hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-28 21:03:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Add PrintWriter.format as XSS sink.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2020-08-11 15:15:39 +02:00
parent 0476b97f63
commit 21246624b4
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/src/semmle/code/java/security/XSS.qll
View File

@@ -97,6 +97,7 @@ class WritingMethod extends Method {
(
this.getName().matches("print%") or
this.getName() = "append" or
this.getName() = "format" or
this.getName() = "write"
)
}