hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4141 from esbena/js/clarify-sanitization

Browse Source 
JS: make sanitization a "common" technique rather than "important"
This commit is contained in:
Esben Sparre Andreasen
2020-08-27 08:08:17 +02:00
committed by GitHub
parent 01a61469d3 d27442e846
commit 67278d9c93
6 changed files with 41 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/Security/CWE-020/IncompleteHostnameRegExp.qhelp
View File

@@ -6,7 +6,7 @@
<overview>
<p>
Sanitizing untrusted URLs is an important technique for
Sanitizing untrusted URLs is a common technique for
preventing attacks such as request forgeries and malicious
redirections. Often, this is done by checking that the host of a URL
is in a set of allowed hosts.

2
python/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.qhelp
View File

@@ -6,7 +6,7 @@
<overview>
<p>
Sanitizing untrusted URLs is an important technique for
Sanitizing untrusted URLs is a common technique for
preventing attacks such as request forgeries and malicious
redirections. Usually, this is done by checking that the host of a URL
is in a set of allowed hosts.