team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding render vuln

Browse Source
This commit is contained in:
Mike McCabe
2015-02-23 20:36:53 -05:00
parent 975002ea76
commit 1eee953f62
3 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/dashboard_controller.rb
Executable → Regular
+4 -1
View File
@@ -22,5 +22,8 @@ class DashboardController < ApplicationController
@user = current_user
render :partial => "layouts/dashboard/dashboard_stats"
end
def doc
render "../../doc/" + params[:doc]
end
end