hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
revert-4653-feature/csharp9-relational-pattern
codeql/csharp/ql/test/query-tests/Security Features/CWE-838/UrlEncode.cs
Pavel Avgustinov b55526aa58 QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00

21 lines
513 B
C#
Raw Permalink Blame History

using System;
using System.Web;
using System.Net;
public class UrlEncode
{
public static void Bad(string value, HttpContext ctx)
{
var user = WebUtility.UrlDecode(ctx.Request.QueryString["user"]);
ctx.Response.Redirect("?param=" + WebUtility.HtmlEncode(user));
}
public static void Good(string value, HttpContext ctx)
{
var user = WebUtility.UrlDecode(ctx.Request.QueryString["user"]);
ctx.Response.Redirect("?param=" + WebUtility.UrlEncode(user));
}
}
Reference in New Issue View Git Blame Copy Permalink