diff options
author | Jonathan Rochkind <jonathan@dnil.net> | 2022-01-25 16:45:21 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-25 13:45:21 -0800 |
commit | 5e6e94465a9356c602dc6c69a23931510290b900 (patch) | |
tree | 98fe664c1701ea7bd199c1e19b3c1f99a8dff652 /test/spec_multipart.rb | |
parent | 78ddf81fe2a189e322c3b628046bbc41fc14d1b1 (diff) | |
download | rack-5e6e94465a9356c602dc6c69a23931510290b900.tar.gz |
Deprecate key_space_limit
It was determined that as this limit did not affect nested parameter hashes, it didn't actually prevent an attacker from using more than limited number of bytes for parameter keys, so this limit isn't actually doing anything useful. It is confusing people when it gets in the way of desired large parameter requests.
Diffstat (limited to 'test/spec_multipart.rb')
-rw-r--r-- | test/spec_multipart.rb | 13 |
1 files changed, 1 insertions, 12 deletions
diff --git a/test/spec_multipart.rb b/test/spec_multipart.rb index f4de71cf..87902a1f 100644 --- a/test/spec_multipart.rb +++ b/test/spec_multipart.rb @@ -98,17 +98,6 @@ describe Rack::Multipart do params['user_sid'].encoding.must_equal Encoding::UTF_8 end - it "raise RangeError if the key space is exhausted" do - env = Rack::MockRequest.env_for("/", multipart_fixture(:content_type_and_no_filename)) - - old, Rack::Utils.key_space_limit = Rack::Utils.key_space_limit, 1 - begin - lambda { Rack::Multipart.parse_multipart(env) }.must_raise(RangeError) - ensure - Rack::Utils.key_space_limit = old - end - end - it "parse multipart form webkit style" do env = Rack::MockRequest.env_for '/', multipart_fixture(:webkit) env['CONTENT_TYPE'] = "multipart/form-data; boundary=----WebKitFormBoundaryWLHCs9qmcJJoyjKR" @@ -219,7 +208,7 @@ describe Rack::Multipart do @params = Hash.new{|h, k| h[k.to_s] if k.is_a?(Symbol)} end end - query_parser = Rack::QueryParser.new c, 65536, 100 + query_parser = Rack::QueryParser.new c, 100 env = Rack::MockRequest.env_for("/", multipart_fixture(:text)) params = Rack::Multipart.parse_multipart(env, query_parser) params[:files][:type].must_equal "text/plain" |