Add RequestForgerySanitizer

2026-05-01 11:45:14 +02:00 · 2021-06-17 14:58:27 +02:00
parent 0c71393171
commit 3ec2c1308e
3 changed files with 12 additions and 2 deletions
--- a/java/ql/test/query-tests/security/CWE-749/UnsafeAndroidAccess.java
+++ b/java/ql/test/query-tests/security/CWE-749/UnsafeAndroidAccess.java
@@ -147,6 +147,6 @@ public class UnsafeAndroidAccess extends Activity {

 		String thisUrl = getIntent().getStringExtra("url");
 		// This should be considered safe - the query lacks a proper sanitizer for partial URLs.
-		wv.loadUrl("https://www.mycorp.com/" + thisUrl); // $ SPURIOUS: hasUnsafeAndroidAccess
+		wv.loadUrl("https://www.mycorp.com/" + thisUrl);
 	}
 }