You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After installing phlex in our main app breakman started throwing warning about:
Confidence: High
Category: Redirect
Check: Redirect
Message: Possible unprotected redirect
Code: redirect_to((params[:redir] or root_path))
Check: Redirect
Message: Possible unprotected redirect
Code: redirect_to((params[:redir] or root_path))
File: app/controllers/accounts_controller.rb
Line: 77
Check: ForgerySetting
Message: `protect_from_forgery` should be called in `Users::SudoController`
File: app/controllers/users/sudo_controller.rb
File: app/controllers/users/sudo_controller.rb
Line: 1
Confidence: High
Category: Cross-Site Request Forgery
Check: ForgerySetting
Message: `protect_from_forgery` should be called in `Turbo::Native::NavigationController`
File: node_modules/@hotwired/turbo-rails/app/controllers/turbo/native/navigation_controller.rb
Line: 1
Confidence: High
Category: Redirect
Check: Redirect
Message: Possible unprotected redirect
Code: redirect_to((params[:redir] or root_path))
File: app/controllers/accounts_controller.rb
Line: 77
This issue only comes up after I add the autoload views for phlex:
Background
Brakeman version: 6.1.0
Rails version: 7.1.0
Ruby version: 3.2.2
Link to Rails application code: ?
Issue
After installing phlex in our main app breakman started throwing warning about:
This issue only comes up after I add the autoload views for phlex:
Other Error
Nothing else weird that the brakeman log from above doesn't have
Stack trace:
I can add it but we have a big app so this would be huge.
The text was updated successfully, but these errors were encountered: