Class: TaintedLove::Replacer::ReplaceRackFile

Inherits:

Object
Base
TaintedLove::Replacer::ReplaceRackFile

Defined in:: lib/tainted_love/replacer/replace_rack_file.rb

Instance Method Summary collapse

#replace! ⇒ Object

Methods inherited from Base

replacers, #should_replace?

Instance Method Details

#replace! ⇒ `Object`

# File 'lib/tainted_love/replacer/replace_rack_file.rb', line 7

def replace!
  # Assume that Rack::File is used path that are safe
  TaintedLove::Utils::Proxy.new('Rack::File', :call) do
    def before
      env['PATH_INFO'].untaint
    end

    def env
      arguments.first
    end
  end

  TaintedLove.proxy_method('Rack::File', :initialize) do |_, *args|
    args.first.untaint
  end
end