RubyGems - rack-protection - Versions diffs - 1.5.3 → 1.5.4 - Mend

rack-protection 1.5.3 → 1.5.4

This version of rack-protection might be problematic. Click here for more details.

Files changed (5) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 738b46a37db596fd6ab75ccccfcf98b8530684d5
-  data.tar.gz: ba76d3a2e8e5f5ec8493acf43980325a5a2bfb55
+  metadata.gz: 71f8780cd91d2ec881c8622094bde958d462c694
+  data.tar.gz: 803060435de3c98a1b45c07b48e60a4eefda8a54
 SHA512:
-  metadata.gz: 3c88e6d4d2bcb83aa35327db0bf8d1ef7e0057579573e305958a99cdb642bffab66009e73404322be636bc3860c0acbd58fc6c15a6dda8d55948713ef28fbae4
-  data.tar.gz: 651bf843d47d99accab655195673ae835d266602845edb8fadd913c7bff8677636c0b2db825ea0e087309b6d62f89035d503eccf6e698c2d11c625150eccb111
+  metadata.gz: 9b88c68b897647193d934418a72f370df60058efb59a9d96e3421efb5989e7d76379a048293c3b9abea043fb4a89cf83b5f4d6972b81233143c6d23b6dfad190
+  data.tar.gz: 92343bb6e7ffcdf6ffa35ccc3d324ca3a18d751ae10cad03c7baa6a5f8b5cacca9a4e3424a5effd1235fbc2f0783a9cef3ad218054e8d270bd1c6be6cd7e660c

@@ -24,14 +24,17 @@ module Rack
           encoding = path.encoding
           dot   = '.'.encode(encoding)
           slash = '/'.encode(encoding)
+          backslash = '\\'.encode(encoding)
         else
           # Ruby 1.8
           dot   = '.'
           slash = '/'
+          backslash = '\\'
         end
         parts     = []
-        unescaped = path.gsub(/%2e/i, dot).gsub(/%2f/i, slash)
+        unescaped = path.gsub(/%2e/i, dot).gsub(/%2f/i, slash).gsub(/%5c/i, backslash)
+        unescaped = unescaped.gsub(backslash, slash)
         unescaped.split(slash).each do |part|
           next if part.empty? or part == dot

@@ -4,7 +4,7 @@ module Rack
       VERSION
     end
-    SIGNATURE = [1, 5, 3]
+    SIGNATURE = [1, 5, 4]
     VERSION   = SIGNATURE.join('.')
     VERSION.extend Comparable

data/rack-protection.gemspec CHANGED

@@ -2,7 +2,7 @@
 Gem::Specification.new do |s|
   # general infos
   s.name        = "rack-protection"
-  s.version     = "1.5.3"
+  s.version     = "1.5.4"
   s.description = "You should use protection!"
   s.homepage    = "http://github.com/rkh/rack-protection"
   s.summary     = s.description

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rack-protection
 version: !ruby/object:Gem::Version
-  version: 1.5.3
+  version: 1.5.4
 platform: ruby
 authors:
 - Konstantin Haase
@@ -35,7 +35,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-04-08 00:00:00.000000000 Z
+date: 2018-02-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -168,9 +168,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.0.14
+rubygems_version: 2.6.8
 signing_key:
 specification_version: 4
 summary: You should use protection!
 test_files: []
-has_rdoc: