Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed SQL Injection Hole
  • Loading branch information
Andrew Khoury committed Jul 30, 2014
1 parent 2f0349b commit e52a758
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/Http.coffee
Expand Up @@ -26,7 +26,7 @@ Http = (Bridge,Url) =>
return
token = req.headers.authorization.match(/bearer (.*)/i)[1]
auth_req =
url: "http://auth.wot.io/authenticate_token/#{token}/#{command}/#{path}"
url: "http://auth.wot.io/authenticate_token/#{token}/#{command}/#{path}".replace("'", "''")
json: true
try
request auth_req, (error, response, body) ->
Expand Down

0 comments on commit e52a758

Please sign in to comment.