Skip to content

Commit e52a758

Browse files
author
Andrew Khoury
committed
Fixed SQL Injection Hole
1 parent 2f0349b commit e52a758

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: lib/Http.coffee

+1-1
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ Http = (Bridge,Url) =>
2626
return
2727
token = req.headers.authorization.match(/bearer (.*)/i)[1]
2828
auth_req =
29-
url: "http://auth.wot.io/authenticate_token/#{token}/#{command}/#{path}"
29+
url: "http://auth.wot.io/authenticate_token/#{token}/#{command}/#{path}".replace("'", "''")
3030
json: true
3131
try
3232
request auth_req, (error, response, body) ->

0 commit comments

Comments
 (0)