hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-22 09:53:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
edc93dfeb747225990b756f4df609f2e7d8d4f7a
codeql/ruby/ql/test/query-tests/experimental/cwe-176/unicode_normalization.rb
Sim4n6 f7f0564e36 added one more test
2023-05-20 18:00:27 +01:00

39 lines
1.4 KiB
Ruby
Raw Blame History

require "erb"
include ERB::Util
require 'cgi'
class UnicodeNormalizationOKController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
normalized_nfkc = unicode_input.unicode_normalize(:nfkc) # $MISSING:result=OK
normalized_nfc = unicode_input.unicode_normalize(:nfc) # $MISSING:result=OK
end
end
class UnicodeNormalizationStrManipulationController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
unicode_input_manip = unicode_input.sub(/[aeiou]/, "*")
normalized_nfkc = unicode_input_manip.unicode_normalize(:nfkc) # $result=BAD
normalized_nfc = unicode_input_manip.unicode_normalize(:nfc) # $result=BAD
end
end
class UnicodeNormalizationHtMLEscapeController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
unicode_html_safe = html_escape(unicode_input)
normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkc) # $result=BAD
normalized_nfc = unicode_html_safe.unicode_normalize(:nfc) # $result=BAD
end
end
class UnicodeNormalizationCGIHtMLEscapeController < ActionController::Base
def unicodeNormalize
unicode_input = params[:unicode_input]
unicode_html_safe = CGI.escapeHTML(unicode_input).html_safe
normalized_nfkc = unicode_html_safe.unicode_normalize(:nfkd) # $result=BAD
normalized_nfc = unicode_html_safe.unicode_normalize(:nfd) # $result=BAD
end
end
Reference in New Issue View Git Blame Copy Permalink