I have recently installed brakeman and ran the gem on my system. One error it is picking up is in relation to what I believe is a parenthesis.
The line of code it is picking an error up on is:
%p=link_to("Click here", url_for(only_path: false, host: ConfigSetting.get("FORGET_PASSWORD_HOST_PREFIX","localhost"), account_new_passwd_reset_path(key: @guid)))
I have recently updated syntax which required an extra parenthesis after the 'account_new_passwd_path'. I believe this is the issue but I cannot understand why.
The outdated code I had was:
%p=link_to("Click here", url_for(:only_path=>false, :host=>ConfigSetting.get("FORGET_PASSWORD_HOST_PREFIX","localhost"), :controller=>:account, :action=>:new_passwd_reset, :key=>@guid))
As you can see in terms of the routing it is the biggest change around the key @guid area. Any ideas?
The error I am receiving is 'Error: app/views/passwd_reset_mailer/password_reset.haml:3 :: parse error on value ")" (tRPAREN) Could not parse app/views/passwd_reset_mailer/password_reset.haml'
The problem is the order of arguments. Keyword arguments need to be at the end of the argument list. But then there is another issue that using a url helper together with url_for doesn't really makes sense.
Just change:
%p=link_to(
"Click here",
url_for(
only_path: false,
host: ConfigSetting.get("FORGET_PASSWORD_HOST_PREFIX","localhost"),
account_new_passwd_reset_path(key: @guid)
)
)
to
%p=link_to(
"Click here",
account_new_passwd_reset_url(
host: ConfigSetting.get("FORGET_PASSWORD_HOST_PREFIX","localhost"),
key: @guid
)
)
Please note the _url instead of the _path suffix, which test Rails to build a full URL including the hostname.