hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-12 18:44:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
628f85aebcf23ee9a7a944c8ca8d00aefc00b8eb
codeql/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb
Owen Mansel-Chan 6001c735ff Ruby: Inline expectation should have space after $ 
This was a regex-find-replace from `# \$(?! )` (using a negative lookahead) to `# $ `.
2026-03-04 12:45:06 +00:00

39 lines
1.5 KiB
Ruby
Raw Blame History

require "erb"
include ERB::Util
require 'cgi'
class UnicodeNormalizationOKController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
normalized_nfkc = unicode_input.unicode_normalize(:nfkc) # $ MISSING:result=OK
normalized_nfc = unicode_input.unicode_normalize(:nfc) # $ MISSING:result=OK
end
end
class UnicodeNormalizationStrManipulationController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
unicode_input_manip = unicode_input.sub(/[aeiou]/, "*")
normalized_nfkc = unicode_input_manip.unicode_normalize(:nfkc) # $ result=BAD
normalized_nfc = unicode_input_manip.unicode_normalize(:nfc) # $ result=BAD
end
end
class UnicodeNormalizationHtMLEscapeController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
unicode_html_safe = html_escape(unicode_input)
normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $ result=BAD
normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $ result=BAD
end
end
class UnicodeNormalizationCGIHtMLEscapeController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe
normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkd) # $ result=BAD
normalized_nfc = unicode_html_safe.unicode_normalize(:nfd) # $ result=BAD
end
end
Reference in New Issue View Git Blame Copy Permalink