summaryrefslogtreecommitdiff
path: root/lib/cgi
diff options
context:
space:
mode:
Diffstat (limited to 'lib/cgi')
-rw-r--r--lib/cgi/core.rb4
-rw-r--r--lib/cgi/session/pstore.rb1
2 files changed, 2 insertions, 3 deletions
diff --git a/lib/cgi/core.rb b/lib/cgi/core.rb
index ac75e54139..bec76e0749 100644
--- a/lib/cgi/core.rb
+++ b/lib/cgi/core.rb
@@ -544,11 +544,11 @@ class CGI
/Content-Disposition:.* filename=(?:"(.*?)"|([^;\r\n]*))/i.match(head)
filename = $1 || $2 || ''.dup
filename = CGI.unescape(filename) if unescape_filename?()
- body.instance_variable_set(:@original_filename, filename.taint)
+ body.instance_variable_set(:@original_filename, filename)
## content type
/Content-Type: (.*)/i.match(head)
(content_type = $1 || ''.dup).chomp!
- body.instance_variable_set(:@content_type, content_type.taint)
+ body.instance_variable_set(:@content_type, content_type)
## query parameter name
/Content-Disposition:.* name=(?:"(.*?)"|([^;\r\n]*))/i.match(head)
name = $1 || $2 || ''
diff --git a/lib/cgi/session/pstore.rb b/lib/cgi/session/pstore.rb
index 5a6e25d137..cc3006400f 100644
--- a/lib/cgi/session/pstore.rb
+++ b/lib/cgi/session/pstore.rb
@@ -50,7 +50,6 @@ class CGI
require 'digest/md5'
md5 = Digest::MD5.hexdigest(id)[0,16]
path = dir+"/"+prefix+md5
- path.untaint
if File::exist?(path)
@hash = nil
else
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-15 11:27:39 +0000