Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
Brakeman
提交
05b2a725
B
Brakeman
项目概览
李少辉-开发者
/
Brakeman
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
B
Brakeman
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
05b2a725
编写于
6月 17, 2011
作者:
J
Justin Collins
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'master' of github.com:presidentbeef/brakeman
上级
12236638
51647f93
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
12 addition
and
10 deletion
+12
-10
README.md
README.md
+12
-10
未找到文件。
README.md
浏览文件 @
05b2a725
...
...
@@ -17,39 +17,41 @@ From source:
# Usage
brakeman app_path
brakeman [app_path]
It is simplest to run brakeman from the root directory of the Rails application. A path may also be supplied.
# Options
To specify an output file for the results:
brakeman -o output_file
app_path
brakeman -o output_file
The output format is determined by the file extension or by using the
`-f`
option. Current options are:
`text`
,
`html`
,
`csv`
, and
`tabs`
.
To suppress informational warnings and just output the report:
brakeman -q
app_path
brakeman -q
To see all kinds of debugging information:
brakeman -d
app_path
brakeman -d
Specific checks can be skipped, if desired. The name needs to be the correct case. For example, to skip looking for default routes (
`DefaultRoutes`
):
brakeman -x DefaultRoutes
app_path
brakeman -x DefaultRoutes
Multiple checks should be separated by a comma:
brakeman -x DefaultRoutes,Redirect
app_path
brakeman -x DefaultRoutes,Redirect
To do the opposite and only run a certain set of tests:
brakeman -t SQL,ValidationRegex
app_path
brakeman -t SQL,ValidationRegex
To indicate certain methods are "safe":
brakeman -s benign_method,totally_safe
app_path
brakeman -s benign_method,totally_safe
By default, brakeman will assume that unknown methods involving untrusted data are dangerous. For example, this would cause a warning (Rails 2):
...
...
@@ -57,7 +59,7 @@ By default, brakeman will assume that unknown methods involving untrusted data a
To only raise warnings only when untrusted data is being directly used:
brakeman -r
app_path
brakeman -r
# Warning information
...
...
@@ -79,7 +81,7 @@ There are three levels of confidence:
To only get warnings above a given confidence level:
brakeman -w3
app_path
brakeman -w3
The
`-w`
switch takes a number from 1 to 3, with 1 being low (all warnings) and 3 being high (only highest confidence warnings).
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录