kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/guides
History
Rafael Mendonça França 4ace047c91
Add back Rack::Runtime to the default middleware stack. 
We were planning to remove this middleware because we thought it could
make easier to attacker to do a Time Attack. However, while
Rack::Runtime can indeed be used to know how long a request took, and
compare with other requests, it doesn't provide any information that
can't be found in the total time of the request as well.

Instead of removing the middleware, we decided to keep it, and direct
users to instead of removing it, use its information to uncover actions
that are vulnerable to Time Attack.

This reverts commit 127dd06df6, reversing
changes made to 4354e3ae49.
2021-09-15 18:37:34 -04:00
..
assets Render copy-to-clipboard text in element attribute [ci-skip] 2021-07-23 12:52:10 -05:00
bug_report_templates Relax version constraint in bug report templates 2021-08-07 13:20:26 +09:00
rails_guides Render copy-to-clipboard text in element attribute [ci-skip] 2021-07-23 12:52:10 -05:00
source Add back Rack::Runtime to the default middleware stack. 2021-09-15 18:37:34 -04:00
.document
CHANGELOG.md Preparing for 7.0.0.alpha2 release 2021-09-15 18:22:51 -04:00
rails_guides.rb
Rakefile Use Bundler.unbundled_system for bug_report_templates tests 2021-06-02 23:27:17 +09:00
w3c_validator.rb