mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
10a0d4b61d
separators in path_info to prevent directory traversal attacks on DOSISH platforms. reported by Digital Security Research Group [DSECRG-08-026]. * lib/webrick/httpservlet/filehandler.rb: pathnames which have not to be published should be checked case-insensitively. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15676 b2dd03c8-39d4-4d8f-98ff-823fe69b080e |
||
---|---|---|
.. | ||
abstract.rb | ||
cgi_runner.rb | ||
cgihandler.rb | ||
erbhandler.rb | ||
filehandler.rb | ||
prochandler.rb |