doorkeeper 1.4.1 → 1.4.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3980ae7bb2071ab9aa5f29952fc42fd5b04c0d7e
4
- data.tar.gz: 71725d944d80d72391f12ab12056f28ae3a6e963
3
+ metadata.gz: d2d7cab21593e8a332814e94eb9a6ea9dec17a4e
4
+ data.tar.gz: 36510e1c2ba3eb2d251b673cd255a55658bac713
5
5
  SHA512:
6
- metadata.gz: 48254ea12523bc9c00a1e07b512987357887453d490f9dac13b1266044c674fb713089abacb3e8213b5d1e8f1038d82d4ad8a9024f6cc9be93b11a679203d935
7
- data.tar.gz: fa222e77888ed9373bb60e50981ba91bfeb301f548b4c8a0286593a94a6cb358a23acde563b91fde38b07e23c37b523f86c93b1b6f1bc6c18218b83d13dfa8c9
6
+ metadata.gz: fae688f8c62919746f491bf310785b8e7ae2d7af3095cb2b09fcab1bc6ac73bc8dfdb57d67c474369a27a5c1135876f98a15bd18a2feb7e7c39d62953e23a9bd
7
+ data.tar.gz: 10c7f4395f915b88982a93f9bb5a6e8f5f57e6577752281b971be705707af84af2ae6ab2caf7d191a06deb3efbf4878ac66fd187e7427a14354b279e2db20c8b
@@ -2,6 +2,16 @@
2
2
 
3
3
  ## master
4
4
 
5
+ ## 1.4.2
6
+
7
+ - [#576] Backported to 1.4.X branch. Filters out sensitive parameters from logs.
8
+
9
+
10
+ ## 1.4.1
11
+
12
+ - Fixes CSRF vulnerability
13
+
14
+
5
15
  ## 1.4.0
6
16
 
7
17
  - internals
@@ -1,5 +1,9 @@
1
1
  module Doorkeeper
2
2
  class Engine < Rails::Engine
3
+ initializer "doorkeeper.params.filter" do |app|
4
+ app.config.filter_parameters += [:client_secret, :code, :token]
5
+ end
6
+
3
7
  initializer 'doorkeeper.routes' do
4
8
  Doorkeeper::Rails::Routes.warn_if_using_mount_method!
5
9
  Doorkeeper::Rails::Routes.install!
@@ -1,3 +1,3 @@
1
1
  module Doorkeeper
2
- VERSION = '1.4.1'
2
+ VERSION = '1.4.2'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.1
4
+ version: 1.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Felipe Elias Philipp
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-12-17 00:00:00.000000000 Z
12
+ date: 2015-03-03 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: railties
@@ -431,7 +431,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
431
431
  version: '0'
432
432
  requirements: []
433
433
  rubyforge_project:
434
- rubygems_version: 2.2.2
434
+ rubygems_version: 2.4.5
435
435
  signing_key:
436
436
  specification_version: 4
437
437
  summary: Doorkeeper is an OAuth 2 provider for Rails.