I was just looking over some code I wrote last year, and found this in
one of my mailers:
@item = eval(params[:item].classify).send(:find, params[:item_id])
The idea here is that I can have the mailer respond to a polymorphic
link helper, and respond with an object reference of the referenced
object, regardless which it was – a Project, Campaign, Asset, Lightbox
– whatever. Inside the mailer erb, any links to that object would be as
simple as
link_to @item.label, polymorphic_url(@item)
…so my mailer messages don’t have to care what sort of object they are
sending a link to. This year, seeing send in the same line as params is
giving me the willies. Hence my question here.
Besides adding some guards around which classes I want to allow this for
(which just occurred to me as I was typing this out) can you recommend
any other techniques to make this less risky? Is there anything built
into the framework that I am overlooking?
Thanks in advance,
Walter
On Sunday, July 10, 2016 at 4:28:39 PM UTC+1, Walter Lee D. wrote:
simple as
framework that I am overlooking?
I would prefer constantize over eval(foo.classify) and public_send over
send. I’d still be happier with a whitelist though, or translating
between
the class name and some string that represents it - security aside,
having
an implementation detail leak out like that doesn’t smell too good.
Fred
link_to @item.label, polymorphic_url(@item)
…so my mailer messages don’t have to care what sort of object they are sending
a link to. This year, seeing send in the same line as params is giving me the
willies. Hence my question here.
Besides adding some guards around which classes I want to allow this for (which
just occurred to me as I was typing this out) can you recommend any other
techniques to make this less risky? Is there anything built into the framework
that I am overlooking?
I would prefer constantize over eval(foo.classify) and public_send over send.
I’d still be happier with a whitelist though, or translating between the class
name and some string that represents it - security aside, having an implementation
detail leak out like that doesn’t smell too good.
Fred
Those are good ideas, thanks, Fred!
Walter