diff options
author | Gannon McGibbon <gannon.mcgibbon@gmail.com> | 2018-11-08 14:45:06 -0500 |
---|---|---|
committer | Gannon McGibbon <gannon.mcgibbon@gmail.com> | 2019-01-17 13:28:14 -0500 |
commit | 9dde7d8de047b55ec636c4c7cba89ec95324d492 (patch) | |
tree | 5afafc7ecef072ad779664827355cb0e91cc3768 /actionpack/CHANGELOG.md | |
parent | 9e34df00039d63b5672315419e76f06f80ef3dc4 (diff) | |
download | rails-9dde7d8de047b55ec636c4c7cba89ec95324d492.tar.gz rails-9dde7d8de047b55ec636c4c7cba89ec95324d492.tar.bz2 rails-9dde7d8de047b55ec636c4c7cba89ec95324d492.zip |
Ensure external redirects are explicitly allowed
Add `fallback_location` and `allow_other_host` options to `redirect_to`.
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r-- | actionpack/CHANGELOG.md | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 1457794354..2000be688f 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,9 @@ +* Ensure external redirects are explicitly allowed + + Add `fallback_location` and `allow_other_host` options to `redirect_to`. + + *Gannon McGibbon* + * Introduce ActionDispatch::HostAuthorization This is a new middleware that guards against DNS rebinding attacks by |