summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* bump versionv2.1.4.32-1-stableAaron Patterson2023-03-022-1/+5
* Limit all multipart parts, not just filesJohn Hawthorn2023-03-025-12/+76
* Merge branch '2-1-sec' into 2-1-stablev2.1.4.2Aaron Patterson2023-01-174-8/+15
|\
| * bump versionAaron Patterson2023-01-171-1/+1
| * Update changelogAaron Patterson2023-01-171-0/+6
| * Fix ReDoS vulnerability in multipart parserAaron Patterson2023-01-171-1/+1
| * Fix ReDoS in Rack::Utils.get_byte_rangesAaron Patterson2023-01-171-5/+6
| * Forbid control characters in attributesJohn Hawthorn2023-01-171-1/+1
* | Merge branch '2-1-sec' into 2-1-stableAaron Patterson2022-05-276-19/+11
|\ \ | |/
| * update changelog2.1.4.1Aaron Patterson2022-05-271-0/+5
| * bump versionAaron Patterson2022-05-261-1/+1
| * Escape untrusted text when loggingAaron Patterson2022-05-264-1/+21
| * Restrict broken mime parsingAaron Patterson2022-05-264-18/+5
* | Escape untrusted text when loggingAaron Patterson2022-05-264-1/+21
|/
* bump version2.1.4Aaron Patterson2020-06-152-1/+9
* When parsing cookies, only decode the valuesMatt Langlois2020-06-152-2/+10
* fix directory listingAaron Patterson2020-05-211-0/+1
* bump version2.1.3Aaron Patterson2020-05-121-1/+1
* adding a test for directory traversalAaron Patterson2020-05-121-0/+12
* Use Dir.entries instead of Dir[glob] to prevent user-specified glob metachara...Jack McCracken2020-05-121-2/+1
* Bump for 2.1.2 release2.1.2Aaron Patterson2020-01-272-2/+2
* Update changelog in preparation for 2.1.2Jeremy Evans2020-01-221-0/+9
* Fix multipart parser for special files #1308Christoph Wagner2020-01-222-3/+29
* Fix `use` with kwargsRyuta Kamizono2020-01-222-2/+3
* Skip deflating in Rack::Deflater if Content-Length is 0Jeremy Evans2020-01-162-0/+13
* #transform_keys no longer necessary, reverts #1401pavel2020-01-161-8/+0
* Fix: Add to_hash to wrap Hash and Session classesOleh Demianiuk2020-01-161-1/+1
* Handle case where session id key is requested but it is missingJeremy Evans2020-01-132-1/+74
* Updating changelog for 2-1-stable2.1.1Aaron Patterson2020-01-111-519/+9
* Bump version.Samuel Williams2020-01-121-1/+1
* Remove chunked middleware from default server stack.Samuel Williams2020-01-121-2/+0
* Fix ActiveStorage use-case and add test case. Fixes #1464.Samuel Williams2020-01-112-1/+15
* Do not deprecate Rack::FileRafael Mendonça França2020-01-101-1/+0
* Merge pull request #1462 from jeremyevans/sessionid-to_sAaron Patterson2020-01-101-1/+1
* Merge pull request #1461 from p8/cleanup-changelog2.1.0Samuel Williams2020-01-091-3/+1
|\
| * Remove changes from CHANGELOG already present in older versions [ci skip]Petrik2020-01-091-3/+1
|/
* Merge pull request #1162 from snood1205/masterSamuel Williams2020-01-091-0/+1
|\
| * Added (Unused) 306Eli Sadoff2017-04-241-0/+1
* | Merge pull request #1459 from jimeh/add-breaking-change-warning-to-changelogAaron Patterson2020-01-081-2/+2
|\ \
| * | Add breaking change warning to changelog for 2.0.8 and 1.6.12Jim Myhrberg2020-01-081-2/+2
* | | Merge pull request #1460 from rack/base64-strictSamuel Williams2020-01-092-12/+52
|\ \ \
| * | | Use "strict encoding" for Base64 encoded cookiesbase64-strictSamuel Williams2020-01-092-12/+52
* | | | Merge pull request #1458 from p8/update-2-0-stable-changelogSamuel Williams2020-01-091-2/+31
|\ \ \ \ | |_|/ / |/| | |
| * | | Add changes to Changelog [ci skip]Petrik2020-01-081-2/+31
|/ / /
* | | Merge pull request #1456 from rack/response-body-compactSamuel Williams2020-01-081-4/+4
|\ \ \ | |/ /
| * | Don't propagate nil values.response-body-compactSamuel Williams2020-01-081-1/+1
| * | Prefer parentheses.Samuel Williams2020-01-081-1/+1
| * | Remove trailing whitespace.Samuel Williams2020-01-081-2/+2
|/ /
* | Merge pull request #1434 from rack/rack-response-bufferedAaron Patterson2020-01-073-39/+107
|\ \
| * | Restore part of status=205 spec.rack-response-bufferedSamuel Williams2020-01-071-0/+9
View Lorry Controller Status