Fix warning on `params.to_json`

3165ca4b · Justin Collins · 55dfb5ab · 3165ca4b
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

lib/brakeman/checks/check_cross_site_scripting.rb lib/brakeman/checks/check_cross_site_scripting.rb +1 -0

未找到文件。
--- a/lib/brakeman/checks/check_cross_site_scripting.rb
+++ b/lib/brakeman/checks/check_cross_site_scripting.rb
@@ -66,6 +66,7 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
      @known_dangerous << :to_json
      Brakeman.debug("Automatic to_json escaping not enabled, consider to_json dangerous")
    else
+      @safe_input_attributes << :to_json
      Brakeman.debug("Automatic to_json escaping is enabled.")
    end