From c2018b4b7b50b1c4aa89ff61cf0099229c3669a1 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Sun, 13 Sep 2009 05:56:30 -0700 Subject: Shush, rexml --- activesupport/lib/active_support/core_ext/rexml.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'activesupport/lib/active_support/core_ext/rexml.rb') diff --git a/activesupport/lib/active_support/core_ext/rexml.rb b/activesupport/lib/active_support/core_ext/rexml.rb index decc4f6d9c..8fde1553f6 100644 --- a/activesupport/lib/active_support/core_ext/rexml.rb +++ b/activesupport/lib/active_support/core_ext/rexml.rb @@ -5,11 +5,11 @@ require 'rexml/rexml' # Earlier versions of rexml defined REXML::Version, newer ones REXML::VERSION unless (defined?(REXML::VERSION) ? REXML::VERSION : REXML::Version) > "3.1.7.2" - require 'rexml/document' + silence_warnings { require 'rexml/document' } # REXML in 1.8.7 has the patch but early patchlevels didn't update Version from 3.1.7.2. unless REXML::Document.respond_to?(:entity_expansion_limit=) - require 'rexml/entity' + silence_warnings { require 'rexml/entity' } module REXML #:nodoc: class Entity < Child #:nodoc: -- cgit v1.2.3 From 3b325d624ccb5b390356d61a3ba72f09709066a4 Mon Sep 17 00:00:00 2001 From: Joshua Peek Date: Sun, 13 Sep 2009 10:53:12 -0500 Subject: require reporting before attempting to "shush" --- activesupport/lib/active_support/core_ext/rexml.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'activesupport/lib/active_support/core_ext/rexml.rb') diff --git a/activesupport/lib/active_support/core_ext/rexml.rb b/activesupport/lib/active_support/core_ext/rexml.rb index 8fde1553f6..5288b639a6 100644 --- a/activesupport/lib/active_support/core_ext/rexml.rb +++ b/activesupport/lib/active_support/core_ext/rexml.rb @@ -1,3 +1,5 @@ +require 'active_support/core_ext/kernel/reporting' + # Fixes the rexml vulnerability disclosed at: # http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ # This fix is identical to rexml-expansion-fix version 1.0.1 -- cgit v1.2.3