hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2590d8a27fdbdbbd133a67be231ed9511dffa2e4
codeql/ruby/ql/src/queries/security/cwe-078/examples/kernel_open.rb
Harry Maclean 8b23f6db10 Ruby: Add URI.open example to rb/kernel-open qhelp
2024-04-27 09:53:54 +01:00

12 lines
244 B
Ruby
Raw Blame History

require "open-uri"
class UsersController < ActionController::Base
def create
filename = params[:filename]
open(filename) # BAD
web_page = params[:web_page]
URI.open(web_page) # BAD - calls `Kernel.open` internally
end
end
Reference in New Issue View Git Blame Copy Permalink