kotovalexarian-likes-github/puma--puma
1
0
Fork 0
mirror of https://github.com/puma/puma.git synced 2022-11-09 13:48:40 -05:00
Code Releases Activity
puma--puma/test/rackup/realistic_response.ru
Nate Berkopec c36491756f
Merge pull request from GHSA-84j7-475p-hp8v 
header value could inject a CR or LF and inject their own HTTP response.
2020-02-27 11:52:27 -06:00

11 lines
252 B
Ruby
Raw Blame History

require 'securerandom'
long_header_hash = {}
25.times do |i|
long_header_hash["X-My-Header-#{i}"] = SecureRandom.hex(25)
end
response = SecureRandom.hex(100_000) # A 100kb document
run lambda { |env| [200, long_header_hash.dup, [response.dup]] }
View git blame Copy permalink