hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Autoformat

Browse Source
This commit is contained in:
Chris Smowton
2021-08-16 18:09:40 +01:00
parent 814004e63d
commit ff3f85be49
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/semmle/code/java/security/XSS.qll
View File

@@ -93,8 +93,8 @@ private class DefaultXssSink extends XssSink {
/** A default sanitizer that considers numeric and boolean typed data safe for writing to output. */ /** A default sanitizer that considers numeric and boolean typed data safe for writing to output. */
private class DefaultXSSSanitizer extends XssSanitizer { private class DefaultXSSSanitizer extends XssSanitizer {
DefaultXSSSanitizer() { DefaultXSSSanitizer() {
this.getType() instanceof NumericType or this.getType() instanceof BooleanType this.getType() instanceof NumericType or
or this.getType() instanceof BooleanType or
// Match `org.springframework.web.util.HtmlUtils.htmlEscape` and possibly other methods like it. // Match `org.springframework.web.util.HtmlUtils.htmlEscape` and possibly other methods like it.
this.asExpr().(MethodAccess).getMethod().getName().regexpMatch("(?i)html_?escape.*") this.asExpr().(MethodAccess).getMethod().getName().regexpMatch("(?i)html_?escape.*")
} }