Declare func() as safe method in phan - nextcloud-server.git - Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

diff options

author	Morris Jobke <hey@morrisjobke.de>	2018-04-16 14:56:54 +0200
committer	Morris Jobke <hey@morrisjobke.de>	2018-04-17 10:58:00 +0200
commit	1f06bc246c1de15d835ea563b5d5c4f820fa6df8 (patch)
tree	5f80efacd76150a9801887696551799cd19ffaeb /index.html
parent	056660bf7ce0e587be7276e640e424280ff66804 (diff)
download	nextcloud-server-1f06bc246c1de15d835ea563b5d5c4f820fa6df8.tar.gz nextcloud-server-1f06bc246c1de15d835ea563b5d5c4f820fa6df8.zip

Declare func() as safe method in phan

We added a special `func()` method to the query builder, which is a plain text function by definition. It uses the string and does no escaping on purpose. It has the potential for an injection but requiring to add the "supress warning" to all surrounding code makes it harder to spot actual problems, that this plugin want to find. So it's better to only need to check the func() and not all the surrounding code as well. Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Diffstat (limited to 'index.html')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: