From f126d80b1e4f42e854555e728cd4478fc7ff56db Mon Sep 17 00:00:00 2001
From: Jeremy Evans <code@jeremyevans.net>
Date: Fri, 18 Oct 2019 11:40:36 -0700
Subject: [PATCH] [ruby/webrick] Don't check tainting in access log escaping

Only untaint result on Ruby <2.7, as taint support is deprecated
in Ruby 2.7+ and no longer has an effect.

https://github.com/ruby/webrick/commit/4c430f9410
---
 lib/webrick/accesslog.rb | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/lib/webrick/accesslog.rb b/lib/webrick/accesslog.rb
index 17e5b38ac9..e4849637f3 100644
--- a/lib/webrick/accesslog.rb
+++ b/lib/webrick/accesslog.rb
@@ -149,11 +149,9 @@ module WEBrick
     # Escapes control characters in +data+
 
     def escape(data)
-      if data.tainted?
-        data.gsub(/[[:cntrl:]\\]+/) {$&.dump[1...-1]}.untaint
-      else
-        data
-      end
+      data = data.gsub(/[[:cntrl:]\\]+/) {$&.dump[1...-1]}
+      data.untaint if RUBY_VERSION < '2.7'
+      data
     end
   end
 end