1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
From: gecunps <geraldineelaine.cu@nelnet.net>
Date: Wed, 8 Oct 2025 11:15:08 +0800
Subject: Fix regex to prevent redos
This a backport of the original upstream patch.
Signed-off-by: Antonio Terceiro <terceiro@debian.org>
Link: https://github.com/sinatra/sinatra/pull/2121
---
lib/sinatra/base.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/sinatra/base.rb b/lib/sinatra/base.rb
index ba330a4..aeff9fd 100644
--- a/lib/sinatra/base.rb
+++ b/lib/sinatra/base.rb
@@ -693,7 +693,7 @@ module Sinatra
def etag_matches?(list, new_resource = request.post?)
return !new_resource if list == '*'
- list.to_s.split(/\s*,\s*/).include? response['ETag']
+ list.to_s.split(',').map(&:strip).include?(response['ETag'])
end
def with_params(temp_params)
|
