hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
49d826f6674d9ce8dea47af920888028dd6e715c
codeql/ruby/ql/test/query-tests/security/cwe-352/CSRFProtectionNotEnabled.expected
Harry Maclean 49d826f667 Ruby: Add a query for CSRF protection not enabled 
Specifically in Rails apps, we look for root ActionController classes
without a call to `protect_from_forgery`.
2024-02-23 11:13:14 +00:00

2 lines
171 B
Plaintext
Raw Blame History

| railsapp/app/controllers/alternative_root_controller.rb:1:1:3:3 | AlternativeRootController | Potential CSRF vulnerability due to forgery protection not being enabled |
Reference in New Issue View Git Blame Copy Permalink