Fix SQL injections

2017-07-20 14:51:57 +02:00 · 2017-07-20 14:51:57 +02:00 · ed11ee4fb4
commit ed11ee4fb4
parent e19410ed75
3 changed files with 4 additions and 3 deletions
--- a/spec/controllers/admin/procedures_controller_spec.rb
+++ b/spec/controllers/admin/procedures_controller_spec.rb
@ -1,4 +1,5 @@
 require 'spec_helper'
+require 'uri'

 describe Admin::ProceduresController, type: :controller do
  let(:admin) { create(:administrateur) }
@ -476,7 +477,7 @@ describe Admin::ProceduresController, type: :controller do
        subject
      end

-      subject { get :path_list, params: {request: procedure2.path} }
+      subject { get :path_list, params: { request: URI.encode(procedure2.path) } }

      it { expect(response.status).to eq(200) }
      it { expect(body.size).to eq(1) }