mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-06 19:35:13 +02:00
11 lines
342 B
Ruby
11 lines
342 B
Ruby
# Unsafe: Sinatra params concatenated into an XPath expression and passed to
|
|
# Nokogiri's `xpath` method. Suffix matching on `xpath` catches the
|
|
# bound-receiver call directly.
|
|
require 'nokogiri'
|
|
|
|
def lookup(params)
|
|
doc = Nokogiri::XML(File.read("users.xml"))
|
|
user = params[:user]
|
|
expr = "//user[name='#{user}']"
|
|
doc.xpath(expr)
|
|
end
|