RubyGems - actionpack - Versions diffs - 7.0.4.1 → 7.0.4.2 - Mend

actionpack 7.0.4.1 → 7.0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (5) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +9 -0
data/lib/action_dispatch/middleware/cookies.rb +2 -2
data/lib/action_pack/gem_version.rb +1 -1
metadata +11 -11

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5f31d845cb672a69a48bf5a99d24da4cc0a1911dd90592b7f569954a08040d32
-  data.tar.gz: 4f82a27ee5dba8c642621ab247ef345b7daff0e9e4fe25c3ba81163a2a31b8d5
+  metadata.gz: 2c22bab78116ba16eb5b0040050758d1cdfdecb10e9f7d174116e8174c9f988f
+  data.tar.gz: 826c0844d869f71fd1e04b0295898ebe011a43085131224f1d12991fb8b3cbd0
 SHA512:
-  metadata.gz: 7094329330497de30fa9dbae232a2563a3699129681dbba34092db10f3e07d97b9905abe2d4339f50c39b8f45c6e9765a77523c379dbe53f3ff96cb544586483
-  data.tar.gz: db8c045d237562750468b511cd54990c2fe0069fe7942e663f013f6cdfa30e7211b8f9874cdc7187dc0b16f1238cb331dde86bbd38f796688935e541b0fcac25
+  metadata.gz: 109a5ec54e9e254d8db491ce49027ced3eb8ab8f35ee41823cef7ce661067eceedc795f371871765c687ce96c1f452513319ad7363d349b3bedcf8837f71c692
+  data.tar.gz: 334ce823a8637370f5b6cf6baec372eebd97b6e573294f0d7229bf032a81a55079e63fb11cbd3c536b96c74801d2c291ef2e16ca8a13bef6d43585bfe55dc7bf

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,12 @@
+## Rails 7.0.4.2 (January 24, 2023) ##
+*   Fix `domain: :all` for two letter TLD
+    This fixes a compatibility issue introduced in our previous security
+    release when using `domain: :all` with a two letter but single level top
+    level domain domain (like `.ca`, rather than `.co.uk`).
 ## Rails 7.0.4.1 (January 17, 2023) ##
 *   Fix sec issue with _url_host_allowed?

data/lib/action_dispatch/middleware/cookies.rb CHANGED Viewed

@@ -461,8 +461,8 @@ module ActionDispatch
             # Case where tld_length is not provided
             else
               # Regular TLDs
-              if !(/([^.]{2,3}\.[^.]{2})$/.match?(request.host))
-                cookie_domain = dot_splitted_host.last(2).join('.')
+              if !(/\.[^.]{2,3}\.[^.]{2}\z/.match?(request.host))
+                cookie_domain = dot_splitted_host.last(2).join(".")
               # **.**, ***.** style TLDs like co.uk and com.au
               else
                 cookie_domain = dot_splitted_host.last(3).join('.')

data/lib/action_pack/gem_version.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module ActionPack
     MAJOR = 7
     MINOR = 0
     TINY  = 4
-    PRE   = "1"
+    PRE   = "2"
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: actionpack
 version: !ruby/object:Gem::Version
-  version: 7.0.4.1
+  version: 7.0.4.2
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-01-17 00:00:00.000000000 Z
+date: 2023-01-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.4.1
+        version: 7.0.4.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.4.1
+        version: 7.0.4.2
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
@@ -98,28 +98,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.4.1
+        version: 7.0.4.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.4.1
+        version: 7.0.4.2
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.4.1
+        version: 7.0.4.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.4.1
+        version: 7.0.4.2
 description: Web apps on Rails. Simple, battle-tested conventions for building and
   testing MVC web applications. Works with any Rack-compatible server.
 email: david@loudthinking.com
@@ -310,10 +310,10 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: https://github.com/rails/rails/blob/v7.0.4.1/actionpack/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v7.0.4.1/
+  changelog_uri: https://github.com/rails/rails/blob/v7.0.4.2/actionpack/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v7.0.4.2/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v7.0.4.1/actionpack
+  source_code_uri: https://github.com/rails/rails/tree/v7.0.4.2/actionpack
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []