Update brakeman ignore warnings since the strategy classes changed

llinneaa · Jul 27, 2017 · 2c9c93e · 2c9c93e
1 parent e1f5f45
commit 2c9c93e
Showing 1 changed file with 20 additions and 1 deletion.
diff --git a/config/brakeman.ignore b/config/brakeman.ignore
@@ -18,8 +18,27 @@
       "user_input": null,
       "confidence": "High",
       "note": "This is binary image data, so MITM attacks are less of a concern in this instance"
+    },
+    {
+      "warning_type": "SSL Verification Bypass",
+      "warning_code": 71,
+      "fingerprint": "99cd0e66f6f031469bebb1bb7677b6966ddda2598546067f895bb2f830ea4125",
+      "message": "SSL certificate verification was bypassed",
+      "file": "lib/coyote/strategies/mca.rb",
+      "line": 21,
+      "link": "http://brakemanscanner.org/docs/warning_types/ssl_verification_bypass/",
+      "code": "Net::HTTP.start(URI.parse(((image.website.url + \"/api/v1/attachment_images/\") + image.canonical_id)).host, URI.parse(((image.website.url + \"/api/v1/attachment_images/\") + image.canonical_id)).port, :use_ssl => (URI.parse(((image.website.url + \"/api/v1/attachment_images/\") + image.canonical_id)).scheme == \"https\"), :verify_mode => (OpenSSL::SSL::VERIFY_NONE))",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "Coyote::Strategies::MCA",
+        "method": "patch"
+      },
+      "user_input": null,
+      "confidence": "High",
+      "note": ""
     }
   ],
-  "updated": "2017-07-21 11:31:31 -0400",
+  "updated": "2017-07-27 12:12:28 -0400",
   "brakeman_version": "3.3.3"
 }