diff options
author | Egor Homakov <homakov@gmail.com> | 2013-02-01 00:01:11 +0700 |
---|---|---|
committer | Egor Homakov <homakov@gmail.com> | 2013-02-01 00:01:11 +0700 |
commit | baa240d09c09b74e9bc69c91e4b5c9fb5bca2005 (patch) | |
tree | cbf92899e7930347a83d7ad4ed64b1e9391abf24 /activerecord/lib/active_record/querying.rb | |
parent | ee4a2bb23d46ee3e644293ba59b70fa7ecb3f7eb (diff) | |
download | rails-baa240d09c09b74e9bc69c91e4b5c9fb5bca2005.tar.gz rails-baa240d09c09b74e9bc69c91e4b5c9fb5bca2005.tar.bz2 rails-baa240d09c09b74e9bc69c91e4b5c9fb5bca2005.zip |
Use \A in Regexps
So, if there is redirect_to params[:q]
i can send ?q=javascript:asdf()%0A/localpath
Or something more nasty, so please use \A
Diffstat (limited to 'activerecord/lib/active_record/querying.rb')
0 files changed, 0 insertions, 0 deletions