RubyFlow : The Ruby Community Blog

Home   Submit   Sign Up   Log In   leaders   Twitter   RSS Feed  

Parsing Unsanitized JSON from Ruby

Versions of the JSON gem > 1.7.5 incorporate a fix addressing CVE-2013-0269 that entails disabling support for parsing unvalidated JSON data from an arbitrary source.

If this is an issue for you (or you suspect it might be!) you may want to checkout my latest blog post containing a few workarounds as well as this pull request submitted to the JSON gem.


Post a Comment

Comment abilities for non registered users are currently deactivated, pending time to add a proper CAPTCHA to solve the escalating spam problem. Sorry!