aboutsummaryrefslogtreecommitdiffstats
path: root/config/initializers/rails_security_patches.rb
diff options
context:
space:
mode:
authorLouise Crow <louise.crow@gmail.com>2014-01-24 10:36:38 +0000
committerLouise Crow <louise.crow@gmail.com>2014-01-24 10:36:38 +0000
commit1445541f487fe22ec44b71607be3300319338d0a (patch)
tree5c9ed659c968f092317de6bab59a712e2584ca66 /config/initializers/rails_security_patches.rb
parent4eb8432dedc8b521086cdf163ebe5d373396d39a (diff)
parentb0a939a4d44077b4602176042ff4432b790561ad (diff)
Merge branch 'release/0.16'0.16
Diffstat (limited to 'config/initializers/rails_security_patches.rb')
-rw-r--r--config/initializers/rails_security_patches.rb22
1 files changed, 0 insertions, 22 deletions
diff --git a/config/initializers/rails_security_patches.rb b/config/initializers/rails_security_patches.rb
deleted file mode 100644
index b7f013d04..000000000
--- a/config/initializers/rails_security_patches.rb
+++ /dev/null
@@ -1,22 +0,0 @@
-# Temporary patches for Rails security alert made on 03/12/2013
-
-# CVE-2013-6414 https://groups.google.com/forum/#!topic/rubyonrails-security/A-ebV4WxzKg
-
-ActiveSupport.on_load(:action_view) do
- ActionView::LookupContext::DetailsKey.class_eval do
- class << self
- alias :old_get :get
-
- def get(details)
- if details[:formats]
- details = details.dup
- syms = Set.new Mime::SET.symbols
- details[:formats] = details[:formats].select { |v|
- syms.include? v
- }
- end
- old_get details
- end
- end
- end
-end