Enable Security cops

Also fixes a Security/Open offense that couldn't be exploited, because the only invocation of `get_mime_type_from_uri` was validating the input with a `URI::DEFAULT_PARSER` regexp
author: Geremia Taglialatela <[email protected]> 2023-05-23 00:07:36 +0200
committer: Geremia Taglialatela <[email protected]> 2023-05-23 00:07:36 +0200
commit: 088d388e6d4dda42d9278e6da96ac3183ff09dcd (patch)
tree: 876b788707fe36ea1ebe8d23384c0908b5954508 /lib/axlsx
parent: 6752225bbb8a9eec905ec02a98f1a25a309c404a (diff)
download: caxlsx-088d388e6d4dda42d9278e6da96ac3183ff09dcd.tar.gz
caxlsx-088d388e6d4dda42d9278e6da96ac3183ff09dcd.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/axlsx/util/mime_type_utils.rb b/lib/axlsx/util/mime_type_utils.rb
index c2e6909f..fbe39448 100644
--- a/lib/axlsx/util/mime_type_utils.rb
+++ b/lib/axlsx/util/mime_type_utils.rb
@@ -16,7 +16,7 @@ module Axlsx
     # @param [String] v URI
     # @return [String] File mime type
     def self.get_mime_type_from_uri(v)
-      Marcel::MimeType.for(URI.open(v))
+      Marcel::MimeType.for(URI.parse(v).open)
     end
   end
 end
author	Geremia Taglialatela <[email protected]>	2023-05-23 00:07:36 +0200
committer	Geremia Taglialatela <[email protected]>	2023-05-23 00:07:36 +0200
commit	088d388e6d4dda42d9278e6da96ac3183ff09dcd (patch)
tree	876b788707fe36ea1ebe8d23384c0908b5954508 /lib/axlsx
parent	6752225bbb8a9eec905ec02a98f1a25a309c404a (diff)
download	caxlsx-088d388e6d4dda42d9278e6da96ac3183ff09dcd.tar.gz caxlsx-088d388e6d4dda42d9278e6da96ac3183ff09dcd.zip