Re: An issue for consideration

2008-05-27 Thread Aria Stewart
On May 23, 2008, at 5:21 PM, Brendan Taylor wrote: You missed PUT :) I can imagine situations where you'd want to be able to use more esoteric HTTP methods (like OPTIONS, or any of WebDAV's many extension methods). I don't have a better solution though, and this may be Good Enoughâ„¢. Indeed.

Re: An issue for consideration

2008-05-23 Thread Bluebie, Jenna
This should help. include Camping::ControllerSecurity in your controllers module or your Camping (or whatever Camping.goes has turned it in to) module, after requiring this: module Camping module ControllerSecurity def service(*a) @method = 'get' unless ['get', 'post', 'delete',

Re: An issue for consideration

2008-05-23 Thread Aria Stewart
On May 22, 2008, at 10:46 PM, Bluebie, Jenna wrote: We've just come across an issue for consideration. I am avoiding some words which would allow people to find this message in an internet search who have questionable intentions, but wish to communicate a strong sense of caution. Consider

Re: An issue for consideration

2008-05-23 Thread _why
On Fri, May 23, 2008 at 12:16:15PM +0200, Magnus Holm wrote: Do you think we should add a protection inside Camping too? No, if Rack comes with Rack::Lint and Camping now depends on Rack, then it'd be redundant to have it in Camping as well, you know? _why

Re: An issue for consideration

2008-05-23 Thread Eric Mill
You at least want to allow what's in the HTTP spec -- that's HEAD, TRACE, OPTIONS, and CONNECT, on top of the GET/POST/PUT/DELETE. -- Eric On Fri, May 23, 2008 at 7:21 PM, Brendan Taylor [EMAIL PROTECTED] wrote: On Fri, May 23, 2008 at 04:20:21PM +1000, Bluebie, Jenna wrote: This should help.