rack-protection 1.1.2 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of rack-protection might be problematic. Click here for more details.

Files changed (5) hide show
  1. data/lib/rack/protection/session_hijacking.rb +1 -2
  2. data/lib/rack/protection/version.rb +1 -1
  3. data/rack-protection.gemspec +1 -1
  4. data/spec/session_hijacking_spec.rb +2 -2
  5. metadata +8 -8
data/lib/rack/protection/session_hijacking.rb CHANGED
@@ -14,8 +14,7 @@ module Rack
14
14
  class SessionHijacking < Base
15
15
  default_reaction :drop_session
16
16
  default_options :tracking_key => :tracking, :encrypt_tracking => true,
17
- :track => %w[HTTP_USER_AGENT HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE
18
- HTTP_VERSION]
17
+ :track => %w[HTTP_USER_AGENT HTTP_ACCEPT_ENCODING HTTP_ACCEPT_LANGUAGE]
19
18
 
20
19
  def accepts?(env)
21
20
  session = session env
data/lib/rack/protection/version.rb CHANGED
@@ -4,7 +4,7 @@ module Rack
4
4
  VERSION
5
5
  end
6
6
 
7
- SIGNATURE = [1, 1, 2]
7
+ SIGNATURE = [1, 1, 3]
8
8
  VERSION = SIGNATURE.join('.')
9
9
 
10
10
  VERSION.extend Comparable
data/rack-protection.gemspec CHANGED
@@ -2,7 +2,7 @@
2
2
  Gem::Specification.new do |s|
3
3
  # general infos
4
4
  s.name = "rack-protection"
5
- s.version = "1.1.2"
5
+ s.version = "1.1.3"
6
6
  s.description = "You should use protection!"
7
7
  s.homepage = "http://github.com/rkh/rack-protection"
8
8
  s.summary = s.description
data/spec/session_hijacking_spec.rb CHANGED
@@ -31,10 +31,10 @@ describe Rack::Protection::SessionHijacking do
31
31
  session.should be_empty
32
32
  end
33
33
 
34
- it "denies requests with a changing Version header"do
34
+ it "accepts requests with a changing Version header"do
35
35
  session = {:foo => :bar}
36
36
  get '/', {}, 'rack.session' => session, 'HTTP_VERSION' => '1.0'
37
37
  get '/', {}, 'rack.session' => session, 'HTTP_VERSION' => '1.1'
38
- session.should be_empty
38
+ session[:foo].should == :bar
39
39
  end
40
40
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-protection
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.2
4
+ version: 1.1.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -12,11 +12,11 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2011-10-01 00:00:00.000000000Z
15
+ date: 2011-10-04 00:00:00.000000000Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: rack
19
- requirement: &2152912960 !ruby/object:Gem::Requirement
19
+ requirement: &2152903320 !ruby/object:Gem::Requirement
20
20
  none: false
21
21
  requirements:
22
22
  - - ! '>='
@@ -24,10 +24,10 @@ dependencies:
24
24
  version: '0'
25
25
  type: :runtime
26
26
  prerelease: false
27
- version_requirements: *2152912960
27
+ version_requirements: *2152903320
28
28
  - !ruby/object:Gem::Dependency
29
29
  name: rack-test
30
- requirement: &2152911920 !ruby/object:Gem::Requirement
30
+ requirement: &2152902460 !ruby/object:Gem::Requirement
31
31
  none: false
32
32
  requirements:
33
33
  - - ! '>='
@@ -35,10 +35,10 @@ dependencies:
35
35
  version: '0'
36
36
  type: :development
37
37
  prerelease: false
38
- version_requirements: *2152911920
38
+ version_requirements: *2152902460
39
39
  - !ruby/object:Gem::Dependency
40
40
  name: rspec
41
- requirement: &2152909740 !ruby/object:Gem::Requirement
41
+ requirement: &2152901540 !ruby/object:Gem::Requirement
42
42
  none: false
43
43
  requirements:
44
44
  - - ~>
@@ -46,7 +46,7 @@ dependencies:
46
46
  version: '2.0'
47
47
  type: :development
48
48
  prerelease: false
49
- version_requirements: *2152909740
49
+ version_requirements: *2152901540
50
50
  description: You should use protection!
51
51
  email:
52
52
  - konstantin.mailinglists@googlemail.com