hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update java/ql/src/experimental/Security/CWE/CWE-348/UseOfLessTrustedSource.qhelp

Browse Source 
Co-authored-by: Chris Smowton <smowton@github.com>
This commit is contained in:
haby0
2021-04-30 16:54:28 +08:00
committed by GitHub
parent 711a74c9c9
commit 8142810455
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/experimental/Security/CWE/CWE-348/UseOfLessTrustedSource.qhelp
View File

@@ -4,7 +4,7 @@
<qhelp>
<overview>
<p>An original client IP address is retrieved from an http header (<code>X-Forwarded-For</code> or <code>X-Real-IP</code> or <code>Proxy-Client-IP</code>
etc.), which is used to ensure security or track it in the log for statistical or other reasons. Attackers can forge the value of these identifiers to
etc.), which is used to ensure security. Attackers can forge the value of these identifiers to
bypass a ban-list, for example.</p>
</overview>