{"id":13880147,"url":"https://github.com/github/tainted_hash","last_synced_at":"2025-10-04T08:32:08.796Z","repository":{"id":2644574,"uuid":"3634153","full_name":"github/tainted_hash","owner":"github","description":null,"archived":true,"fork":false,"pushed_at":"2019-08-29T20:58:52.000Z","size":50,"stargazers_count":56,"open_issues_count":2,"forks_count":19,"subscribers_count":288,"default_branch":"master","last_synced_at":"2025-01-02T10:18:30.973Z","etag":null,"topics":["hash","input-sanitization","rails","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"lao605/shadowsocks_analysis","license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/github.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2012-03-06T03:20:58.000Z","updated_at":"2024-12-26T05:34:14.000Z","dependencies_parsed_at":"2022-08-06T12:30:51.686Z","dependency_job_id":null,"html_url":"https://github.com/github/tainted_hash","commit_stats":null,"previous_names":["technoweenie/tainted_hash"],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/github%2Ftainted_hash","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/github%2Ftainted_hash/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/github%2Ftainted_hash/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/github%2Ftainted_hash/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/github","download_url":"https://codeload.github.com/github/tainted_hash/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235232861,"owners_count":18957059,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hash","input-sanitization","rails","ruby"],"created_at":"2024-08-06T08:02:49.010Z","updated_at":"2025-10-04T08:32:03.519Z","avatar_url":"https://github.com/github.png","language":"Ruby","readme":"# Tainted Hash\n\nA TaintedHash is a wrapper around a normal Hash that only exposes the keys that\nhave been approved.  This is useful in cases where a Hash is built from user\ninput from an external service (such as Rails or Sinatra).  By forcing the \ndeveloper to approve keys, no unexpected keys are passed to data stores.\nBecause of this specific use case, it is assumed all keys are strings.\n\nBy default, no keys have been approved.\n\n```ruby\nhash = {'a' =\u003e 1, 'b' =\u003e 2, 'c' =\u003e 3}\ntainted = TaintedHash.new hash\n```\n\nYou can access keys manually to get the value and approve them:\n\nUse `#expose` to expose keys.\n\n```ruby\ntainted.include?(:a) # false\ntainted['a'] # Returns 1\ntainted[:a]  # Symbols are OK too.\ntainted.include?(:a) # false, not exposed\ntainted.expose :a\ntainted.include?(:a) # true\ntainted.keys # ['a']\n```\n\nIf using Rails 2.3, require `tainted_hash/rails` to setup the necessary hooks.\nIt amounts to little more than this:\n\n```ruby\ndef wrap_params_with_tainted_hash\n  @_params = TaintedHash.new(@_params.to_hash)\nend\n```\n\nSet this up as a `before_filter` early in the stack.  However, it should run\nafter filters like `#filter_parameter_logging` that needs to filter _any_\nkey.\n\n## Note on Patches/Pull Requests\n1. Fork the project on GitHub.\n2. Make your feature addition or bug fix.\n3. Add tests for it. This is important so I don't break it in a future version\n   unintentionally.\n4. Commit, do not mess with rakefile, version, or history. (if you want to have\n   your own version, that is fine but bump version in a commit by itself I can\n   ignore when I pull)\n5. Send me a pull request. Bonus points for topic branches.\n\n","funding_links":[],"categories":["Ruby"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgithub%2Ftainted_hash","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgithub%2Ftainted_hash","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgithub%2Ftainted_hash/lists"}