Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rack::MethodOverride handle QueryParser::ParamsTooDeepError #2006

Merged
merged 1 commit into from Jan 11, 2023
Merged

Rack::MethodOverride handle QueryParser::ParamsTooDeepError #2006

merged 1 commit into from Jan 11, 2023

Conversation

casperisfine
Copy link
Contributor

This middleware already handle two types of parsing issues but somehow not this one.

I think this is consistent with #835

@byroot
Rack::MethodOverride handle QueryParser::ParamsTooDeepError
5860ccb 
This middleware already handle two types of parsing issues
but somehow not this one.
@ioquatix ioquatix merged commit 74e508b into rack:main Jan 11, 2023
@ioquatix
Copy link
Member

Thanks!

@ioquatix ioquatix mentioned this pull request Jan 16, 2023
Closed
@casperisfine casperisfine mentioned this pull request Jan 16, 2023
Merged
casperisfine pushed a commit to Shopify/rack that referenced this pull request Jan 16, 2023
@byroot
Fix a mistake in a spec name
01b5892 
Followup: rack#2006

I renamed the wrong spec.
@casperisfine casperisfine mentioned this pull request Jan 16, 2023
Merged
ioquatix pushed a commit that referenced this pull request Jan 16, 2023
@casperisfine @byroot
Fix a mistake in a spec name (#2012)
8e28099 
Followup: #2006

I renamed the wrong spec.

Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
ioquatix pushed a commit that referenced this pull request Jan 16, 2023
@casperisfine @byroot @ioquatix
Rack::MethodOverride handle QueryParser::ParamsTooDeepError (#2006)
5dc8c7b 
This middleware already handle two types of parsing issues
but somehow not this one.

Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
tenderlove added a commit that referenced this pull request Jan 17, 2023
@tenderlove
Merge branch '3-0-sec'
becbf4b 
* 3-0-sec: (24 commits)
  bump version
  Update changelog
  Fix ReDoS vulnerability in multipart parser
  Fix ReDoS in Rack::Utils.get_byte_ranges
  Forbid control characters in attributes
  Bump patch version.
  `Rack::Request#POST` should consistently raise errors. (#2010)
  Fix Rack::Lint error message for HTTP_CONTENT_TYPE and HTTP_CONTENT_LENGTH (#2007)
  Rack::MethodOverride handle QueryParser::ParamsTooDeepError (#2006)
  Bump patch version.
  Fix Regexp deprecated third argument with Regexp::NOENCODING (#1998)
  Update tests to work on latest Rubies. (#1999)
  Bump patch version.
  Allow passing through streaming bodies. (#1993)
  Remove unnecessary executable bit from test files (#1992)
  Fix Utils.build_nested_query to URL-encode all query string fields (#1989)
  Trim trailing white space throughout the project (#1990)
  Fix some typos (#1991)
  Remove leading dot to fix compatibility with latest cgi gem. (#1988)
  Fix outdated Rack::Builder rdocs and remove Lobster references (#1986)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeremyevans jeremyevans jeremyevans approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@casperisfine @ioquatix @jeremyevans @byroot