lib/rack/file.rb in rack-0.9.0 vs lib/rack/file.rb in rack-0.9.1
- old
+ new
@@ -21,12 +21,12 @@
end
F = ::File
def _call(env)
- return forbidden if env["PATH_INFO"].include? ".."
-
@path_info = Utils.unescape(env["PATH_INFO"])
+ return forbidden if @path_info.include? ".."
+
@path = F.join(@root, @path_info)
begin
if F.file?(@path) && F.readable?(@path)
serving