@presidentbeef presidentbeef released this Feb 10, 2014 · 2460 commits to master since this release

  • Add version check for SafeBuffer vulnerability
  • Add check for select vulnerability in Rails 3
  • select() is no longer considered safe in Rails 2
  • Add check for skipping CSRF protection with a blacklist
  • Add JSON report format
  • Model#id should not be considered XSS
  • Standardize methods to check for SQL injection
  • Fix Rails 2 route parsing issue with nested routes