diff options
| author | Jeremy Evans <code@jeremyevans.net> | 2019-09-24 20:59:12 -0700 |
|---|---|---|
| committer | Jeremy Evans <code@jeremyevans.net> | 2019-11-18 01:00:25 +0200 |
| commit | ffd0820ab317542f8780aac475da590a4bdbc7a8 (patch) | |
| tree | 6a5d774933c15fd2b9ea948bd3ae2fa587faaf82 /lib/cgi | |
| parent | c5c05460ac20abcbc0ed686eb4acf06da7a39a79 (diff) | |
Deprecate taint/trust and related methods, and make the methods no-ops
This removes the related tests, and puts the related specs behind
version guards. This affects all code in lib, including some
libraries that may want to support older versions of Ruby.
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/2476
Diffstat (limited to 'lib/cgi')
| -rw-r--r-- | lib/cgi/core.rb | 4 | ||||
| -rw-r--r-- | lib/cgi/session/pstore.rb | 1 |
2 files changed, 2 insertions, 3 deletions
diff --git a/lib/cgi/core.rb b/lib/cgi/core.rb index ac75e54139..bec76e0749 100644 --- a/lib/cgi/core.rb +++ b/lib/cgi/core.rb @@ -544,11 +544,11 @@ class CGI /Content-Disposition:.* filename=(?:"(.*?)"|([^;\r\n]*))/i.match(head) filename = $1 || $2 || ''.dup filename = CGI.unescape(filename) if unescape_filename?() - body.instance_variable_set(:@original_filename, filename.taint) + body.instance_variable_set(:@original_filename, filename) ## content type /Content-Type: (.*)/i.match(head) (content_type = $1 || ''.dup).chomp! - body.instance_variable_set(:@content_type, content_type.taint) + body.instance_variable_set(:@content_type, content_type) ## query parameter name /Content-Disposition:.* name=(?:"(.*?)"|([^;\r\n]*))/i.match(head) name = $1 || $2 || '' diff --git a/lib/cgi/session/pstore.rb b/lib/cgi/session/pstore.rb index 5a6e25d137..cc3006400f 100644 --- a/lib/cgi/session/pstore.rb +++ b/lib/cgi/session/pstore.rb @@ -50,7 +50,6 @@ class CGI require 'digest/md5' md5 = Digest::MD5.hexdigest(id)[0,16] path = dir+"/"+prefix+md5 - path.untaint if File::exist?(path) @hash = nil else |