projects
/
selectricity-live
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from parent 1:
15870a5
)
fix security issue
master
author
Benjamin Mako Hill
<mako@ephesus.xvm.mit.edu>
Wed, 9 Jan 2013 16:43:27 +0000
(11:43 -0500)
committer
Benjamin Mako Hill
<mako@atdot.cc>
Wed, 9 Jan 2013 16:45:33 +0000
(11:45 -0500)
config/environment.rb
patch
|
blob
|
history
diff --git
a/config/environment.rb
b/config/environment.rb
index 28ecf9eca9b69a83661596fc3da8790ab4524f3c..802b3b90d85257e47ee9a7c81330cccc88efe41c 100644
(file)
--- a/
config/environment.rb
+++ b/
config/environment.rb
@@
-147,3
+147,8
@@
GeoKit::Geocoders::geocoder_ca = false
# various geocoders. Make sure you read up on relevant Terms of Use for each
# geocoder you are going to use.
GeoKit::Geocoders::provider_order = [:google,:us]
+
+# fix major security vulnerability:
+# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
+ActionController::Base.param_parsers.delete(Mime::XML)
+
Benjamin Mako Hill
||
Want to submit a patch?