RubyGems - rack-mini-profiler - Versions diffs - 1.1.0 → 1.1.1 - Mend

rack-mini-profiler 1.1.0 → 1.1.1

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b2764a7d1387cba061653cb89ddd4088ce5c4f83c8b094e0798378d45b3c7f8c
-  data.tar.gz: 5bd9f160a6b95d203f5a23226023a5f5f415e9eace61a3244858b9954e08f818
+  metadata.gz: 218654859652cf8b2880281028b2e9038fc98729179e69d18a50d6a551db74ca
+  data.tar.gz: 1327b7e9be36b375167d3cb4545559f3bce7913cddf8dd7983a629629fcc6f97
 SHA512:
-  metadata.gz: 100fb4ccda742c715ea51c7c8b52c427bdc2a368feffadada41a00af108258e348f018336afb51f591a7df1866a4a15fce587d9edaf1f0fd71928f53511c96b6
-  data.tar.gz: 274f3325b95217b956e7b997a7098698e7697e9f5907305167244935ac82fcbe4cbe54e4adf7330967b01452f39be0e867576d61ae76a6096daa8dca97049b5d
+  metadata.gz: cc46de1991564f624ed3ba1ce5176c1ffeebf3602f7372c4b0e3349d3caa145cd9eb60442fc84450cb1d6bc4e2f106f47119ff9b684e71779bbd47aedf3365d8
+  data.tar.gz: bb01320c9d1aa42aa963b1b4a957912d40b25314973403d26db61fec2f3b413cc62ecd2afafb74f3c5c74d43de7fb595ead352c596f98fd947be082ec608f7ca

data/CHANGELOG.md CHANGED Viewed

@@ -1,11 +1,16 @@
 # CHANGELOG
+## 1.1.1 2019-22-10
+- [FIX] correct JavaScript fetch support header iteration (Jorge Manrubia)
 ## 1.1.0 2019-10-01
 - [FEATURE] remove jQuery dependency, switch template library to dot.js
 - [FEATURE] disable all sensitive debugging methods by default (env, memory profiling) can be enabled with enable_advanced_debugging_tools.
 - [FIX] when conditionally requiring rack mini profiler, asset precompile could fail
 - [FEATURE] `/rack-mini-profiler/requests` can be used to monitor all requests for apps that do not have a UI (like API apps)
+- [SECURITY] XSS injection in `?pp=help` via rogue uri
 ## 1.0.2 2019-02-05

data/lib/html/includes.js CHANGED Viewed

@@ -851,8 +851,7 @@ var MiniProfiler = (function() {
           try {
             // look for x-mini-profile-ids
             var entries = response.headers.entries();
-            for (var i = 0; i < entries.length; i++) {
-              var pair = entries[i];
+            for (var pair of entries) {
               if (pair[0] && pair[0].toLowerCase() == "x-miniprofiler-ids") {
                 var ids = pair[1].split(",");
                 fetchResults(ids);

data/lib/mini_profiler/asset_version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 module Rack
   class MiniProfiler
-    ASSET_VERSION = '0ade3000608cde95db93022b6576d63a'
+    ASSET_VERSION = '78c6284a16ddee0a374b89ee28505049'
   end
 end

data/lib/mini_profiler/storage/memcache_store.rb CHANGED Viewed

@@ -10,8 +10,10 @@ module Rack
       def initialize(args = nil)
         require 'dalli' unless defined? Dalli
         args ||= {}
         @prefix = args[:prefix] || "MPMemcacheStore"
         @prefix += "-#{Rack::MiniProfiler::VERSION}"
         @client             = args[:client]     || Dalli::Client.new
         @expires_in_seconds = args[:expires_in] || EXPIRES_IN_SECONDS
       end

data/lib/mini_profiler/storage/memory_store.rb CHANGED Viewed

@@ -58,7 +58,7 @@ module Rack
       end
       def initialize_locks
-        @token_lock = Mutex.new
+        @token_lock         = Mutex.new
         @timer_struct_lock  = Mutex.new
         @user_view_lock     = Mutex.new
         @timer_struct_cache = {}

data/lib/mini_profiler/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Rack
   class MiniProfiler
-    VERSION = '1.1.0'
+    VERSION = '1.1.1'
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rack-mini-profiler
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.1
 platform: ruby
 authors:
 - Sam Saffron
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-10-01 00:00:00.000000000 Z
+date: 2019-10-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack