projects / ruby2.3.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e5305ac) | patch
WEBrick: prevent response splitting and header injection
authorYusuke Endoh <mame@ruby-lang.org>
Tue, 1 Oct 2019 03:29:18 +0000 (12:29 +0900)
committerSalvatore Bonaccorso <carnil@debian.org>
Sun, 15 Dec 2019 16:28:25 +0000 (16:28 +0000)
commit75670cea3208cf26b4d0e868a8c4139d2ee45f6d
tree5911140d619ec789953acb8cbcb81c24f263f97atree | snapshot
parente5305accc5a524cd319afa9d2cfa47adcb08d1adcommit | diff
WEBrick: prevent response splitting and header injection

This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
The commit prevented CRLR, but did not address an isolated CR or an
isolated LF.

Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
[Salvatore Bonaccorso: Backport to 2.3.3:
 - Context changes in test/webrick/test_httpresponse.rb
]

Gbp-Pq: Name WEBrick-prevent-response-splitting-and-header-inject.patch
lib/webrick/httpresponse.rb diff | blob | history
test/webrick/test_httpresponse.rb diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.