Sobelow v0.13.0

View Source Sobelow.Traversal.SendDownload (Sobelow v0.13.0)

Directory Traversal in send_download

This submodule checks for directory traversal vulnerabilities in the send_download function of a Phoenix Controller.

Ensure that the path passed to send_download is not user-controlled.

Send Download checks can be ignored with the following command:

$ mix sobelow -i Traversal.SendDownload

Link to this section Summary

Functions

details()
id()
parse_def(fun)
rule()
run(fun, meta_file)

Link to this section Functions

Link to this function

details()

View Source
Link to this function

id()

View Source
Link to this function

parse_def(fun)

View Source
Link to this function

rule()

View Source
Link to this function

run(fun, meta_file)

View Source