curl shellout is not escaped properly - Githubissues

percy / percy-capybara

Visual testing for Capybara with Percy.

https://docs.percy.io/docs/capybara

MIT License

45 stars 23 forks source link

curl shellout is not escaped properly #1

Closed mikz closed 9 years ago

mikz commented 9 years ago

The url variable is not properly escaped when calling curl in httpfetcher. https://github.com/percy/percy-capybara/blob/19d40eca89b76b98af6f0a1d012f8aa285d7ac8c/lib/percy/capybara/httpfetcher.rb#L21

It should use shellescape to prevent breaking on spaces etc.

fotinakis commented 9 years ago

Fixed with https://github.com/percy/percy-capybara/commit/fcccd648e3fe66cd3cad8bc87ea317f23e0c5c21 and released as v0.4.8.