Home Unescaped model attribute
Reply: 0

Unescaped model attribute

user797 Published in August 14, 2018, 8:26 am

I have installed brakeman and getting security vulnerabilities.

Here is my warning

Unescaped model attribute rendered inline near line 24: render(inline => SendGridMailer.weekly_email([current_user], WeeklyNewsletterFactory.new.email(:preview => true)).html_part.body.raw_source, {})


render inline: SendGridMailer.weekly_email([current_user], email).html_part.body.raw_source

I have tried this solution as suggested by brakeman but after doing this I start getting error Could not parse

render(inline: SendGridMailer.weekly_email([current_user], email).html_part.body.raw_source,{}) 

Rails - 4.2.4
Brakeman - 3.1.2
Ruby - 2.3.1

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.426777 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO