Better support for case insensitive headers.#1919
Merged
ioquatix merged 1 commit into2-2-stablefrom Jun 30, 2022
Merged
Conversation
ioquatix
force-pushed
the
case-insensitive-headers
branch
from
ab0237c to
ab14503
Compare
jeremyevans
requested changes
Jun 30, 2022
Contributor
jeremyevans
left a comment
jeremyevans
left a comment
There was a problem hiding this comment.
Looks mostly good.
The lib/rack/response.rb change is unrelated. CACHE_CONTROL is already a string, so there is no reason to use get_header as opposed to accessing headers directly. Even if you wanted to use get_header (for consistency?), it isn't related to case insensitive headers and should be committed separately.
I would mention in CHANGELOG that this change is purely for Rack::ETag, since that is the only middleware with the change.
OK to commit without further review after those changes.
ioquatix
force-pushed
the
case-insensitive-headers
branch
from
c849ece to
6b85968
Compare
pgwillia
added a commit
to ualbertalib/builder_deferred_tagging
that referenced
this pull request
Sep 27, 2022
Bumps [rack](https://github.com/rack/rack) from 2.2.2 to 2.2.4. Changelog ## [2.2.4] - 2022-06-30 - Better support for lower case headers in `Rack::ETag` middleware. ([#1919](rack/rack#1919), [@ioquatix](https://github.com/ioquatix)) - Use custom exception on params too deep error. ([#1838](rack/rack#1838), [@simi](https://github.com/simi)) ## [2.2.3.1] - 2022-05-27 - [CVE-2022-30123] Fix shell escaping issue in Common Logger - [CVE-2022-30122] Restrict parsing of broken MIME attachments ## [2.2.3] - 2020-06-15 ### Security - [[CVE-2020-8184](https://nvd.nist.gov/vuln/detail/CVE-2020-8184)] Do not allow percent-encoded cookie name to override existing cookie names. BREAKING CHANGE: Accessing cookie names that require URL encoding with decoded name no longer works. ([@fletchto99](https://github.com/fletchto99))
pgwillia
added a commit
to ualbertalib/builder_deferred_tagging
that referenced
this pull request
Sep 27, 2022
Bumps [rack](https://github.com/rack/rack) from 2.2.2 to 2.2.4. Changelog ## [2.2.4] - 2022-06-30 - Better support for lower case headers in `Rack::ETag` middleware. ([#1919](rack/rack#1919), [@ioquatix](https://github.com/ioquatix)) - Use custom exception on params too deep error. ([#1838](rack/rack#1838), [@simi](https://github.com/simi)) ## [2.2.3.1] - 2022-05-27 - [CVE-2022-30123] Fix shell escaping issue in Common Logger - [CVE-2022-30122] Restrict parsing of broken MIME attachments ## [2.2.3] - 2020-06-15 ### Security - [[CVE-2020-8184](https://nvd.nist.gov/vuln/detail/CVE-2020-8184)] Do not allow percent-encoded cookie name to override existing cookie names. BREAKING CHANGE: Accessing cookie names that require URL encoding with decoded name no longer works. ([@fletchto99](https://github.com/fletchto99))
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
rails/sprockets#746 (comment)