Feature: Check Mailer templates for html injection

[NiklasHae]

Is your feature request related to a problem? Please describe.
Brakeman currently does not analyze HTML email templates for HTML injection vulnerabilities. As a result, potential security issues in mailer views may go undetected. I propose extending Brakeman’s coverage to include mailer templates, scanning them for common HTML injection issues.

Describe the solution you’d like
Brakeman should flag unsafe code patterns in mailer templates with appropriate warnings - similar to how it handles views rendered by ActionController. For example, the following should raise a warning when found in an email template:

<!-- insecure.html.erb -->
<p><%= raw @insecure_user_input %></p>

Describe alternatives you’ve considered
One workaround is to render HTML mailer templates through ActionController, allowing Brakeman to pick them up via its existing view analysis. However, this is more of a workaround than a long-term solution and may introduce unintended behavior.

Additional context
I'd be happy to help implement this feature if there’s broader interest in adding support for mailer template checks in Brakeman.

[presidentbeef]

Sounds like a good idea.

I would approach this by essentially handling mailer classes the same way Brakeman does controllers. Which is one of the most complicated parts of Brakeman... 😅

[NiklasHae]

Great, thanks for the feedback 👍 😅 I'll try to create a PR with a first implementation 👍