hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 23:02:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update other file too

Browse Source
This commit is contained in:
Simon Taranto
2020-08-24 09:00:26 -06:00
committed by GitHub
parent 7adf477e2d
commit bd9100eb4e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ql/src/Security/CWE-079/ReflectedXssGood.go
View File

@@ -11,7 +11,7 @@ func serve1() {
r.ParseForm()
username := r.Form.Get("username")
if !isValidUsername(username) {
// BAD: a request parameter is incorporated without validation into the response
// GOOD: a request parameter is escaped before being put into the response
fmt.Fprintf(w, "%q is an unknown user", html.EscapeString(username))
} else {
// TODO: do something exciting