From 3b598ec23584aba30010ef9b186599776f088f86 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Valim?= <jose.valim@plataformatec.com.br>
Date: Wed, 13 Nov 2013 14:00:04 +0100
Subject: [PATCH] Release v3.2.1

---
 CHANGELOG.md                             | 3 +++
 Gemfile.lock                             | 2 +-
 gemfiles/Gemfile.rails-3.2.x.lock        | 2 +-
 lib/devise/controllers/store_location.rb | 2 +-
 lib/devise/version.rb                    | 2 +-
 5 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cc9c559a..266d23b0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,11 +1,14 @@
 ### 3.2.1
 
+Security announcement: http://blog.plataformatec.com.br/2013/11/e-mail-enumeration-in-devise-in-paranoid-mode
+
 * enhancements
   * Add `store_location_for` helper and ensure it is safe (by @matthewrudy and @homakov)
   * Add `yield` around resource methods in Devise controllers (by @edelpero)
 
 * bug fix
   * Bring `password_digest` back to fix compatibility with `devise-encryptable`
+  * Avoid e-mail enumeration on sign in when in paranoid mode
 
 ### 3.2.0
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 66eedb27..1f621ea7 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -12,7 +12,7 @@ GIT
 PATH
   remote: .
   specs:
-    devise (3.2.0)
+    devise (3.2.1)
       bcrypt-ruby (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 3.2.6, < 5)
diff --git a/gemfiles/Gemfile.rails-3.2.x.lock b/gemfiles/Gemfile.rails-3.2.x.lock
index 717a99f2..eb1e0187 100644
--- a/gemfiles/Gemfile.rails-3.2.x.lock
+++ b/gemfiles/Gemfile.rails-3.2.x.lock
@@ -1,7 +1,7 @@
 PATH
   remote: ..
   specs:
-    devise (3.2.0)
+    devise (3.2.1)
       bcrypt-ruby (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 3.2.6, < 5)
diff --git a/lib/devise/controllers/store_location.rb b/lib/devise/controllers/store_location.rb
index b83fbb9a..c1592831 100644
--- a/lib/devise/controllers/store_location.rb
+++ b/lib/devise/controllers/store_location.rb
@@ -33,7 +33,7 @@ module Devise
       #
       def store_location_for(resource_or_scope, location)
         session_key = stored_location_key_for(resource_or_scope)
-        session[session_key] = URI.parse(location).path
+        session[session_key] = URI.parse(location).path if location
       end
 
       private
diff --git a/lib/devise/version.rb b/lib/devise/version.rb
index e2dd4c3b..42db40a6 100644
--- a/lib/devise/version.rb
+++ b/lib/devise/version.rb
@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "3.2.0".freeze
+  VERSION = "3.2.1".freeze
 end