Sha256: 46761b66ddb6b0d6a01e1e11266b25825cb6491c8c107727686c35b6cf9e42f7

Contents?: true

Size: 460 Bytes

Versions: 6

Compression:

Stored size: 460 Bytes

Contents

module RuboCop
  module Cop
    module Paraxial
      class HTMLSafe < Base
        MSG = '`html_safe` leads to XSS when called on user input'

        def on_send(node)
          method_name = node.method_name
          return unless send_methods.include?(method_name)

          add_offense(node, message: format(MSG, method: method_name))
        end

        private

        def send_methods
          [:html_safe]
        end
      end
    end
  end
end

Version data entries

6 entries across 6 versions & 1 rubygems

Version Path
paraxial-0.6.0 lib/rubocop/cop/paraxial/html_safe.rb
paraxial-0.5.0 lib/rubocop/cop/paraxial/html_safe.rb
paraxial-0.4.0 lib/rubocop/cop/paraxial/html_safe.rb
paraxial-0.3.0 lib/rubocop/cop/paraxial/html_safe.rb
paraxial-0.2.0 lib/rubocop/cop/paraxial/html_safe.rb
paraxial-0.1.0 lib/rubocop/cop/paraxial/html_safe.rb