Fix code scanning alert no. 11: Use of `Kernel.open` or `IO.read` or similar sinks with a non-constant value

Open george-gca opened this issue 1 year ago • 1 comments

Fixes https://github.com/george-gca/multi-language-al-folio/security/code-scanning/11

To fix the problem, we will replace the use of URI.open with URI(url).open. This change ensures that the URL is parsed and validated before being opened, reducing the risk of command injection. We will make this change in the download_fonts and download_images methods.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

Sep 24 '24 19:09 george-gca

Deploy Preview for multi-language-al-folio failed. Why did it fail? →

Name	Link
Latest commit	000995bc8630ac713b7c600ea7029ad47b32763a
Latest deploy log	https://app.netlify.com/sites/multi-language-al-folio/deploys/66f313350ab436000831fd09

Sep 24 '24 19:09 netlify[bot]

Fix code scanning alert no. 11: Use of `Kernel.open` or `IO.read` or similar sinks with a non-constant value

❌ Deploy Preview for multi-language-al-folio failed. Why did it fail? →

Deploy Preview for multi-language-al-folio failed. Why did it fail? →