whimsical-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Ruby <ru...@apache.org>
Subject [whimsy.git] [1/1] Commit ad2f58f: untaint to/from addresses
Date Fri, 04 Mar 2016 22:49:54 GMT
Commit ad2f58fd99f19e902e4df3cc4697adaeafe5afb2:
    untaint to/from addresses


Branch: refs/heads/master
Author: Sam Ruby <rubys@intertwingly.net>
Committer: Sam Ruby <rubys@intertwingly.net>
Pusher: rubys <rubys@apache.org>

------------------------------------------------------------
www/roster/views/actions/committee.json.rb                   | ++ --
------------------------------------------------------------
4 changes: 2 additions, 2 deletions.
------------------------------------------------------------


diff --git a/www/roster/views/actions/committee.json.rb b/www/roster/views/actions/committee.json.rb
index 87155c8..f7818a9 100644
--- a/www/roster/views/actions/committee.json.rb
+++ b/www/roster/views/actions/committee.json.rb
@@ -30,8 +30,8 @@
   from = ASF::Person.find(env.user)
 
   mail = Mail.new do
-    from "#{from.public_name} <#{from.id}@apache.org>"
-    to "private@#{pmc.mail_list}.apache.org"
+    from "#{from.public_name} <#{from.id}@apache.org>".untaint
+    to "private@#{pmc.mail_list}.apache.org".untaint
     bcc "root@apache.org"
     subject "#{person.public_name} #{action} #{pmc.display_name} #{list}"
     body "Current roster can be found at:\n\n" +

Mime
View raw message