hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Note resolved spurious results

Browse Source
This commit is contained in:
Chris Smowton
2021-08-03 14:50:54 +01:00
parent d940085384
commit b47939c737
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/test/query-tests/security/CWE-079/semmle/tests/SpringXSS.java
View File

@@ -139,12 +139,12 @@ public class SpringXSS {
@GetMapping(value = "/xyz", produces = {"application/json"})
public ResponseEntity<String> overridesWithSafe(String userControlled) {
return ResponseEntity.ok(userControlled); // $SPURIOUS: xss
return ResponseEntity.ok(userControlled);
}
@GetMapping(value = "/abc")
public ResponseEntity<String> overridesWithSafe2(String userControlled) {
return ResponseEntity.ok().contentType(MediaType.APPLICATION_JSON).body(userControlled); // $SPURIOUS: xss
return ResponseEntity.ok().contentType(MediaType.APPLICATION_JSON).body(userControlled);
}
}