Rails: security cop which finds potential places with SQL injection #102

roman-dubrovsky · 2019-10-01T11:20:48Z

Is your feature request related to a problem? Please describe.

I'd like to have a cop which will help me to find unsecured places where we can apply SQL Injection. This cop can already exist. If not, I think we can suggest it for the rubocop-rails gem.

Additional context.
https://rails-sqli.org

The text was updated successfully, but these errors were encountered:

nikitasakau · 2020-01-22T12:57:30Z

I am not sure that any of existing security cops is about SQL injections. There are cop about eval, json load, yml load, marshal load and files open. https://github.com/rubocop-hq/rubocop/tree/master/lib/rubocop/cop/security

Looks like we need custom cop

roman-dubrovsky added the feature request New feature or request label Oct 1, 2019

roman-dubrovsky changed the title ~~Rails: security cop which will find potential cases with SQL injection~~ Rails: security cop which finds potential places with SQL injection Oct 1, 2019

roman-dubrovsky added the postponed Not valuable for now label Oct 4, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Rails: security cop which finds potential places with SQL injection #102

Rails: security cop which finds potential places with SQL injection #102

roman-dubrovsky commented Oct 1, 2019

nikitasakau commented Jan 22, 2020

Rails: security cop which finds potential places with SQL injection #102

Rails: security cop which finds potential places with SQL injection #102

Comments

roman-dubrovsky commented Oct 1, 2019

nikitasakau commented Jan 22, 2020