ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5693/php/rule.adoc

104 lines
2.1 KiB
Plaintext
Raw Blame History

include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
For https://symfony.com/doc/current/reference/constraints/File.html#maxsize[Symfony Constraints]:
[source,php]
----
use Symfony\Component\Validator\Constraints as Assert;
use Symfony\Component\Validator\Mapping\ClassMetadata;
class TestEntity
{
public static function loadValidatorMetadata(ClassMetadata $metadata)
{
$metadata->addPropertyConstraint('upload', new Assert\File([
'maxSize' => '100M', // Sensitive
]));
}
}
----
For https://laravel.com/docs/8.x/validation#rule-max[Laravel Validator]:
[source,php]
----
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class TestController extends Controller
{
public function test(Request $request)
{
$validatedData = $request->validate([
'upload' => 'required|file', // Sensitive
]);
}
}
----
== Compliant Solution
For https://symfony.com/doc/current/reference/constraints/File.html#maxsize[Symfony Constraints]:
[source,php]
----
use Symfony\Component\Validator\Constraints as Assert;
use Symfony\Component\Validator\Mapping\ClassMetadata;
class TestEntity
{
public static function loadValidatorMetadata(ClassMetadata $metadata)
{
$metadata->addPropertyConstraint('upload', new Assert\File([
'maxSize' => '8M', // Compliant
]));
}
}
----
For https://laravel.com/docs/8.x/validation#rule-max[Laravel Validator]:
[source,php]
----
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class TestController extends Controller
{
public function test(Request $request)
{
$validatedData = $request->validate([
'upload' => 'required|file|max:8000', // Compliant
]);
}
}
----
include::../see.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
include::../parameters.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink