rack-bouncer 1.2 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +1 -1
- data/lib/rack/bouncer.rb +2 -2
- data/test/lib/rack/bouncer_test.rb +3 -3
- metadata +3 -2
data/README.md
CHANGED
@@ -30,7 +30,7 @@ You can even specify a minimum version of IE like so:
|
|
30
30
|
|
31
31
|
You can even specify a set of safe paths:
|
32
32
|
|
33
|
-
use Rack::Bouncer, :safe_paths => ["/
|
33
|
+
use Rack::Bouncer, :safe_paths => ["/asset", "/images", "/stylesheets", "/javascripts", "/feedback"]
|
34
34
|
|
35
35
|
*NOTE:* By default, the above paths are safe already.
|
36
36
|
|
data/lib/rack/bouncer.rb
CHANGED
@@ -2,10 +2,10 @@
|
|
2
2
|
|
3
3
|
module Rack
|
4
4
|
class Bouncer
|
5
|
-
VERSION = "1.2"
|
5
|
+
VERSION = "1.2.1"
|
6
6
|
|
7
7
|
DEFAULT_OPTIONS = {
|
8
|
-
:safe_paths => ["/
|
8
|
+
:safe_paths => ["/asset", "/images", "/stylesheets", "/javascripts", "/feedback"],
|
9
9
|
:redirect => "http://browsehappy.com/",
|
10
10
|
:minimum_ie => 8.0
|
11
11
|
}
|
@@ -18,11 +18,11 @@ end
|
|
18
18
|
class Rack::Bouncer::Test < MiniTest::Unit::TestCase
|
19
19
|
|
20
20
|
def test_version
|
21
|
-
assert_equal "1.2", Rack::Bouncer::VERSION
|
21
|
+
assert_equal "1.2.1", Rack::Bouncer::VERSION
|
22
22
|
end
|
23
23
|
|
24
24
|
def test_default_safe_paths
|
25
|
-
expected = ["/
|
25
|
+
expected = ["/asset", "/images", "/stylesheets", "/javascripts", "/feedback"]
|
26
26
|
assert_equal expected, Rack::Bouncer::DEFAULT_OPTIONS[:safe_paths]
|
27
27
|
end
|
28
28
|
|
@@ -228,7 +228,7 @@ class Rack::Bouncer::Test < MiniTest::Unit::TestCase
|
|
228
228
|
|
229
229
|
def test_allows_assets_path
|
230
230
|
request = create_request
|
231
|
-
response = request.get("/
|
231
|
+
response = request.get("/asset", {"HTTP_USER_AGENT" => "Mozilla/4.0 (MSIE 6.0; Windows NT 5.1)" })
|
232
232
|
assert_equal 200, response.status
|
233
233
|
assert_equal "Hi Internets!", response.body
|
234
234
|
end
|
metadata
CHANGED