brakeman 4.6.0 → 4.6.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of brakeman might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c08fdc219a1ca48c2559791bd5ddf1053c44090bfad9e436717cb3624f43ea48
4
- data.tar.gz: f99e7f2fe9a34b26120860386d5d42bfdd267ba90d70190875f5cc01bb9c5a4e
3
+ metadata.gz: b3a63b874cc2d00c6cf8c09fa54b80e8539c38dc8cf57441b13c4f4079952fdc
4
+ data.tar.gz: aa7401cc86bd33dad9de38c72a02f0bf8a02e8c60c5464fc92b38babede3f0e3
5
5
  SHA512:
6
- metadata.gz: 1f936807fb350f6424bb663ab14e2024d0e28c38f30dd0d59ed78ddf3476d6e277a01c5f1f793d42ca51465fede65f2dd37e562c6f3a09caca05f9b226d12c97
7
- data.tar.gz: 70f5d66778b8cdad63ff67a3abeea065c8ceb55340c0263f2d5a8ac2805916ff9b764a3e6e281060f751fe2ec0f54e6d86df447cf26f46e365249da0ce350bdd
6
+ metadata.gz: 9784076e00aecded71a8326c848e732342ba5c1b8d83671bbee4a4cca63f62b8383874b544cdf982f68f61febda39b2a9a5d98121c310a3dcfe67c0bb9a09ebe
7
+ data.tar.gz: 59d0925f5ae93eecf39531f1daf0988137785d93bb640916ecfb95a8487d43dc038c43515c373fc930ced4a74ebc9bf1884dd99df710b844dc2e3667e6010d45
data/CHANGES.md CHANGED
@@ -1,3 +1,7 @@
1
+ # 4.6.1
2
+
3
+ * Fix Reverse Tabnabbing warning message (Steffen Schildknecht / Jörg Schiller)
4
+
1
5
  # 4.6.0
2
6
 
3
7
  * Skip calls to `dup`
@@ -46,7 +46,7 @@ class Brakeman::CheckReverseTabnabbing < Brakeman::BaseCheck
46
46
  warn :result => result,
47
47
  :warning_type => "Reverse Tabnabbing",
48
48
  :warning_code => :reverse_tabnabbing,
49
- :message => msg("When opening a link in a new tab without setting ", msg_code('rel: "noopener noreferr"'),
49
+ :message => msg("When opening a link in a new tab without setting ", msg_code('rel: "noopener noreferrer"'),
50
50
  ", the new tab can control the parent tab's location. For example, an attacker could redirect to a phishing page."),
51
51
  :confidence => confidence,
52
52
  :user_input => rel
@@ -1,3 +1,3 @@
1
1
  module Brakeman
2
- Version = "4.6.0"
2
+ Version = "4.6.1"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: brakeman
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.6.0
4
+ version: 4.6.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Justin Collins
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-23 00:00:00.000000000 Z
11
+ date: 2019-07-24 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Brakeman detects security vulnerabilities in Ruby on Rails applications
14
14
  via static analysis.