hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: changenote for rb/csrf-protection-disabled enhancement

Browse Source
This commit is contained in:
Alex Ford
2022-01-19 13:37:28 +00:00
parent b27d315ff4
commit 45ed5a806c
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ruby/ql/src/change-notes/2022-01-19-csrf-protection-weakened.md Normal file
View File

@@ -0,0 +1,5 @@
---
category: minorAnalysis
---
lgtm,codescanning
* The query `rb/csrf-protection-disabled` has been extended to find calls to the Rails method `protect_from_forgery` that may weaken CSRF protection.