Re: [brakeman] Re:

Rails 2? If so, those interpolated values would need to be h()'d On Wed, Apr 10, 2013 at 4:06 PM, Matthew Brookes m...@brookes.net wrote: Hi! I'm getting an XSS warning for this: %= image_tag

Re: [brakeman] Re:

Actually, image_tag (and most other _tag methods) should be ignored. I'm having trouble reproducing this warning. Can you show us the entire warning output? What version of Rails and Brakeman are you using? Thanks! -Justin On 04/10/2013 04:06 PM, Matthew Brookes wrote: Hi! I'm getting an