Readable).string.taint
end
# Some middleware (e.g., Rack::MethodOverride) may cause parameter
# parsing before we taint.
env.delete('rack.request.form_input')
env.delete('rack.request.query_string')
@app.call(env)
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| rack-taint-1.0.0 | lib/rack/taint.rb |