Tiago Pascoal 150854603b Single quote was preventing the shell from expanding the BODY variable ...

While this prevents the attack highlighted in the query help it also prevents it from working.

Double quotes will allow the expansion of the variable while still preventing the attack

2023-06-20 11:38:27 +01:00

..

examples

Single quote was preventing the shell from expanding the BODY variable

2023-06-20 11:38:27 +01:00

CodeInjection.inc.qhelp

JS: add heuristic variants of queries that use RemoteFlowSource

2022-12-19 12:01:22 +01:00

CodeInjection.qhelp

JS: add heuristic variants of queries that use RemoteFlowSource

2022-12-19 12:01:22 +01:00

CodeInjection.ql

fix some more style-guide violations in the alert-messages

2022-10-07 11:22:22 +02:00

ExpressionInjection.qhelp

Update javascript/ql/src/Security/CWE-094/ExpressionInjection.qhelp

2023-05-09 12:23:52 +02:00

ExpressionInjection.ql

Use double curly braces

2023-04-21 19:03:38 +02:00

ImproperCodeSanitization.qhelp

JS/Python/Ruby: s/a HTML/an HTML/

2022-09-30 10:37:52 +01:00

ImproperCodeSanitization.ql

fix some more style-guide violations in the alert-messages

2022-10-07 11:22:22 +02:00

UnsafeCodeConstruction.qhelp

Move explanation of example above sample code

2022-02-09 10:45:24 -08:00

UnsafeCodeConstruction.ql

fix some more style-guide violations in the alert-messages

2022-10-07 11:22:22 +02:00

UnsafeDynamicMethodAccess.qhelp

JS: address doc review

2018-11-21 14:19:14 +00:00

UnsafeDynamicMethodAccess.ql

fix some more style-guide violations in the alert-messages

2022-10-07 11:22:22 +02:00