hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Restore OpenRedirect's exclusion of POST-only request components

Browse Source
This commit is contained in:
Chris Smowton
2021-04-19 17:05:23 +01:00
parent 685f4fa2a6
commit a367950014
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ql/src/semmle/go/frameworks/stdlib/NetHttp.qll
View File

@@ -257,7 +257,7 @@ module NetHttp {
or
exists(Method m, string methName |
m.hasQualifiedName("net/http", "Request", methName) and
this = m.getACall()
this = m.getACall().getResult(0)
|
methName = ["Cookie", "Cookies", "MultipartReader", "PostFormValue", "Referer", "UserAgent"]
)