Update examples

maikypedia · maikypedia · commit 64cf3adfd4e2 · 2023-04-13T17:29:14.000+02:00
diff --git a/ruby/ql/src/experimental/template-injection/examples/SSTIBad.rb b/ruby/ql/src/experimental/template-injection/examples/SSTIBad.rb
@@ -9,6 +9,7 @@ def some_request_handler
       <h2>Hello %s </h2></body></html>
       " % name
     template = ERB.new(html_text).result(binding) 
+    render inline: html_text
   end
 end
 
diff --git a/ruby/ql/src/experimental/template-injection/examples/SSTIGood.rb b/ruby/ql/src/experimental/template-injection/examples/SSTIGood.rb
@@ -9,6 +9,7 @@ def some_request_handler
       <h2>Hello <%= name %> </h2></body></html>
       "
     template = ERB.new(html_text).result(binding) 
+    render inline: html_text
   end
 end
 

Original file line number	Diff line number	Diff line change
`@@ -9,6 +9,7 @@ def some_request_handler`
`9`	`9`	`<h2>Hello <%= name %> </h2></body></html>`
`10`	`10`	`"`
`11`	`11`	`template = ERB.new(html_text).result(binding)`
	`12`	`+ render inline: html_text`
`12`	`13`	`end`
`13`	`14`	`end`
`14`	`15`