diff --git a/lib/sinatra/base.rb b/lib/sinatra/base.rb
index 24ca0a76..893016ef 100644
--- a/lib/sinatra/base.rb
+++ b/lib/sinatra/base.rb
@@ -1377,7 +1377,7 @@ module Sinatra
       def setup_protection(builder)
         return unless protection?
         options = Hash === protection ? protection.dup : {}
-        options[:except] = Array(options[:except] || :escaped_params)
+        options[:except] = Array options[:except]
         options[:except] += [:session_hijacking, :remote_token] unless sessions?
         builder.use Rack::Protection, options
       end
diff --git a/sinatra.gemspec b/sinatra.gemspec
index 61a8a855..bd9aa9ad 100644
--- a/sinatra.gemspec
+++ b/sinatra.gemspec
@@ -13,6 +13,6 @@ Gem::Specification.new 'sinatra', Sinatra::VERSION do |s|
   s.rdoc_options      = %w[--line-numbers --inline-source --title Sinatra --main README.rdoc]
 
   s.add_dependency 'rack',            '~> 1.3', '>= 1.3.6'
-  s.add_dependency 'rack-protection', '~> 1.1', '>= 1.1.2'
+  s.add_dependency 'rack-protection', '~> 1.2'
   s.add_dependency 'tilt',            '~> 1.3', '>= 1.3.3'
 end