hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add change note

Browse Source
This commit is contained in:
Chris Smowton
2021-08-03 14:56:52 +01:00
parent 655236c70d
commit 9d31641bb1
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/change-notes/2021-08-03-spring-content-types.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* The XSS query now accounts for more ways to set the content-type of an entity served via a Spring HTTP endpoint. This may flag more cases where an XSS-vulnerable content-type is set, and exclude more cases where a non-vulnerable content-type such as `application/json` is set.