hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Add test for XSS sanitizer

Browse Source
This commit is contained in:
Sauyon Lee
2021-08-04 02:34:31 -07:00
parent 9a5c0f6c73
commit 9c1d5a70e3
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
java/ql/test/query-tests/security/CWE-079/semmle/tests/SpringXSS.java
View File

@@ -5,6 +5,7 @@ import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.util.HtmlUtils;
import java.util.Optional;
@@ -157,4 +158,9 @@ public class SpringXSS {
return userControlled; // $xss
}
}
@GetMapping(value = "/abc")
public static String sanitizedString(String userControlled) {
return HtmlUtils.htmlEscape(userControlled);
}
}