scenejs_on_rails 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/app/views/scenejs/get_scenejs_data.html.erb +0 -3
- data/lib/scenejs_on_rails/version.rb +1 -1
- data/vendor/assets/javascripts/scenejs.js +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7ef4685eacf677a1b60cece6698b99996750fb24
|
|
4
|
+
data.tar.gz: 5303008d1a8534280f568adabe43760cd56f0198
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7b644d485c3c539b0646a56ad33d0bc09b72d45f211e89b1095cc83fc226ad9436269f54f43871a940089f0480f643f75fb738fbc2bd495348dea03c17a8cf5e
|
|
7
|
+
data.tar.gz: f28d2ac3a1409a1039bb345e41fe40e78e2c9ee1eab8dd666d2a05f2f08f84b80db76e21f9455e19e48a218b3f460b05cf9dc42e1801d6c1860b377933743410
|
data/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Scenejs On Rails
|
|
2
2
|
## Plugins last updated October 24th, 2013
|
|
3
3
|
|
|
4
|
-
First off, if you dont know about [Scenejs](http://scenejs.org/)
|
|
4
|
+
First off, if you dont know about [Scenejs](http://scenejs.org/), go take a look so you can appreciate what this gem does.
|
|
5
5
|
|
|
6
6
|
For the informed, this gem allows you to utilize scenejs and all of its plugin glory within rails WITHOUT having to load all
|
|
7
7
|
of its javascript files into your asset pipeline. If you are fine with scenejs.org hosting your files AND not being able to
|
|
@@ -109,7 +109,7 @@ ActionController::RoutingError error.
|
|
|
109
109
|
|
|
110
110
|
If you want to link to a image within a plugin you made you should set this in your init function
|
|
111
111
|
```javascript
|
|
112
|
-
SceneJS.Types.addType("objects/
|
|
112
|
+
SceneJS.Types.addType("objects/space/my_planets/awesome_sun", {
|
|
113
113
|
|
|
114
114
|
init:function (params) {
|
|
115
115
|
|
|
@@ -142,7 +142,7 @@ If you plan on using images / whatever as textures within an init file (somethin
|
|
|
142
142
|
## Vulnerability via looking for the files?
|
|
143
143
|
|
|
144
144
|
For the security minded, the scenejs controller figures out where to find its files from params[:file] then searching in two possible locations for that data.
|
|
145
|
-
As the location
|
|
145
|
+
As the location parser uses File.join() it was possible for an attacker to use '..' to dig up files they are not meant to find. This has been prevented through
|
|
146
146
|
statements that scan the params[:file] string. If this occurs, the controller will raise a ActionController::UnpermittedParameters error. This will never occur
|
|
147
147
|
normally.
|
|
148
148
|
|
|
@@ -17304,4 +17304,4 @@ SceneJS_ChunkFactory.createChunkType({
|
|
|
17304
17304
|
ctx.modelMat = this.core.mat;
|
|
17305
17305
|
}
|
|
17306
17306
|
});
|
|
17307
|
-
SceneJS.configure({ pluginPath: (((location.protocol.length === 0) ? 'http://' : (location.protocol + '//')) + location.host + '/scenejs/get_scenejs_data?file=') });
|
|
17307
|
+
SceneJS.configure({ pluginPath: (((location.protocol.length === 0) ? 'http://' : (location.protocol + '//')) + location.host + '/scenejs/get_scenejs_data.js?file=') });
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: scenejs_on_rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Louis Alridge
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-
|
|
11
|
+
date: 2013-11-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|