adding render vuln
This commit is contained in:
Mike McCabe
Executable → Regular
+4
-1
@@ -22,5 +22,8 @@ class DashboardController < ApplicationController
|
||||
@user = current_user
|
||||
render :partial => "layouts/dashboard/dashboard_stats"
|
||||
end
|
||||
|
||||
|
||||
def doc
|
||||
render "../../doc/" + params[:doc]
|
||||
end
|
||||
end
|
||||
|
||||
Executable → Regular
+3
-1
@@ -27,13 +27,15 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<center><b>Need help using this portal? Check out the <a href="doc?doc=README_FOR_APP">Readme</a></b></center>
|
||||
</div> <!-- end span12 -->
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
|
||||
<script type="text/javascript">
|
||||
|
||||
function makeActive(){
|
||||
|
||||
Executable → Regular
+1
-1
@@ -6,7 +6,7 @@ Railsgoat::Application.routes.draw do
|
||||
match "forgot_password" => "password_resets#forgot_password"
|
||||
get "password_resets" => "password_resets#confirm_token"
|
||||
post "password_resets" => "password_resets#reset_password"
|
||||
|
||||
get "dashboard/doc" => "dashboard#doc"
|
||||
|
||||
resources :sessions do
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user