doorkeeper 1.4.1 → 1.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/lib/doorkeeper/engine.rb +4 -0
  4. data/lib/doorkeeper/version.rb +1 -1
  5. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3980ae7bb2071ab9aa5f29952fc42fd5b04c0d7e
4
- data.tar.gz: 71725d944d80d72391f12ab12056f28ae3a6e963
3
+ metadata.gz: d2d7cab21593e8a332814e94eb9a6ea9dec17a4e
4
+ data.tar.gz: 36510e1c2ba3eb2d251b673cd255a55658bac713
5
5
  SHA512:
6
- metadata.gz: 48254ea12523bc9c00a1e07b512987357887453d490f9dac13b1266044c674fb713089abacb3e8213b5d1e8f1038d82d4ad8a9024f6cc9be93b11a679203d935
7
- data.tar.gz: fa222e77888ed9373bb60e50981ba91bfeb301f548b4c8a0286593a94a6cb358a23acde563b91fde38b07e23c37b523f86c93b1b6f1bc6c18218b83d13dfa8c9
6
+ metadata.gz: fae688f8c62919746f491bf310785b8e7ae2d7af3095cb2b09fcab1bc6ac73bc8dfdb57d67c474369a27a5c1135876f98a15bd18a2feb7e7c39d62953e23a9bd
7
+ data.tar.gz: 10c7f4395f915b88982a93f9bb5a6e8f5f57e6577752281b971be705707af84af2ae6ab2caf7d191a06deb3efbf4878ac66fd187e7427a14354b279e2db20c8b
data/CHANGELOG.md CHANGED
@@ -2,6 +2,16 @@
2
2
 
3
3
  ## master
4
4
 
5
+ ## 1.4.2
6
+
7
+ - [#576] Backported to 1.4.X branch. Filters out sensitive parameters from logs.
8
+
9
+
10
+ ## 1.4.1
11
+
12
+ - Fixes CSRF vulnerability
13
+
14
+
5
15
  ## 1.4.0
6
16
 
7
17
  - internals
data/lib/doorkeeper/engine.rb CHANGED
@@ -1,5 +1,9 @@
1
1
  module Doorkeeper
2
2
  class Engine < Rails::Engine
3
+ initializer "doorkeeper.params.filter" do |app|
4
+ app.config.filter_parameters += [:client_secret, :code, :token]
5
+ end
6
+
3
7
  initializer 'doorkeeper.routes' do
4
8
  Doorkeeper::Rails::Routes.warn_if_using_mount_method!
5
9
  Doorkeeper::Rails::Routes.install!
data/lib/doorkeeper/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Doorkeeper
2
- VERSION = '1.4.1'
2
+ VERSION = '1.4.2'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.1
4
+ version: 1.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Felipe Elias Philipp
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-12-17 00:00:00.000000000 Z
12
+ date: 2015-03-03 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: railties
@@ -431,7 +431,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
431
431
  version: '0'
432
432
  requirements: []
433
433
  rubyforge_project:
434
- rubygems_version: 2.2.2
434
+ rubygems_version: 2.4.5
435
435
  signing_key:
436
436
  specification_version: 4
437
437
  summary: Doorkeeper is an OAuth 2 provider for Rails.