diff options
author | yui-knk <spiketeika@gmail.com> | 2015-09-25 08:49:57 +0900 |
---|---|---|
committer | yui-knk <spiketeika@gmail.com> | 2015-09-25 08:49:57 +0900 |
commit | 14d265217a40a98f430961fd5e32713176ceccf9 (patch) | |
tree | 2b4804160e37e5fb6dcf3a360190bcf38feee2cf /actionview/test/actionpack/controller/view_paths_test.rb | |
parent | 4a375a83deab7a3089e718a1d18ddc4c2846cd40 (diff) | |
download | rails-14d265217a40a98f430961fd5e32713176ceccf9.tar.gz rails-14d265217a40a98f430961fd5e32713176ceccf9.tar.bz2 rails-14d265217a40a98f430961fd5e32713176ceccf9.zip |
Quote prepared statements of `sanitize_sql_array`
Sure unquoted SQL code pass test, but this % style prepared statements
are dangerous. Test codes and code examples are also "Rails" codes,
so quote placeholder of prepared statements.
Diffstat (limited to 'actionview/test/actionpack/controller/view_paths_test.rb')
0 files changed, 0 insertions, 0 deletions