make potential attack more obvious in example

mojolicious · Mar 16, 2014 · 248676a · 248676a
1 parent 801901a
commit 248676a
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 2 deletions.
diff --git a/Changes b/Changes
@@ -1,4 +1,6 @@
 
+4.91  2014-03-17
+
 4.90  2014-03-16
   - Removed deprecated to_rel method from Mojo::URL.
   - Updated IO::Socket::SSL requirement to 1.84 due to breaking changes in

diff --git a/lib/Mojolicious.pm b/lib/Mojolicious.pm
@@ -43,7 +43,7 @@ has types     => sub { Mojolicious::Types->new };
 has validator => sub { Mojolicious::Validator->new };
 
 our $CODENAME = 'Top Hat';
-our $VERSION  = '4.90';
+our $VERSION  = '4.91';
 
 sub AUTOLOAD {
   my $self = shift;

diff --git a/lib/Mojolicious/Controller.pm b/lib/Mojolicious/Controller.pm
@@ -594,7 +594,8 @@ there can always be multiple values, which might have unexpected consequences.
 Parts of the request body need to be loaded into memory to parse C<POST>
 parameters, so you have to make sure it is not excessively large.
 
-  # List context is ambiguous and should be avoided
+  # List context is ambiguous and should be avoided, you can get multiple
+  # values returned for a query string like "?foo=bar&foo=baz&foo=yada"
   my $hash = {foo => $self->param('foo')};
 
   # Better enforce scalar context