mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Fix typo "can exploited" with "can be exploited"
This commit is contained in:
parent
b014b4e8cf
commit
0960716d38
1 changed files with 1 additions and 1 deletions
|
@ -268,7 +268,7 @@ def legacy
|
||||||
end
|
end
|
||||||
```
|
```
|
||||||
|
|
||||||
This will redirect the user to the main action if he tried to access a legacy action. The intention was to preserve the URL parameters to the legacy action and pass them to the main action. However, it can exploited by an attacker if he includes a host key in the URL:
|
This will redirect the user to the main action if he tried to access a legacy action. The intention was to preserve the URL parameters to the legacy action and pass them to the main action. However, it can be exploited by an attacker if he includes a host key in the URL:
|
||||||
|
|
||||||
```
|
```
|
||||||
http://www.example.com/site/legacy?param1=xy¶m2=23&host=www.attacker.com
|
http://www.example.com/site/legacy?param1=xy¶m2=23&host=www.attacker.com
|
||||||
|
|
Loading…
Reference in a new issue