ruby/lib/webrick
gotoyuzo 8ee3267d26 * lib/webrick/httpservlet/filehandler.rb: should normalize path
name in path_info to prevent script disclosure vulnerability on
  DOSISH filesystems. (fix: CVE-2008-1891)
  Note: NTFS/FAT filesystem should not be published by the platforms
  other than Windows. Pathname interpretation (including short
  filename) is less than perfect.

* lib/webrick/httpservlet/abstract.rb
  (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
  should escape the value of Location: header.

* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
  command line arguments.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-05-18 13:33:24 +00:00
..
httpauth
httpservlet * lib/webrick/httpservlet/filehandler.rb: should normalize path 2008-05-18 13:33:24 +00:00
accesslog.rb
cgi.rb * lib/webrick/httprequest.rb, lib/webrick/cgi.rb: Request-Line or 2007-12-17 07:03:57 +00:00
compat.rb
config.rb * lib/webrick/server.rb (WEBrick::GenericServer#accept_client): 2007-12-18 14:43:03 +00:00
cookie.rb
htmlutils.rb
httpauth.rb
httpproxy.rb * lib/webrick/httpproxy.rb (WEBrick::HTTPProxyServer#proxy_service): 2007-12-31 14:17:41 +00:00
httprequest.rb * lib/rdoc/parsers/parse_rb.rb: Fix uninitialized variable warnings. 2008-04-04 21:16:19 +00:00
httpresponse.rb * ext/json/lib/json/pure/generator.rb, 2008-02-12 06:18:06 +00:00
https.rb
httpserver.rb
httpservlet.rb
httpstatus.rb
httputils.rb
httpversion.rb
log.rb
server.rb * lib/webrick/server.rb (WEBrick::HTTPServer#start): 2008-01-09 04:46:55 +00:00
ssl.rb
utils.rb
version.rb