#14 Vulnerability Note VU#380039

yakut-project · Sep 5, 2013 · 6538045 · 6538045 · baygunm · Sep 18, 2013
1 parent 777623b
commit 6538045
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/config/initializers/disable_xml_params.rb b/config/initializers/disable_xml_params.rb
@@ -0,0 +1,3 @@
+# Protect against injection attacks
+# http://www.kb.cert.org/vuls/id/380039
+ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::XML)