pkgsrc/www/ruby-rack-ssl/distinfo
taca 5dc1476069 Update ruby-rack-ssl to 1.4.1.
* As per spec, don't include STS header in non-https responses
* Handle bad URIs gracefully.

  Some adapters (i.e. jruby-rack) will pass through bad URIs, then display
  the resulting exception. This creates an attack vector for XSS attacks.

* Added more installation/usage instructions into the README

* Return 400 instead of 404 in case of InvalidURIError

* Include Content-Type in 400 response.
  To stay compatible with old Rack versions.

* Skip URI parsing Request#url
  URI may fail to parse some legit URL paths.
2015-03-13 17:31:37 +00:00

5 lines
235 B
Text

$NetBSD: distinfo,v 1.4 2015/03/13 17:31:37 taca Exp $
SHA1 (rack-ssl-1.4.1.gem) = 87f2fb53c6882436b8d522288993d658dc7025ce
RMD160 (rack-ssl-1.4.1.gem) = ec435a9c691245fa77d4f0f5a60d57707b0353a1
Size (rack-ssl-1.4.1.gem) = 6144 bytes