presidentbeef / inject-some-sql Goto Github PK
View Code? Open in Web Editor NEWHave fun injecting SQL into a Ruby on Rails application!
Home Page: https://rails-sqli.org
License: MIT License
Have fun injecting SQL into a Ruby on Rails application!
Home Page: https://rails-sqli.org
License: MIT License
@presidentbeef Rails 7 and 7.1 and current main has the same list of dangerous methods as 6 and I wonder if you would be open to a pull request changing Rails 6 to Rails 6+
or Rails 6 onwards
.
Alternatively the same page could be copied to Rails 7.
Hi, rails shoud be upgraded to 3.2.12
Regards, Karlo.
Hi,
I've referred a bunch of people http://rails-sqli.org through the years, it's a visceral experience for most (followed quickly by some frantic commits).
Would it be relevant to update it to document behaviour in Rails 4.2+ versions? Do you think it would be a tricky upgrade, or should it be an easy enough first contribution?
bundle install
in rails5
directory fails with
Fetching json 1.8.3
Installing json 1.8.3 with native extensions
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
current directory: /home/quintasan/.rvm/gems/ruby-2.4.2/gems/json-1.8.3/ext/json/ext/generator
make "DESTDIR="
compiling generator.c
generator.c: In function ‘generate_json’:
generator.c:861:25: error: ‘rb_cFixnum’ undeclared (first use in this function)
} else if (klass == rb_cFixnum) {
^
generator.c:861:25: note: each undeclared identifier is reported only once for each function it appears in
generator.c:863:25: error: ‘rb_cBignum’ undeclared (first use in this function)
} else if (klass == rb_cBignum) {
^
generator.c: At top level:
cc1: warning: unrecognized command line option ‘-Wno-self-assign’
cc1: warning: unrecognized command line option ‘-Wno-constant-logical-operand’
cc1: warning: unrecognized command line option ‘-Wno-parentheses-equality’
cc1: warning: unrecognized command line option ‘-Wno-tautological-compare’
Makefile:241: recipe for target 'generator.o' failed
make: *** [generator.o] Error 1
make failed, exit code 2
Gem files will remain installed in /home/quintasan/.rvm/gems/ruby-2.4.2/gems/json-1.8.3 for inspection.
Results logged to /home/quintasan/.rvm/gems/ruby-2.4.2/extensions/x86_64-linux/2.4.0/json-1.8.3/gem_make.out
An error occurred while installing json (1.8.3), and Bundler cannot continue.
Make sure that `gem install json -v '1.8.3'` succeeds before bundling.
In Gemfile:
sdoc was resolved to 0.4.2, which depends on
json
Updating json
gem solves the issue.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.