hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 06:12:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update change-notes/2021-02-09-html-templates.md

Browse Source 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
This commit is contained in:
Chris Smowton
2021-02-15 14:39:24 +00:00
committed by GitHub
parent 6f5f1c4829
commit 95008d1ccb
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
change-notes/2021-02-09-html-templates.md
View File

@@ -1,3 +1,2 @@
lgtm,codescanning
* Improved our modelling of Go's builtin `html/template` package to understand that these templates provide context-sensitive escaping of HTML and Javascript special characters. This may reduce false-positive seen by the `go/reflected-xss` query, as well as other queries for which HTML escaping is relevant.
* Improved our modeling of Go's builtin `html/template` package to understand that these templates provide context-sensitive escaping of HTML and Javascript special characters. This may reduce false-positives seen by the `go/reflected-xss` query, as well as other queries for which HTML escaping is relevant.