Changeset [99ca512940252125e1ded1d95c996de63f06fcc5] by Johnny Shields
January 18th, 2018 @ 04:42 AM
Small security fixes (#697)
- Add brakeman to gemfile
- Protect from forgery with exception
- Remove references to params['controller'] and params['action'] in application helper
- Fix potentially unsafe code in timeago method and ignore noise in brakeman https://github.com/fatfreecrm/fat_free_crm/commit/99ca512940252125e...
Committed by Johnny Shields
- A config/brakeman.ignore
- M ".rubocop_todo.yml"
- M Gemfile
- M Gemfile.lock
- M app/controllers/application_controller.rb
- M app/helpers/application_helper.rb
- M app/views/accounts/_account.html.haml
- M app/views/admin/users/_user.html.haml
- M app/views/campaigns/_campaign.html.haml
- M app/views/contacts/_contact.html.haml
- M app/views/leads/_lead.html.haml
- M app/views/opportunities/_opportunity.html.haml
- M spec/helpers/application_helper_spec.rb
- M spec/views/accounts/show.haml_spec.rb
- M spec/views/campaigns/show.haml_spec.rb
- M spec/views/contacts/show.haml_spec.rb
- M spec/views/leads/show.haml_spec.rb
- M spec/views/opportunities/show.haml_spec.rb
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
Ruby on Rails CRM platform for Web 2.0 and beyond