You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@whimsical.apache.org by ru...@apache.org on 2018/03/05 23:18:17 UTC
[whimsy] branch master updated: Fix SecurityError: tainted from_addr
This is an automated email from the ASF dual-hosted git repository.
rubys pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new 76246bb Fix SecurityError: tainted from_addr
76246bb is described below
commit 76246bb21386ba56b1a508cd4eb7e71208beade8
Author: Sam Ruby <ru...@intertwingly.net>
AuthorDate: Mon Mar 5 18:18:01 2018 -0500
Fix SecurityError: tainted from_addr
---
www/secretary/workbench/personalize.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/www/secretary/workbench/personalize.rb b/www/secretary/workbench/personalize.rb
index dae98e8..c451adb 100644
--- a/www/secretary/workbench/personalize.rb
+++ b/www/secretary/workbench/personalize.rb
@@ -24,7 +24,7 @@ class Wunderbar::JsonBuilder
person = ASF::Person.find(user)
- @from = "#{person.public_name} <#{...@apache.org>"
+ @from = "#{person.public_name} <#{...@apache.org>".untaint
@sig = %{
-- #{person.public_name}
Apache Software Foundation Secretarial Team
--
To stop receiving notification emails like this one, please contact
rubys@apache.org.