Instiki 0.17.2: Security Release

This release upgrades Instiki to Rails 2.3.4, which patches two security holes in Rails. See http://weblog.rubyonrails.org/2009/9/4/ruby-on-rails-2-3-4 There are also some new features, and the usual boatload of bugfixes. See the CHANGELOG for details.
2009-09-05 02:01:46 -05:00 · 2009-09-05 02:01:46 -05:00 · 4bdf703ab2
commit 4bdf703ab2
parent 34c4306867
211 changed files with 3959 additions and 1325 deletions
--- a/vendor/rails/actionpack/lib/action_controller/base.rb
+++ b/vendor/rails/actionpack/lib/action_controller/base.rb
@ -493,7 +493,12 @@ module ActionController #:nodoc:
              filtered_parameters[key] = filter_parameters(value)
            elsif value.is_a?(Array)
              filtered_parameters[key] = value.collect do |item|
-                filter_parameters(item)
+                case item
+                when Hash, Array
+                  filter_parameters(item)
+                else
+                  item
+                end
              end
            elsif block_given?
              key = key.dup
@ -814,7 +819,6 @@ module ActionController #:nodoc:
      #   render :text => proc { |response, output|
      #     10_000_000.times do |i|
      #       output.write("This is line #{i}\n")
-      #       output.flush
      #     end
      #   }
      #