You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@whimsical.apache.org by se...@apache.org on 2020/07/06 20:43:18 UTC
[whimsy] branch master updated: Ensure env auth is untainted
This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new 9ac18f8 Ensure env auth is untainted
9ac18f8 is described below
commit 9ac18f858f96c8b960e7cfa6288ce76ce556e0d0
Author: Sebb <se...@apache.org>
AuthorDate: Mon Jul 6 21:43:09 2020 +0100
Ensure env auth is untainted
---
lib/whimsy/asf/rack.rb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/whimsy/asf/rack.rb b/lib/whimsy/asf/rack.rb
index 78e2937..887a796 100644
--- a/lib/whimsy/asf/rack.rb
+++ b/lib/whimsy/asf/rack.rb
@@ -20,6 +20,8 @@ module ASF
env.user, env.password = Base64.
decode64(auth[/^Basic ([A-Za-z0-9+\/=]+)$/,1].to_s).split(':',2)
end
+ env.user.untaint
+ env.password.untaint
env['REMOTE_USER'] ||= env.user