代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/rubygem-actionpack 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From f97d14a056c9b6ec6bf46d24e0c04b4893e78d41 Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron@rubyonrails.org>
Date: Tue, 4 May 2021 15:49:21 -0700
Subject: [PATCH] Prevent slow regex when parsing host authorization header
The old regex could take too long when parsing an authorization header,
and this could potentially cause a DoS vulnerability
[CVE-2021-22904]
---
.../lib/action_controller/metal/http_authentication.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/usr/share/gems/gems/actionpack-5.2.4.4/lib/action_controller/metal/http_authentication.rb b/usr/share/gems/gems/actionpack-5.2.4.4/lib/action_controller/metal/http_authentication.rb
index 01676f3..d2e6674 100644
--- a/usr/share/gems/gems/actionpack-5.2.4.4/lib/action_controller/metal/http_authentication.rb
+++ b/usr/share/gems/gems/actionpack-5.2.4.4/lib/action_controller/metal/http_authentication.rb
@@ -406,7 +406,7 @@ module ActionController
module Token
TOKEN_KEY = "token="
TOKEN_REGEX = /^(Token|Bearer)\s+/
- AUTHN_PAIR_DELIMITERS = /(?:,|;|\t+)/
+ AUTHN_PAIR_DELIMITERS = /(?:,|;|\t)/
extend self
module ControllerMethods
--
2.23.0
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手