better code injection handling for ruby

2016-06-28 17:36:00 +08:00
parent 8dc22d2bda
commit 9e216c0ca2
23 changed files with 2198 additions and 0 deletions
--- a/modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/RubyClientCodegen.java
+++ b/modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/RubyClientCodegen.java
@@ -712,4 +712,15 @@ public class RubyClientCodegen extends DefaultCodegen implements CodegenConfig {
        //
        //return super.shouldOverwrite(filename) && !filename.endsWith("_spec.rb");
    }
+
+    @Override
+    public String escapeQuotationMark(String input) {
+        // remove ' to avoid code injection
+        return input.replace("'", "");
+    }
+
+    @Override
+    public String escapeUnsafeCharacters(String input) {
+        return input.replace("=end", "");
+    }
 }