safe-methods: pass "pointed" methods?

presidentbeef / brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

https://brakemanscanner.org/

Other

6.98k stars 726 forks source link

safe-methods: pass "pointed" methods? #1738

Open akimd opened 1 year ago

akimd commented 1 year ago

Hi,

I'm using Sanitize.fragment(str) to sanitize, but --safe-methods=Sanitize.fragment does not work, I have to decay this into --safe-methods=fragment. But I feel less secure this way. It would be nice to have richer means to specify the safe methods.

Cheers!

presidentbeef commented 1 year ago

:thinking: I think this would not be too hard to support.