Changes:
- Fix Rails 3 configuration parsing
- Check both t() and translate() for cross-site scripting bug
Just a small release to get the Rails 3 config fix out.
Rails 3 Configuration Parsing
There was an issue that would cause Brakeman to crash on certain configurations. This has been fixed.
Look for t()
Both the translate
and its shorter alias t
will cause the warning about the cross-site scripting bug in them to be set to high confidence. If neither of these functions are found in the application, the confidence is set to medium.
Reporting Issues
Thank you to everyone who reported bugs and contributed to this release!
Please report any issues with this release. Take a look at this guide to reporting Brakeman problems.
Hang out on GitHub for questions and discussion.