hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 13:15:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Optimize the query

Browse Source
This commit is contained in:
luchua-bc
2021-05-11 16:56:12 +00:00
parent 703fbf139a
commit e7cd6c9972
3 changed files with 22 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/test/experimental/query-tests/security/CWE-094/JythonInjection.java
View File

@@ -22,7 +22,7 @@ public class JythonInjection extends HttpServlet {
super();
}
// BAD: allow arbitrary Jython expression to execute
// BAD: allow execution of arbitrary Python code
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/plain");
String code = request.getParameter("code");
@@ -47,7 +47,7 @@ public class JythonInjection extends HttpServlet {
}
}
// BAD: allow arbitrary Jython expression to evaluate
// BAD: allow execution of arbitrary Python code
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/plain");
String code = request.getParameter("code");