tainted-url-host
ssrf_filter
gem and guard the url construction with SsrfFilter(...)
, or create an allowlist for approved hosts.raw-html-format
render template
and make template files which will safely render HTML instead, or inspect that the HTML is absolutely rendered safely with a function like sanitize
.tainted-sql-string