hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ginsbach/OverlayLocalJava
codeql/ruby/ql/test/query-tests/security/cwe-295/RestClient.rb
Rasmus Wriedt Larsen 07d95918f2 Ruby: Add more RequestWithoutValidation.ql tests 
Added:
- one where the value is not directly used when disabling certificate
  validation.
- one with argument passing, Faraday, where it is only the passing of
  `OpenSSL::SSL::VERIFY_NONE` that is recognized.
2022-08-19 15:42:50 +02:00

39 lines
1.1 KiB
Ruby
Raw Permalink Blame History

require "rest-client"
# BAD
resource = RestClient::Resource.new("https://example.com", verify_ssl: OpenSSL::SSL::VERIFY_NONE)
response = resource.get
# BAD
resource = RestClient::Resource.new("https://example.com", { verify_ssl: OpenSSL::SSL::VERIFY_NONE })
response = resource.get
# BAD
options = { verify_ssl: OpenSSL::SSL::VERIFY_NONE }
resource = RestClient::Resource.new("https://example.com", options)
response = resource.get
# BAD
value = OpenSSL::SSL::VERIFY_NONE
resource = RestClient::Resource.new("https://example.com", verify_ssl: value)
response = resource.get
# GOOD
RestClient.get("https://example.com")
# GOOD
resource = RestClient::Resource.new("https://example.com")
response = resource.get
# GOOD
resource = RestClient::Resource.new("https://example.com", verify_ssl: OpenSSL::SSL::VERIFY_PEER)
response = resource.get
# GOOD
resource = RestClient::Resource.new("https://example.com", { verify_ssl: OpenSSL::SSL::VERIFY_PEER })
response = resource.get
# GOOD
options = { verify_ssl: OpenSSL::SSL::VERIFY_PEER }
resource = RestClient::Resource.new("https://example.com", options)
response = resource.get
Reference in New Issue View Git Blame Copy Permalink