templates/disable_xml_params.rb in suspenders-1.30.0 vs templates/disable_xml_params.rb in suspenders-1.31.0
- old
+ new
@@ -1,3 +2 @@
-# Protect against injection attacks
-# http://www.kb.cert.org/vuls/id/380039
ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::XML)