Skip to content

Commit

Permalink
fix(xss): prevent redis xss vulnerability (#832)
Browse files Browse the repository at this point in the history
  • Loading branch information
mhenrixon authored Feb 12, 2024
1 parent 242d91f commit 6a9ab1d
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion lib/sidekiq_unique_jobs/web.rb
Original file line number Diff line number Diff line change
Expand Up @@ -85,8 +85,9 @@ def self.registered(app) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize

app.get "/locks/:digest/jobs/:job_id/delete" do
@digest = h(params[:digest])
@job_id = h(params[:job_id])
@lock = SidekiqUniqueJobs::Lock.new(@digest)
@lock.unlock(params[:job_id])
@lock.unlock(@job_id)

redirect_to "locks/#{@lock.key}"
end
Expand Down

0 comments on commit 6a9ab1d

Please # to comment.