ruby-on-rails ruby ruby-on-rails-4 brakeman

Unescaped model attribute

I have installed brakeman and getting security vulnerabilities.

Here is my warning

Unescaped model attribute rendered inline near line 24: render(inline => SendGridMailer.weekly_email([current_user], WeeklyNewsletterFactory.new.email(:preview => true)).html_part.body.raw_source, {})

Line:24

render inline: SendGridMailer.weekly_email([current_user], email).html_part.body.raw_source

I have tried this solution as suggested by brakeman but after doing this I start getting error Could not parse

render(inline: SendGridMailer.weekly_email([current_user], email).html_part.body.raw_source,{})

Rails - 4.2.4
Brakeman - 3.1.2
Ruby - 2.3.1

Solution

You can make use of Premailer::Rails::Hook.perform

Premailer::Rails::Hook.perform(SendGridMailer.weekly_email([current_user], email)).html_part.body.raw_source

rintrojs only shows first dialog in Safari
Automatically read a column of lowercases True and False as logical
How do I add counts to a stacked bar graph?
Counting the number of rows between each pair of months?
How to create a conditional panel using a reactive object that is passed from another module?
Plot multiple normalized stock charts from different dates into a single plot
Select columns based on string match - dplyr::select
Looking for a more efficient way to replace matrix elements
modelsummary modelplot: change linewidth
custom R function with group argument does not work while using the filter
ggsurvplot function, risk table alignment problem
plot running average in ggplot2
Calling variable in df within function
How to find position of running minimum (runMin) in a vector in R?
Using httr2::last_response() in conjunction with purrr::possibly()
Cropping a raster using terra does not return the expected extent
Can janitor::clean_names be used on only certain columns in a data frame?
Efficient way of row binding time series in a data.table, with correctly sorted timestamps
Defining optional arguments in R when more complex function
Can I change the cursor in plotly only when hovering over points?
Issue Loading RStoolbox: "Cannot find proj.db" Error
Filter CSV files for specific value before importing
Matching the same lines from 2 different files and 2 columns
Conditional coloring and outer borders in pdf KableExtra table in R
How can I use observe
Posterior predictive check for GAM (mgcv in R)
Embed images in plotly tick labels
Product of two beta distributions
R: how to include a character between two repeted items in R?
Categorizing data from 7 columns into 2