Navigation:
Browse pkgsrc
(this page)Log Message: Update ruby-rack-ssl to 1.4.1. * As per spec, don't include STS header in non-https responses * Handle bad URIs gracefully. Some adapters (i.e. jruby-rack) will pass through bad URIs, then display the resulting exception. This creates an attack vector for XSS attacks. * Added more installation/usage instructions into the README * Return 400 instead of 404 in case of InvalidURIError * Include Content-Type in 400 response. To stay compatible with old Rack versions. * Skip URI parsing Request#url URI may fail to parse some legit URL paths.
| Revision | Action | file |
| 1.5 | modify | pkgsrc/www/ruby-rack-ssl/Makefile |
| 1.4 | modify | pkgsrc/www/ruby-rack-ssl/distinfo |
| 1.1 | remove | pkgsrc/www/ruby-rack-ssl/patches/patch-lib_rack_ssl.rb |
New packages: