hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Address review comments - Fix docs typo and add a reference

Browse Source
This commit is contained in:
Joe Farebrother
2024-03-25 14:44:24 +00:00
parent 592acb94d2
commit fb19288981
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ruby/ql/src/queries/security/cwe-915/MassAssignment.qhelp
View File

@@ -5,7 +5,7 @@
<overview>
<p>
Operations that allow for mass assignment (setting multiple attributes of an object using a hash), such as <code>ActiveRecord::Base.new</code>, should take care not to
allow arbitrary parameters to be set by the user. Otherwise, unintended attributes may be set, such as an <code>isAdmin</code> feild for a <code>User</code> object.
allow arbitrary parameters to be set by the user. Otherwise, unintended attributes may be set, such as an <code>is_admin</code> field for a <code>User</code> object.
</p>
</overview>
<recommendation>
@@ -29,6 +29,6 @@
</example>
<references>
<li>Rails guides: <a href="https://guides.rubyonrails.org/action_controller_overview.html#strong-parameters">Strong Parameters</a>.</li>
</references>
</qhelp>