sinatra / rack-protection

NOTE: This project has been merged upstream to sinatra/sinatra
https://github.com/sinatra/sinatra/tree/master/rack-protection
818 stars 58 forks source link

add nil check for unset Content-Type header #104

Closed beanieboi closed 8 years ago

beanieboi commented 8 years ago

hey,

as mentioned in #103, adding a nil check would be a very cheap "solution" for the problem. it's also something i could do without the help from you. i'm happy to close that PR in favor of a "real" solution, but i figured it's better than nothing :)

thanks! ben

kytrinyx commented 8 years ago

I'm not sure how defensive we want to be here. I'm open to adding the check, but want to hear other people weigh in before I go down the route (since it's a bit of a slippery slope).

beanieboi commented 8 years ago

@kytrinyx we can close this since rack-protection is operating like the rack spec wants it to be. it was an early fix to a problem i didn't fully understand back then. i'm now more aware of the problem and this is not a good patch.

kytrinyx commented 8 years ago

Ok, cool. Thanks for looking into this!