./www/ruby-rack-protection, Protection for against typical web attacks for Rack application

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.0.8.1, Package name: ruby26-rack-protection-2.0.8.1, Maintainer: pkgsrc-users

Rack::Protection

You should use protection!

This gem protects against typical web attacks.
Should work for all Rack apps, including Rails.


Required to run:
[www/ruby-rack] [lang/ruby26-base]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 1f046e23baca8beece3b38c60382f44aa2b2cb41
RMD160: eead478f26dac4c0051aaad0c79e2afa973f0460
Filesize: 16.5 KB

Version history: (Expand)

CVS history: (Expand)


   2020-03-20 17:29:38 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
www/ruby-rack-protection: update to 2.0.8.1

Update ruby-rack-protection to 2.0.8.1.

### rack-protection

* Don't track the Accept-Language header by default \ 
[#1504](https://github.com/sinatra/sinatra/pull/1504) by Artem Chistyakov
   2018-09-23 19:06:28 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
www/ruby-rack-protection: update to 2.0.4

2.0.4 / 2018-09-15

* Don't blow up when passing frozen string to send_file disposition #1137 by
  Andrew Selder

* Fix ubygems LoadError #1436 by Pavel Rosický

* Unescape regex captures #1446 by Jordan Owens

* Slight performance improvements for IndifferentHash #1427 by Mike Pastore

* Improve development support and documentation and source code by Will Yang,
  Jake Craige, Grey Baker and Guilherme Goettems Schneider

2.0.3 / 2018-06-09

* Fix the backports gem regression #1442 by Marc-André Lafortune

2.0.2 / 2018-06-05

* Escape invalid query parameters #1432 by Kunpei Sakai

	o The patch fixes CVE-2018-11627.

* Fix undefined method error for Sinatra::RequiredParams with hash key #1431
  by Arpit Chauhan

* Add xml content-types to valid html_types for Rack::Protection #1413 by
  Reenan Arbitrario

* Encode route parameters using :default_encoding setting #1412 by Brian
  m. Carlson

* Fix unpredictable behaviour from Sinatra::ConfigFile #1244 by John Hope

* Add Sinatra::IndifferentHash#slice #1405 by Shota Iguchi

* Remove status code 205 from drop body response #1398 by Shota Iguchi

* Ignore empty captures from params #1390 by Shota Iguchi

* Improve development support and documentation and source code by Zp Yuan,
  Andreas Finger, Olle Jonsson, Shota Iguchi, Nikita Bulai and Joshua O'Brien
   2018-03-17 16:52:27 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
www/ruby-rack-protection: update to 2.0.1

0.2.1						2018/02/16

* enhanced path validation in Windows
   2018-01-08 23:09:48 by Takahiro Kambe | Files touched by this commit (2) 
Log message:
www: allow use of ruby25
   2017-07-31 00:32:28 by Thomas Klausner | Files touched by this commit (229) 
Log message:
Switch github HOMEPAGEs to https.
   2017-06-18 15:48:55 by Takahiro Kambe | Files touched by this commit (18) 
Log message:
Add 24 to RUBY_VERSIONS_ACCEPTED.
   2017-06-05 05:29:38 by Takahiro Kambe | Files touched by this commit (6) 
Log message:
Restrict ruby's version to 22 and 23.
   2017-06-04 17:18:22 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-rack-protection to 2.0.0.

No its own changes but here is related changes from Sinatra's changes.

 * Modernize Rack::Protection::ContentSecurityPolicy with CSP Level 2 and 3
   Directives #1202 by Glenn Rempe
 * Adds preload option to Rack:Protection:StrictTransport #1209 by Ed Robinson
 * rack-protection: Bundle StrictTransport, CookieTossing, and CSP #1267 by
   Mike Pastore