hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
047ea10a9aa7ab945fe2b2d03f70fd84ee7bfa3e
codeql/go/old-change-notes/2021-02-09-html-templates.md
Chuan-kai Lin aa514fff32 codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00

327 B
Raw Blame History

lgtm,codescanning

  • Improved our modeling of Go's builtin html/template package to understand that these templates provide context-sensitive escaping of HTML and Javascript special characters. This may reduce false-positives seen by the go/reflected-xss query, as well as other queries for which HTML escaping is relevant.