rack-protection 1.1.2 → 1.1.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of rack-protection might be problematic. Click here for more details.

@@ -14,8 +14,7 @@ module Rack
14
14
  class SessionHijacking < Base
15
15
  default_reaction :drop_session
16
16
  default_options :tracking_key => :tracking, :encrypt_tracking => true,
17
- :track => %w[HTTP_USER_AGENT HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE
18
- HTTP_VERSION]
17
+ :track => %w[HTTP_USER_AGENT HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE]
19
18
 
20
19
  def accepts?(env)
21
20
  session = session env
@@ -4,7 +4,7 @@ module Rack
4
4
  VERSION
5
5
  end
6
6
 
7
- SIGNATURE = [1, 1, 2]
7
+ SIGNATURE = [1, 1, 3]
8
8
  VERSION = SIGNATURE.join('.')
9
9
 
10
10
  VERSION.extend Comparable
@@ -2,7 +2,7 @@
2
2
  Gem::Specification.new do |s|
3
3
  # general infos
4
4
  s.name = "rack-protection"
5
- s.version = "1.1.2"
5
+ s.version = "1.1.3"
6
6
  s.description = "You should use protection!"
7
7
  s.homepage = "http://github.com/rkh/rack-protection"
8
8
  s.summary = s.description
@@ -31,10 +31,10 @@ describe Rack::Protection::SessionHijacking do
31
31
  session.should be_empty
32
32
  end
33
33
 
34
- it "denies requests with a changing Version header"do
34
+ it "accepts requests with a changing Version header"do
35
35
  session = {:foo => :bar}
36
36
  get '/', {}, 'rack.session' => session, 'HTTP_VERSION' => '1.0'
37
37
  get '/', {}, 'rack.session' => session, 'HTTP_VERSION' => '1.1'
38
- session.should be_empty
38
+ session[:foo].should == :bar
39
39
  end
40
40
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-protection
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.2
4
+ version: 1.1.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -12,11 +12,11 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2011-10-01 00:00:00.000000000Z
15
+ date: 2011-10-04 00:00:00.000000000Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: rack
19
- requirement: &2152912960 !ruby/object:Gem::Requirement
19
+ requirement: &2152903320 !ruby/object:Gem::Requirement
20
20
  none: false
21
21
  requirements:
22
22
  - - ! '>='
@@ -24,10 +24,10 @@ dependencies:
24
24
  version: '0'
25
25
  type: :runtime
26
26
  prerelease: false
27
- version_requirements: *2152912960
27
+ version_requirements: *2152903320
28
28
  - !ruby/object:Gem::Dependency
29
29
  name: rack-test
30
- requirement: &2152911920 !ruby/object:Gem::Requirement
30
+ requirement: &2152902460 !ruby/object:Gem::Requirement
31
31
  none: false
32
32
  requirements:
33
33
  - - ! '>='
@@ -35,10 +35,10 @@ dependencies:
35
35
  version: '0'
36
36
  type: :development
37
37
  prerelease: false
38
- version_requirements: *2152911920
38
+ version_requirements: *2152902460
39
39
  - !ruby/object:Gem::Dependency
40
40
  name: rspec
41
- requirement: &2152909740 !ruby/object:Gem::Requirement
41
+ requirement: &2152901540 !ruby/object:Gem::Requirement
42
42
  none: false
43
43
  requirements:
44
44
  - - ~>
@@ -46,7 +46,7 @@ dependencies:
46
46
  version: '2.0'
47
47
  type: :development
48
48
  prerelease: false
49
- version_requirements: *2152909740
49
+ version_requirements: *2152901540
50
50
  description: You should use protection!
51
51
  email:
52
52
  - konstantin.mailinglists@googlemail.com