Skip to content
  • Michael Koziarski's avatar
    d5a4095c
    Deep Munge the parameters for GET and POST · d5a4095c
    Michael Koziarski authored 
    The previous implementation of this functionality could be accidentally
subverted by instantiating a raw Rack::Request before the first Rails::Request
was constructed.

Fixes CVE-2013-6417

Conflicts:
	actionpack/lib/action_dispatch/http/request.rb
    d5a4095c
    Deep Munge the parameters for GET and POST
    Michael Koziarski authored 
    The previous implementation of this functionality could be accidentally
subverted by instantiating a raw Rack::Request before the first Rails::Request
was constructed.

Fixes CVE-2013-6417

Conflicts:
	actionpack/lib/action_dispatch/http/request.rb