Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

As someone stuck maintaining an older rails app with no hope of upgrading anytime soon, any information on patching rails 2.1.0 against this vulnerability?


Best idea would be to apply the workarounds presented for Rails 2.3 in the group post: https://groups.google.com/forum/#!topic/rubyonrails-security....

Place a couple of lines in a file in config/initializers, and you're good,.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: