sinatra / rack-protection

NOTE: This project has been merged upstream to sinatra/sinatra

https://github.com/sinatra/sinatra/tree/master/rack-protection

sinatra/rack-protection Issues

Mention the migration in GitHub Pages
Updated 5 years ago
How can I update AuthenticityToken automatically?
Closed 6 years ago1
Forbidden + signout using sidekiq/devise/activeadmin on production server with nginx/haproxy/thin
Closed 8 years ago4
AuthenticityToken check in a rails app when no session['_csrf_token'] is set
Closed 8 years ago6
New stable release before merging?
Closed 8 years ago7
Could not find gem 'rack-protection' in git://github.com/sinatra/rack-protection.git (at master@f405fec)
Closed 8 years ago2
Mask CSRF tokens to mitigate BREACH attack
Closed 8 years ago1
AuthenticityToken
Closed 8 years ago3
JsonCsrf for GET image.
Closed 8 years ago4
[Warning] Session Hijacking default of HTTP_ACCEPT_LANGUAGE is broken for iOS 8+
Closed 8 years ago2
Is AuthenticityToken broken?
Closed 8 years ago2
Rack::Protection::SessionHijacking
Closed 8 years ago2
Session Hijacking default of HTTP_ACCEPT_LANGUAGE is broken for IE with XHR
Closed 8 years ago2
Invalid URI causes exception
Closed 8 years ago3
Please add changelog
Closed 8 years ago2
Whitelist for JsonCsrf
Closed 8 years ago1
Invalid referer raises error
Closed 8 years ago5
Cookie protection, ala Github's blog post
Closed 8 years ago
Add documentation
Closed 8 years ago3
X-XSS-Protection also applies to chrome
Closed 8 years ago1
Regenerate docs
Closed 8 years ago
"You need to set up a session middleware *before* Rack::Protection::SessionHijacking"
Closed 8 years ago6
escaped params silently removing files
Closed 8 years ago3
Silently Ignore Lack of Session Middleware
Closed 8 years ago7
Don't autoload?
Closed 8 years ago11
Sinatra problem with rack-protection
Closed 8 years ago1
undefined method `[]' for nil:NilClass
Closed 9 years ago4
Consider changing the repo description
Closed 9 years ago3
Feature Request: add support for Strict Transport Security
Closed 9 years ago2
Homepage link is broken
Closed 9 years ago2
Token changes between retrieval and request
Closed 10 years ago1
SessionHijacking false positive when serving video tag source
Closed 11 years ago1
Rack Protection blocks all requests from proxy/frontend
Closed 10 years ago5
[Readme] Instrumentation example
Closed 10 years ago1
Path traversal middleware stops sinatra route from matching
Closed 10 years ago2
Detect and reject Ruby objects sent in YAML format
Closed 10 years ago7
content-type-security header
Closed 10 years ago2
undefined method `detect' for nil:NilClass
Closed 11 years ago24
URL-encoded resources does not work since 1.5.1
Closed 11 years ago1
License missing from gemspec
Closed 11 years ago4
Authenticity token not being set unless form is sent
Closed 11 years ago2
What is meant by "rack-csrf" compatibility?
Closed 11 years ago1
Implementation doubt
Closed 11 years ago2
nosniff should be set non html content as well
Closed 11 years ago1
CORS and JSON_CSRF
Closed 11 years ago1
Block remote requests from non-HTTP pages
Closed 11 years ago1
Why don't you recommend using the form token with rack protection?
Closed 12 years ago2
undefined method `base_url'
Closed 12 years ago4
Gemspec contains non-US-ASCII characters, can't install on older rubygems
Closed 12 years ago
undefined method `last' for nil:NilClass
Closed 12 years ago2