Fix sql injection vulnerability with Rails find_by_* calls

professor / whiteboard

Carnegie Mellon University - Silicon Valley Campus - Learn By Doing Curriculum Tool

37 stars 61 forks source link

Open kdoba opened 10 years ago

kdoba commented 10 years ago

The fix is to convert the params into string before calling findby* functions