KevinMcHugh · August 29, 2015 14:01
diff --git a/test_for_query_risk_vuln.rb b/test_for_query_risk_vuln.rb
 # https://groups.google.com/forum/#!topic/rubyonrails-security/8CVoclw-Xkk
 # be rails r test_for_query_risk_vuln.rb, no guarantee that it's perfect.
 Rails.application.eager_load!
 vulnerable = ActiveRecord::Base.descendants.map do |klass|
  klass.to_s if klass.column_names.include? klass.to_s.underscore.pluralize
 end.uniq
 puts "Take a look at #{vulnerable}!!!!!!" unless vulnerable.compact.empty?
	# https://groups.google.com/forum/#!topic/rubyonrails-security/8CVoclw-Xkk
	# be rails r test_for_query_risk_vuln.rb, no guarantee that it's perfect.
	Rails.application.eager_load!
	vulnerable = ActiveRecord::Base.descendants.map do \|klass\|
	klass.to_s if klass.column_names.include? klass.to_s.underscore.pluralize
	end.uniq
	puts "Take a look at #{vulnerable}!!!!!!" unless vulnerable.compact.empty?