diff options
| author | Jeremy Evans <[email protected]> | 2019-10-18 11:40:36 -0700 |
|---|---|---|
| committer | Hiroshi SHIBATA <[email protected]> | 2019-10-24 19:47:29 +0900 |
| commit | f126d80b1e4f42e854555e728cd4478fc7ff56db () | |
| tree | 1ffa61bd9ac6e6330381797e07498395014984e7 /lib/webrick | |
| parent | c28d50a753615dff9bd721f608846d4ef541feb1 (diff) | |
[ruby/webrick] Don't check tainting in access log escaping
Only untaint result on Ruby <2.7, as taint support is deprecated in Ruby 2.7+ and no longer has an effect. https://.com/ruby/webrick/commit/4c430f9410
| -rw-r--r-- | lib/webrick/accesslog.rb | 8 |
1 files changed, 3 insertions, 5 deletions
@@ -149,11 +149,9 @@ module WEBrick # Escapes control characters in +data+ def escape(data) - if data.tainted? - data.gsub(/[[:cntrl:]\\]+/) {$&.dump[1...-1]}.untaint - else - data - end end end end |