diff --git a/frameworks/Ruby/sinatra-sequel/Gemfile.lock b/frameworks/Ruby/sinatra-sequel/Gemfile.lock index 4f084bcd3b9..40b1cad63db 100644 --- a/frameworks/Ruby/sinatra-sequel/Gemfile.lock +++ b/frameworks/Ruby/sinatra-sequel/Gemfile.lock @@ -2,44 +2,48 @@ GEM remote: https://rubygems.org/ specs: base64 (0.2.0) - bigdecimal (3.1.8) + bigdecimal (3.1.9) iodine (0.7.58) - json (2.9.1) + json (2.10.1) kgio (2.11.4) + logger (1.6.6) mustermann (3.0.3) ruby2_keywords (~> 0.0.1) mysql2 (0.5.6) nio4r (2.7.4) - passenger (6.0.24) + passenger (6.0.26) rack (>= 1.6.13) rackup (>= 2.0.0) rake (>= 12.3.3) - pg (1.5.8) - puma (6.5.0) + pg (1.5.9) + puma (6.6.0) nio4r (~> 2.0) - rack (3.1.8) - rack-protection (4.0.0) + rack (3.1.12) + rack-protection (4.1.1) base64 (>= 0.1.0) + logger (>= 1.6.0) rack (>= 3.0.0, < 4) - rack-session (2.0.0) + rack-session (2.1.0) + base64 (>= 0.1.0) rack (>= 3.0.0) rackup (2.2.1) rack (>= 3) raindrops (0.20.1) rake (13.2.1) ruby2_keywords (0.0.5) - sequel (5.85.0) + sequel (5.90.0) bigdecimal sequel_pg (1.17.1) pg (>= 0.18.0, != 1.2.0) sequel (>= 4.38.0) - sinatra (4.0.0) + sinatra (4.1.1) + logger (>= 1.6.0) mustermann (~> 3.0) rack (>= 3.0.0, < 4) - rack-protection (= 4.0.0) + rack-protection (= 4.1.1) rack-session (>= 2.0.0, < 3) tilt (~> 2.0) - tilt (2.4.0) + tilt (2.6.0) unicorn (6.1.0) kgio (~> 2.6) raindrops (~> 0.7) diff --git a/frameworks/Ruby/sinatra-sequel/hello_world.rb b/frameworks/Ruby/sinatra-sequel/hello_world.rb index 454c77e5a16..3f4380aecb5 100644 --- a/frameworks/Ruby/sinatra-sequel/hello_world.rb +++ b/frameworks/Ruby/sinatra-sequel/hello_world.rb @@ -10,6 +10,9 @@ class HelloWorld < Sinatra::Base # XSS, CSRF, IP spoofing, etc. protection are not explicitly required disable :protection + # disable host_authorization for all environments + set :host_authorization, { permitted_hosts: [] } + # Only add the charset parameter to specific content types per the requirements set :add_charset, [mime_type(:html)] end