summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorshyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2010-08-16 07:31:35 +0000
committershyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2010-08-16 07:31:35 +0000
commitb08619c82a09b204e818a16e9ad6343ef9a1b9fd (patch)
tree08d0bda6ca053230a2c6f4d7789103a2341fa01e /lib
parent4b46ec3491389d581251357225b5e15501b6d086 (diff)
merge revision(s) 29002:
* lib/webrick/httpresponse.rb (WEBrick::HTTPResponse#set_error): Fix for possible cross-site scripting (CVE-2010-0541). Found by Apple, reported by Hideki Yamane. Patch by Hirokazu Nishio <nishio.hirokazu AT gmail.com>. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@29006 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib')
-rw-r--r--lib/webrick/httpresponse.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
index 62156b1abd..48fe4b07f8 100644
--- a/lib/webrick/httpresponse.rb
+++ b/lib/webrick/httpresponse.rb
@@ -209,7 +209,7 @@ module WEBrick
@keep_alive = false
self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR
end
- @header['content-type'] = "text/html"
+ @header['content-type'] = "text/html; charset=ISO-8859-1"
if respond_to?(:create_error_page)
create_error_page()