Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 4 commits
- 8 files changed
- 2 contributors
Commits on May 6, 2025
-
* Make Rack::Session::Pool#write_session fail if session doesn't exist This fixes a potential security issue if the session is concurrently deleted by another thread. * Add test. * Add CHANGELOG entry. --------- Co-authored-by: Samuel Williams <samuel.williams@oriontransfer.co.nz>
-
* Apply bytesize and number of param limits in QueryParser The param limit is 4096, chosen because it matches the existing multipart limit. The bytesize limit is 4MB. These limits should substantially exceed what almost all applications need, though there will likely be applications that require higher limits. Allow overriding the limits on a per-QueryParser basis via the constructors, and allow overriding the default limits with environment variables RACK_QUERY_PARSER_BYTESIZE_LIMIT and RACK_QUERY_PARSER_PARAMS_LIMIT. Add new Rack::QueryParser::QueryLimitError to raise in case one of the limits are exceeded, and make ParamsTooDeepError an alias to, since that is also a case where a limit is exceeded. This allows code that already rescues ParamsTooDeepError to automatically handle these other limits as well. * Update CHANGELOG. --------- Co-authored-by: Samuel Williams <samuel.williams@oriontransfer.co.nz>
-
-
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v2.2.13...v2.2.14