hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 06:24:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

spelling: characters

Browse Source 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
This commit is contained in:
Josh Soref
2022-10-09 06:40:06 -04:00
parent 0581f2fe1c
commit 9b372f3db4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go/ql/src/experimental/CWE-918/SSRF.qhelp
View File

@@ -14,7 +14,7 @@ server side request forgery attacks, where the attacker controls the request tar
<p>
To guard against server side request forgery, it is advisable to avoid putting user input directly into a
network request. If using user input is necessary, then it must be validated. It is recommended to only allow
user input consisting of alphanumeric characters. Simply URL-encoding other chracters is not always a solution,
user input consisting of alphanumeric characters. Simply URL-encoding other characters is not always a solution,
for example because a downstream entity that is itself vulnerable may decode again before forwarding the request.
</p>
</recommendation>