Update java/ql/lib/change-notes/2026-06-30-spring-webclient-uri-ssrf.md

Update change note to be more technically accurate

Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
This commit is contained in:
Luis Azanza
2026-07-07 16:21:09 -07:00
committed by GitHub
parent 6ff2a4c0d6
commit b8f8370c33

View File

@@ -1,4 +1,4 @@
---
category: minorAnalysis
---
* The `uri` method of Spring's reactive `WebClient` is now considered a request forgery sink. Previously only the `create` and `baseUrl` methods were considered. This may lead to more alerts for the query `java/ssrf` (Server-side request forgery).
* The first argument of the `uri` method of `WebClient$UriSpec` in `org.springframework.web.reactive.function.client` is now considered a request forgery sink. Previously only the first arguments of the `WebClient.create` and `WebClient$Builder.baseUrl` methods were considered. This may lead to more alerts for the query `java/ssrf` (Server-side request forgery).