summaryrefslogtreecommitdiff
path: root/app/helpers
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2026-06-29 21:39:49 +0200
committererdgeist <erdgeist@erdgeist.org>2026-06-30 19:21:25 +0200
commit31ca8e93efa860d73918b57ddddeaedf9917b22d (patch)
treeedec3c7176e2e68876357ada18aaf2a2b891ce17 /app/helpers
parentebad58c71661b62ec62f7e77ec977bda2b5bc0a3 (diff)
Address brakeman security findingsHEADmaster
- Replace permit! with permit(:locale, :page_path) in AdminHelper#language_selector
Diffstat (limited to 'app/helpers')
-rw-r--r--app/helpers/admin_helper.rb4
1 files changed, 2 insertions, 2 deletions
diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb
index e5c3d5c..08336ef 100644
--- a/app/helpers/admin_helper.rb
+++ b/app/helpers/admin_helper.rb
@@ -3,9 +3,9 @@ module AdminHelper
3 def language_selector 3 def language_selector
4 case I18n.locale 4 case I18n.locale
5 when :de 5 when :de
6 link_to raw('<span class="inactive">English</span>'), url_for(params.permit!.to_h.merge('locale' => 'en')) 6 link_to raw('<span class="inactive">English</span>'), url_for(params.permit(:locale, :page_path).to_h.merge('locale' => 'en'))
7 when :en 7 when :en
8 link_to raw('<span class="inactive">Deutsch</span>'), url_for(params.permit!.to_h.merge('locale' => 'de')) 8 link_to raw('<span class="inactive">English</span>'), url_for(params.permit(:locale, :page_path).to_h.merge('locale' => 'de'))
9 end 9 end
10 end 10 end
11end 11end