Skip to content

Commit 0597b2e

Browse files
committed
Ruby: recognise csrf_meta_tag
csrf_meta_tag is an alias for csrf_meta_tags, retained for backwards compatibility.
1 parent f19a5a9 commit 0597b2e

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

ruby/ql/src/queries/security/cwe-352/CSRFProtectionNotEnabled.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,6 @@ where
4444
(
4545
railsPreVersion3()
4646
or
47-
not any(MethodCall m).getMethodName() = "csrf_meta_tags"
47+
not any(MethodCall m).getMethodName() = ["csrf_meta_tags", "csrf_meta_tag"]
4848
)
4949
select c, "Potential CSRF vulnerability due to forgery protection not being enabled."

0 commit comments

Comments
 (0)