aboutsummaryrefslogtreecommitdiffstats
path: root/activemodel/lib/active_model.rb
diff options
context:
space:
mode:
authorMichael Koziarski <michael@koziarski.com>2008-10-14 11:37:59 +0200
committerMichael Koziarski <michael@koziarski.com>2008-10-19 15:24:18 +0200
commitba80ff74a9627f676b4c426587ce5ea487665e46 (patch)
tree6b2c92007c38ca274ea45d8dd52f401b81ae44e6 /activemodel/lib/active_model.rb
parentde0ed534f6055c365d05c685582edeceef1eafa6 (diff)
downloadrails-ba80ff74a9627f676b4c426587ce5ea487665e46.tar.gz
rails-ba80ff74a9627f676b4c426587ce5ea487665e46.tar.bz2
rails-ba80ff74a9627f676b4c426587ce5ea487665e46.zip
Sanitize the URLs passed to redirect_to to prevent a potential response splitting attack.
CGI.rb and mongrel don't do any sanitization of the contents of HTTP headers, so care needs to be taken.
Diffstat (limited to 'activemodel/lib/active_model.rb')
0 files changed, 0 insertions, 0 deletions