From ec7269b94b9f768b2629e1d75423ff9b0962875c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mr=20Alexandre=20J-S=20William=20ELIS=C3=89?= Date: Mon, 2 Mar 2026 21:34:56 -0400 Subject: [PATCH] sec: Mitigate the attack surface of potential malicious injection Simplify error message for route not found - This change attempts to leave less room to potential attacks possible when double quotes are use without prior sanitize or type enforcement. - By using plain text with single quote we mitigate the issue. --- src/Services/Routes.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Services/Routes.php b/src/Services/Routes.php index 9a45ef9..df38dae 100644 --- a/src/Services/Routes.php +++ b/src/Services/Routes.php @@ -107,7 +107,7 @@ public function offsetGet($path) : array return $this->routes[$path]; } - throw new InvalidArgumentException("Route $path not found."); + throw new InvalidArgumentException('Route not found.'); } /**