Security: Response Splitting
Apply a patch to close the Response Splitting vulnerability in Rails. See http://weblog.rubyonrails.org/2008/10/19/response-splitting-risk
This commit is contained in:
parent
2fb41f12ce
commit
8d1d8a5693
1 changed files with 2 additions and 2 deletions
|
@ -30,9 +30,9 @@ module ActionController
|
|||
|
||||
def redirect(to_url, response_status)
|
||||
self.headers["Status"] = response_status
|
||||
self.headers["Location"] = to_url
|
||||
self.headers["Location"] = to_url.gsub(/[\r\n]/, '')
|
||||
|
||||
self.body = "<html><body>You are being <a href=\"#{to_url}\">redirected</a>.</body></html>"
|
||||
self.body = "<html><body>You are being <a href=\"#{CGI.escapeHTML(to_url)}\">redirected</a>.</body></html>"
|
||||
end
|
||||
|
||||
def prepare!
|
||||
|
|
Loading…
Reference in a new issue