Class Brakeman::CheckLinkTo
In: lib/brakeman/checks/check_link_to.rb
Parent: Brakeman::CheckCrossSiteScripting

Checks for calls to link_to in versions of Ruby where link_to did not escape the first argument.

See rails.lighthouseapp.com/projects/8994/tickets/3518-link_to-doesnt-escape-its-input

Methods

Public Instance methods

Check the argument for possible xss exploits

Check if we should warn about the matched result

Check if we should warn about the specified method

Check we should warn about the user input

[Validate]