diff options
| author | Aaron Patterson <aaron.patterson@gmail.com> | 2016-07-14 10:40:58 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-07-14 10:40:58 -0700 |
| commit | b866be168049ea96444087046f4fca7bd64d618b (patch) | |
| tree | 0bfaa2eeb07129d446ff8441ab9d4354806e7391 /actionpack/CHANGELOG.md | |
| parent | ea31bdd7c8b1221d97de2392ac22d9c5fb8657d5 (diff) | |
| parent | 9f38a3fb0c9c71102da283b014503ccad92da581 (diff) | |
| download | rails-b866be168049ea96444087046f4fca7bd64d618b.tar.gz rails-b866be168049ea96444087046f4fca7bd64d618b.tar.bz2 rails-b866be168049ea96444087046f4fca7bd64d618b.zip | |
Merge pull request #25816 from greysteil/check-path-param-encoding
Check `request.path_parameters` encoding at the point they're set
Diffstat (limited to 'actionpack/CHANGELOG.md')
| -rw-r--r-- | actionpack/CHANGELOG.md | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 1bb37d661a..1aeb58a612 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,13 @@ +* Check `request.path_parameters` encoding at the point they're set + + Check for any non-UTF8 characters in path parameters at the point they're + set in `env`. Previously they were checked for when used to get a controller + class, but this meant routes that went directly to a Rack app, or skipped + controller instantiation for some other reason, had to defend against + non-UTF8 characters themselves. + + *Grey Baker* + * Don't raise ActionController::UnknownHttpMethod from ActionDispatch::Static Pass `Rack::Request` objects to `ActionDispatch::FileHandler` to avoid it |