This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new aff806fc Drop lingering untaint calls
aff806fc is described below
commit aff806fc788e2ab89bc2620c9c168820a91c39ea
Author: Sebb <[email protected]>
AuthorDate: Wed Feb 26 13:54:12 2025 +0000
Drop lingering untaint calls
[This project is not currently in use]
---
www/project/icla/views/actions/discuss.json.rb | 4 ++--
www/project/icla/views/actions/validate.json.rb | 8 ++++----
www/project/icla/views/actions/vote.json.rb | 4 ++--
3 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/www/project/icla/views/actions/discuss.json.rb
b/www/project/icla/views/actions/discuss.json.rb
index a91abcca..604b7ef7 100644
--- a/www/project/icla/views/actions/discuss.json.rb
+++ b/www/project/icla/views/actions/discuss.json.rb
@@ -76,7 +76,7 @@ token = pmc.name + '-' + date + '-' +
Digest::MD5.hexdigest(@iclaemail)[0..5]
file_name = '/srv/icla/' + token + '.json'
# important not to overwrite any existing files
-err = LockFile.create_ex(file_name.untaint) do |f|
+err = LockFile.create_ex(file_name) do |f|
f.write(JSON.pretty_generate(discussion))
end
if err
@@ -104,7 +104,7 @@ Use this link to discuss:
# create the email to the user
mail = Mail.new do
to user_email
- from user_email.untaint
+ from user_email
subject subject
text_part do
body body_text
diff --git a/www/project/icla/views/actions/validate.json.rb
b/www/project/icla/views/actions/validate.json.rb
index e7f87cfe..dfaf9d35 100644
--- a/www/project/icla/views/actions/validate.json.rb
+++ b/www/project/icla/views/actions/validate.json.rb
@@ -110,12 +110,12 @@ if @votelink and not @votelink.empty?
# attempt to fetch the page
if @votelink =~ /^https?:/i
uri = URI.parse(@votelink)
- http = Net::HTTP.new(uri.host.untaint, uri.port)
+ http = Net::HTTP.new(uri.host, uri.port)
if uri.scheme == 'https'
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end
- request = Net::HTTP::Head.new(uri.request_uri.untaint)
+ request = Net::HTTP::Head.new(uri.request_uri)
response = http.request(request)
unless response.code.to_i < 400
_error "HTTP status #{response.code} for #{@votelink}"
@@ -150,12 +150,12 @@ if @noticelink and not @noticelink.empty?
# attempt to fetch the page
if @noticelink =~ /^https?:/i
uri = URI.parse(@noticelink)
- http = Net::HTTP.new(uri.host.untaint, uri.port)
+ http = Net::HTTP.new(uri.host, uri.port)
if uri.scheme == 'https'
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end
- request = Net::HTTP::Head.new(uri.request_uri.untaint)
+ request = Net::HTTP::Head.new(uri.request_uri)
response = http.request(request)
unless response.code.to_i < 400
_error "HTTP status #{response.code} for #{@noticelink}"
diff --git a/www/project/icla/views/actions/vote.json.rb
b/www/project/icla/views/actions/vote.json.rb
index fe26aa68..920c9ce1 100644
--- a/www/project/icla/views/actions/vote.json.rb
+++ b/www/project/icla/views/actions/vote.json.rb
@@ -75,7 +75,7 @@ token = pmc.name + '-' + date + '-' +
Digest::MD5.hexdigest(@iclaemail)[0..5]
file_name = '/srv/icla/' + token + '.json'
# important not to overwrite any existing files
-err = LockFile.create_ex(file_name.untaint) do |f|
+err = LockFile.create_ex(file_name) do |f|
f.write(JSON.pretty_generate(discussion))
end
if err
@@ -104,7 +104,7 @@ Use this link to vote:
# create the email to the user
mail = Mail.new do
to user_email
- from user_email.untaint
+ from user_email
subject subject
text_part do
body body_text
