Skip to content

Commit 345ee5a

Browse files
author
Bill Desmarais
committed
Add open-uri reference
1 parent 301b14e commit 345ee5a

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

README.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,11 +20,12 @@ build tool. The syntax is Rake-like, so it should be familiar to most Rake
2020
users.
2121

2222
Please note: Thor, by design, is a system tool created to allow seamless file and url
23-
access, which should not receive application user input. It relies on open-uri,
23+
access, which should not receive application user input. It relies on [open-uri][open-uri],
2424
which combined with application user input would provide a command injection attack
2525
vector.
2626

2727
[rake]: https://github.com/ruby/rake
28+
[open-uri]: https://ruby-doc.org/stdlib-2.5.1/libdoc/open-uri/rdoc/index.html
2829

2930
Installation
3031
------------

0 commit comments

Comments
 (0)