kotovalexarian-likes-github/puma--puma
1
0
Fork 0
mirror of https://github.com/puma/puma.git synced 2022-11-09 13:48:40 -05:00
Code Releases Activity
3773 commits 39 branches 142 tags 14 MiB
Commit graph

7 commits

Author SHA1 Message Date
MSP-Greg
b6ef31ef7d
[bug] Fixup SERVER_PROTOCOL & HTTP_VERSION headers (#2871) 
* Fixup SERVER_PROTOCOL & HTTP_VERSION headers

HTTP_VERSION header can be defined by a client, but it's also used by Rack, Rails, Sinatra, etc.  Change c/ragel code to set SERVER_PROTOCOL to the HTTP protocol defined by the request 'first line', and for now, set HTTP_VERSION to the same.

Note that previously SERVER_PROTOCOL was set to http/1.1, which has been since the start of Puma.

* Tests - replace HTTP_VERSION with SERVER_PROTOCOL
 2022-09-09 21:05:19 -05:00
Nate Berkopec
dc76d95bb7
HTTP header field values: Allow all octets to be passed in as obscure data (#2723) 2021-10-12 17:05:25 -06:00
Nate Berkopec
acdc3ae571
Merge pull request from GHSA-48w2-rm65-62xx 
* Fix HTTP request smuggling vulnerability

See GHSA-48w2-rm65-62xx or CVE-2021-41136 for more info.

* 4.3.9 release note

* 5.5.1 release note

* 5.5.1
 2021-10-12 08:38:40 -06:00
David Costa
beab7f01b8 Allow semicolon in url-path (#1934) 
* Allow unquoted semicolon in URL path

* Add test about semicolon

* Regenerate grammar to allow semicolon in request_path
 2019-08-28 17:08:01 +00:00
Evan Phoenix
806e46f72a Allow a bare % in a query string. Fixes #958 2016-04-22 17:06:18 -07:00
Evan Phoenix
3726b7ef19 Change parser symbol names to avoid clash. Fixes #179 2013-07-18 11:22:18 -07:00
Evan Phoenix
40dac162a2 Change name of parser extension to puma_http11 2011-10-04 20:35:50 -07:00
Renamed from ext/http11/http11_parser_common.rl (Browse further)