[rack-protection] Consider renaming origin_whitelist to something else
#1620
Comments
|
@rhymes sounds like a good plan. My initial thought is that |
|
@jkowens thanks for the availability. I sent a PR in #1625 but it failed in most of the builds and I think it's unrelated to the code change but as I'm unfamiliar with sinatra and rack-protection it might be entirely my fault. I tried reading the contributing guide but found nothing that could related. Could you take a look? Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Following the example of rails/rails#33677 and forem/forem#7147 I'm proposing to take into consideration the replacement of the parameter
origin_whitelistinRack::Protection::HttpOriginwith something else.Possible alternatives:
allow,valid,permitted.According to a quick search - https://github.com/sinatra/sinatra/search?q=whitelist&unscoped_q=whitelist - in the entire Sinatra code base, that's the only instance.
A possible solution would be to add an alternative parameter and a deprecation notice for the existing one and then remove the latter a couple of releases down the line or something like that.
I can work on the initial PR if agreed.
Thank you!
The text was updated successfully, but these errors were encountered: