Improper input validation can result in potential exploits, leaving systems vulnerable to malicious attacks, compromising data integrity, and undermining overall system security, which should always be a top priority.
1class InputValidation
2 # Noncompliant: Improperly bounded regex passed to validates.
3 validates :username, :length => 6..20, :format => /([a-z][0-9])+/i
4
5 accepts_nested_attributes_for :author, :pages
6end
1class InputValidation
2 # Compliant: Properly bounded regex passed to validates.
3 validates_format_of :good_valid, :with => /\A[a-zA-Z]\z/
4end