From 18529c9bdd26f4df6b5291bfe57fed46ea233822 Mon Sep 17 00:00:00 2001
From: Konstantin Haase <konstantin.mailinglists@googlemail.com>
Date: Fri, 30 Dec 2011 13:04:14 +0100
Subject: [PATCH] do not enable parameter escaping by default, fixes #8

---
 rack-protection/lib/rack/protection.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/rack-protection/lib/rack/protection.rb b/rack-protection/lib/rack/protection.rb
index 6efb8f40..04d4c0a0 100644
--- a/rack-protection/lib/rack/protection.rb
+++ b/rack-protection/lib/rack/protection.rb
@@ -20,7 +20,6 @@ module Rack
       # does not include: RemoteReferrer, AuthenticityToken and FormToken
       except = Array options[:except]
       Rack::Builder.new do
-        use ::Rack::Protection::EscapedParams,    options unless except.include? :escaped_params
         use ::Rack::Protection::FrameOptions,     options unless except.include? :frame_options
         use ::Rack::Protection::IPSpoofing,       options unless except.include? :ip_spoofing
         use ::Rack::Protection::JsonCsrf,         options unless except.include? :json_csrf