Class | Brakeman::CheckSkipBeforeFilter |
In: |
lib/brakeman/checks/check_skip_before_filter.rb
|
Parent: | Brakeman::BaseCheck |
At the moment, this looks for
skip_before_filter :verify_authenticity_token, :except => [...]
which is essentially a blacklist approach (no actions are checked EXCEPT the ones listed) versus a whitelist approach (ONLY the actions listed will skip the check)