hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: fix <p></p> issue

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2018-12-14 13:04:10 +01:00
committed by GitHub
parent bb3e3a541d
commit 487b8c52c6
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/Security/CWE-020/IncompleteHostnameRegExp.qhelp
View File

@@ -55,8 +55,8 @@
<code>example.com</code>, effectively allowing the redirect to go to
an attacker-controlled domain such as <code>wwwXexample.com</code>.
<p>
</p>
<p>
Address this vulnerability by escaping <code>.</code>
appropriately: <code>let regex = /(www|beta|)\.example\.com/</code>.