hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 01:08:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,050 Commits 1,717 Branches 163 Tags
0600a2ba96f3b2b3e435df997343eae952081bbf
Commit Graph

11 Commits

Author SHA1 Message Date
Harry Maclean
c99a096c9b Ruby: Update test fixtures 2023-01-31 11:27:19 +13:00
Harry Maclean
fb86ef4aac Ruby: Model ActionController filters 
ActionController filters provide a way to register callbacks that run
before, after or around an action (i.e. HTTP request handler). They run
in the same class context as the action, so can get/set instance
variables and generally interact with the action in arbitrary ways.

In order to track flow between filters and actions, we have to model the
callback chain. This commit does that. A later change will add dataflow
steps to actually track flow through the chain.
 2023-01-30 17:41:36 +13:00
Harry Maclean
d0521f15f1 Ruby: Update tests 2022-11-16 13:46:51 +13:00
erik-krogh
e47e20c5e7 remove use of HtmlSafeCall from tests 2022-10-18 10:43:24 +02:00
Harry Maclean
73ca595b56 Ruby: Model ActionDispatch::Response 2022-10-17 08:17:37 +13:00
Harry Maclean
ed0c85e3af Ruby: Model ActionView helper XSS sinks 2022-09-26 20:55:04 +13:00
Harry Maclean
7ef6ffbc54 Ruby: Recognise Rails render calls as HTTP responses 2022-08-16 14:03:26 +12:00
Harry Maclean
7dfab371f6 Ruby: Model redirect_back and redirect_back_or_to 
These are ActionController methods that redirect to the HTTP Referer,
falling back to the given location if there is no Referer.
 2022-06-20 13:36:02 +12:00
Harry Maclean
e1d290d4c0 Ruby: Don't count private methods as Rails actions 
Private instance methods on ActionController classes aren't valid
request handlers. Routing to them will raise an exception.
 2021-12-13 15:36:55 +13:00
Nick Rolfe
f6a8b9a7e5 Ruby: add cookies call to frameworks test 2021-12-09 12:07:04 +00:00
Arthur Baars
976daddd36 Move files to ruby subfolder 2021-10-15 11:47:28 +02:00