From 31ca8e93efa860d73918b57ddddeaedf9917b22d Mon Sep 17 00:00:00 2001 From: erdgeist Date: Mon, 29 Jun 2026 21:39:49 +0200 Subject: Address brakeman security findings - Replace permit! with permit(:locale, :page_path) in AdminHelper#language_selector --- app/helpers/admin_helper.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app') diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb index e5c3d5c..08336ef 100644 --- a/app/helpers/admin_helper.rb +++ b/app/helpers/admin_helper.rb @@ -3,9 +3,9 @@ module AdminHelper def language_selector case I18n.locale when :de - link_to raw('English'), url_for(params.permit!.to_h.merge('locale' => 'en')) + link_to raw('English'), url_for(params.permit(:locale, :page_path).to_h.merge('locale' => 'en')) when :en - link_to raw('Deutsch'), url_for(params.permit!.to_h.merge('locale' => 'de')) + link_to raw('English'), url_for(params.permit(:locale, :page_path).to_h.merge('locale' => 'de')) end end end -- cgit v1.3