diff options
| author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-02-18 16:12:51 -0300 |
|---|---|---|
| committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-02-18 16:12:51 -0300 |
| commit | 33cb47ee488b2381d87f5bb36818cae5fa76c22e (patch) | |
| tree | 8f85e606fc4c0a46475dbbc03f49c64eab674c03 /actionview/lib | |
| parent | 1879c259b870938c42d5d52f63123bfa0b8c81c8 (diff) | |
| download | rails-33cb47ee488b2381d87f5bb36818cae5fa76c22e.tar.gz rails-33cb47ee488b2381d87f5bb36818cae5fa76c22e.tar.bz2 rails-33cb47ee488b2381d87f5bb36818cae5fa76c22e.zip | |
Use the reference for the mime type to get the format
Before we were calling to_sym in the mime type, even when it is unknown
what can cause denial of service since symbols are not removed by the
garbage collector.
Fixes: CVE-2014-0082
Diffstat (limited to 'actionview/lib')
| -rw-r--r-- | actionview/lib/action_view/template/html.rb | 2 | ||||
| -rw-r--r-- | actionview/lib/action_view/template/text.rb | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/actionview/lib/action_view/template/html.rb b/actionview/lib/action_view/template/html.rb index 282da1a8a2..0321f819b5 100644 --- a/actionview/lib/action_view/template/html.rb +++ b/actionview/lib/action_view/template/html.rb @@ -27,7 +27,7 @@ module ActionView #:nodoc: end def formats - [@type.to_sym] + [@type.respond_to?(:ref) ? @type.ref : @type.to_s] end end end diff --git a/actionview/lib/action_view/template/text.rb b/actionview/lib/action_view/template/text.rb index 859c7bc3ce..04f5b8d17a 100644 --- a/actionview/lib/action_view/template/text.rb +++ b/actionview/lib/action_view/template/text.rb @@ -27,7 +27,7 @@ module ActionView #:nodoc: end def formats - [@type.to_sym] + [@type.respond_to?(:ref) ? @type.ref : @type.to_s] end end end |